Education Insights – support students through data, responsibly.

Education Insights – support students through data, responsibly.

This article is contributed. See the original author and article here.

 


EllaBenTov_0-1655191714929.png


 


Education Insights aims to facilitate data-driven decisions, as we believe that data-informed educators and education leaders make the most significant impact in their schools.  As an education professional, supporting students’ learning journeys while protecting their wellbeing is what you do. We’re here to help you identify needs and provide support from an informed perspective. We also highly value individual and organizational privacy and are committed to defending and protecting privacy for every student.


 


For those reasons, we provide Education Insights with attention to maintaining the highest external compliance standards, meeting GDPR, FERPA and other industry standards, as well as our own rigorous ethical and responsibility standards as established by Microsoft principles for Responsible AI.


 


In this blog, we will review some of the guidelines and practices Education Insights uses to help you leverage data to support your students, while maintaining peace of mind regarding your students’ data privacy and security. Additionally, we will provide some suggestions for to how to communicate Education Insights to your school community.


 


Guidelines and practices 


 


1. High compliance standards  


The information collected and shown through Insights meets national, regional, and industry-specific regulations for data collection and use, including GDPR and the Family Education Rights and Privacy Act (FERPA) for students and children’s security.


 


2. Students learning data only  


Students’ digital activity data collected by Insights includes only their activity in the context of the class and of the learning journey, such as accessing learning materials, participating in meetings, uploading a resume, etc. We do not collect information about students’ private activities such as message content or working on personal files. We also respect educators’ privacy, hence no activity data from educators is displayed


 


3. Supportive and non-judgmental language 


We believe that educators know their students best and are well positioned to make decisions about supporting their students. Education Insights doesn’t make judgements about students or educators. It aims to shine a light on student learning and digital engagement trends by providing meaningful activity data, leaving it up to the educator to follow up with students and to adapt instruction as they see fit.


 


4. Data access only for those who need it 


To preserve students’ privacy, each person in the school community has access only to data relevant to them:



  • Educators can only see the activity of students assigned to their classes. They cannot access data from other classes unless a collaborating educator has shared it with them.

  • Education leaders get an organizational view of their students’ activity that depends on their role, organization affiliation, and the permissions assigned to them by the IT Admin.


Education Insights data belongs to the school or institution. Microsoft simply collects the data, analyzes, and stores it. Microsoft engineering does not have direct access to student data and all access is strictly controlled, logged and audited, you can learn more about it here.


 


5. Transparency for everyone   


We are transparent in the data that is collected and how we use it. Each individual student also has a dedicated support page with authenticated access allowing them to see activity signals collected on them, along with instructions on how to contest the activity signals with their educators. Additionally, the IT admin can choose not to collect activity signals at any time; in which case Insights will not be available for the institution.


 


Communicating Education Insights to guardians and students 


While data is critical to thoroughly support students, and while Education Insights provides data with high standards of ethical use, privacy, and security, we also understand that it is vital to communicate clearly to students and guardians the collection of data and the value it provides.


Here is a suggested baseline for communication in case it would be helpful to start a positive conversation with guardians and students. You can also share this blog for further details and links to resources :)


 









 


“Our priority as a school/district is always our students, and we aspire to equip them with the skills they need for success in school and beyond. Even before digital teaching practices were expedited by the outbreak of COVID-19, we knew that technology would make up a large part of lifelong learning.


 


Now, with students spending more educational time on digital platforms, our organization collects their digital activity in Microsoft Teams to support educators in adapting and supporting students’ learning and wellbeing in this changing environment. Data collected includes digital engagement, assignments status and grades, and their self-reflection of their wellbeing at school.


 


Any data collected is only in the context of the learning activity, non-learning activity data is not being collected. The data is shared only with the people that need it to best support the student, and with the intention of providing each student with the best educational possibilities for them and helping them thrive in school and life.


 


Students’ data is being collected, stored, and presented in a responsible manner, rigorously following and meets applicable national, regional, and industry-specific regulations for data collection and use, including GDPR and the Family Education Rights and Privacy Act (FERPA) .”


 



 


Some technical details for you 


For those of you who are interested in some of the “backbone” of how Insights data is collected and stored:


 


Where do we store the ? Insights is deployed in Europe and the United States. Data for European-based users is stored on servers in Europe. Data for Australian-based and US-based users is stored on servers in the United States. Data for users outside of Europe, Australia, or the United States, will be stored in one of our geographic regions.


 


do we handle large volumes of data with high reliability? Insights leverages the power of Azure to ingest, process and store large amounts of signals in near-real time and with high reliability. All this is implemented on top of M365 secure environments. Each of these resources is provisioned in multiple geographical locations to honor the data locality explained above. Insights has a rich monitoring and alerting system which helps us track and mitigate potential data lost in the pipeline.


 


Learning more about data privacy in Education Insights 



We’re always looking for ways to make Education Insights better. Have questions, comments, or ideas? Let us know! Add your ideas here or share your comment below.


 

Vulnerability Summary for the Week of June 13, 2022

This article is contributed. See the original author and article here.

adobe — indesign Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-16 not yet calculated CVE-2022-30658
MISC zzcms — zzcms An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/dl_sendmail.php (when the attacker has admin authority) via the id parameter. 2022-06-17 not yet calculated CVE-2019-12353
MISC 1password — agilebits
  An issue was discovered in AgileBits 1Password, involving the method various 1Password apps and integrations used to create connections to the 1Password service. In specific circumstances, this issue allowed a malicious server to convince a 1Password app or integration it is communicating with the 1Password service. 2022-06-15 not yet calculated CVE-2022-32550
MISC acunetix — sonatype_nexus_repository_manager
  https://ossindex.sonatype.org/ Sonatype Nexus Repository Manager OSS 3.37.3-02 is affected by: Incorrect Access Control. The impact is: Authentication Bypass (remote). The component is: Admin Panel. The attack vector is: With the help of response manipulation Attacker can bypass the login panel and view the dashboard menus, No user interaction is required. ¶¶ 1. Go to https://nexus.e-goi.com 2. Click on the Sign In button. 3. Enter the password as admin:admin. 4. Intercept the request in Burp Suite. 5. Capture the Response of the Request. 6. Change the Status Code from 403 Forbidden to 200 OK. 7. You will see the dashboard which provides the admin access. 2022-06-14 not yet calculated CVE-2022-31289
MISC
MISC adaware — protect
  Insecure permissions configuration in Adaware Protect v1.2.439.4251 allows attackers to escalate privileges via changing the service binary path. 2022-06-16 not yet calculated CVE-2022-31464
MISC
MISC adobe — after_effects
  Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. 2022-06-15 not yet calculated CVE-2021-43755
MISC adobe — bridge Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-15 not yet calculated CVE-2022-28843
MISC adobe — bridge
  Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-15 not yet calculated CVE-2022-28847
MISC adobe — bridge
  Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-15 not yet calculated CVE-2022-28844
MISC adobe — bridge
  Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-15 not yet calculated CVE-2022-28850
MISC adobe — bridge
  Adobe Bridge version 12.0.1 (and earlier versions) is affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-15 not yet calculated CVE-2022-28849
MISC adobe — bridge
  Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-15 not yet calculated CVE-2022-28848
MISC adobe — bridge
  Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-15 not yet calculated CVE-2022-28839
MISC adobe — bridge
  Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-15 not yet calculated CVE-2022-28846
MISC adobe — bridge
  Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-15 not yet calculated CVE-2022-28845
MISC adobe — bridge
  Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-15 not yet calculated CVE-2022-28841
MISC adobe — bridge
  Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-15 not yet calculated CVE-2022-28840
MISC adobe — bridge
  Adobe Bridge version 12.0.1 (and earlier versions) is affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-15 not yet calculated CVE-2022-28842
MISC adobe — illustrator
  Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-15 not yet calculated CVE-2022-30668
MISC adobe — illustrator
  Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-15 not yet calculated CVE-2022-30669
MISC adobe — illustrator
  Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-15 not yet calculated CVE-2022-30666
MISC adobe — illustrator
  Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-15 not yet calculated CVE-2022-30667
MISC adobe — indesign Access of Memory Location After End of Buffer (CWE-788 2022-06-15 not yet calculated CVE-2021-40727
MISC adobe — lightroom_classic
  Adobe Lightroom Classic 10.3 (and earlier) are affected by a privilege escalation vulnerability in the Offline Lightroom Classic installer. An authenticated attacker could leverage this vulnerability to escalate privileges. User interaction is required before product installation to abuse this vulnerability. 2022-06-15 not yet calculated CVE-2021-40776
MISC adobe — media_encoder
  Adobe Media Encoder version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file. 2022-06-13 not yet calculated CVE-2021-46818
MISC adobe — media_encoder
  Adobe Media Encoder version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file. 2022-06-13 not yet calculated CVE-2021-46817
MISC adobe — photoshop
  Adobe Photoshop version 22.5.1 (and earlier versions ) is affected by an Access of Memory Location After End of Buffer vulnerability, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. 2022-06-15 not yet calculated CVE-2021-42735
MISC adobe — prelude
  Adobe Prelude version 22.1.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. 2022-06-15 not yet calculated CVE-2021-43754
MISC adobe — premiere_pro
  Adobe Premiere Pro version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file. 2022-06-13 not yet calculated CVE-2021-46816
MISC adobe — animate
  Adobe Animate version 22.0.5 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-16 not yet calculated CVE-2022-30664
MISC adobe — illustrator Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-15 not yet calculated CVE-2022-30647
MISC adobe — illustrator Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-15 not yet calculated CVE-2022-30649
MISC adobe — illustrator Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-15 not yet calculated CVE-2022-30648
MISC adobe — incopy Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-16 not yet calculated CVE-2022-30656
MISC adobe — incopy Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-16 not yet calculated CVE-2022-30655
MISC adobe — incopy Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-16 not yet calculated CVE-2022-30652
MISC adobe — incopy Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-16 not yet calculated CVE-2022-30651
MISC adobe — incopy
  Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-16 not yet calculated CVE-2022-30653
MISC adobe — incopy
  Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-16 not yet calculated CVE-2022-30650
MISC adobe — incopy
  Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-16 not yet calculated CVE-2022-30657
MISC adobe — incopy
  Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-16 not yet calculated CVE-2022-30654
MISC adobe — indesign Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-16 not yet calculated CVE-2022-30665
MISC adobe — indesign Access of Memory Location After End of Buffer (CWE-788) 2022-06-15 not yet calculated CVE-2021-42732
MISC adobe — indesign Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-16 not yet calculated CVE-2022-30661
MISC adobe — indesign Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-16 not yet calculated CVE-2022-30663
MISC adobe — indesign Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-16 not yet calculated CVE-2022-30662
MISC adobe — indesign
  Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-16 not yet calculated CVE-2022-30660
MISC adobe — indesign
  Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. 2022-06-15 not yet calculated CVE-2021-39820
MISC adobe — indesign
  Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-16 not yet calculated CVE-2022-30659
MISC adobe — media_encoder
  Adobe Media Encoder versions 22.0, 15.4.2 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-06-15 not yet calculated CVE-2021-43756
MISC adsk — autodesk
  A maliciously crafted TIF file in Autodesk 3ds Max 2022 and 2021 can be used to write beyond the allocated buffer while parsing TIF files. This vulnerability in conjunction with other vulnerabilities could lead to arbitrary code execution. 2022-06-16 not yet calculated CVE-2022-27532
MISC adsk — autodesk
  A maliciously crafted TIF file can be forced to read beyond allocated boundaries in Autodesk 3ds Max 2022, and 2021 when parsing the TIF files. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. 2022-06-16 not yet calculated CVE-2022-27531
MISC amazon — aws_apache_log4j
  Versions of the Amazon AWS Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.3.5 are affected by a race condition that could lead to a local privilege escalation. This Hotpatch package is not a replacement for updating to a log4j version that mitigates CVE-2021-44228 or CVE-2021-45046; it provides a temporary mitigation to CVE-2021-44228 by hotpatching the local Java virtual machines. To do so, it iterates through all running Java processes, performs several checks, and executes the Java virtual machine with the same permissions and capabilities as the running process to load the hotpatch. A local user could cause the hotpatch script to execute a binary with elevated privileges by running a custom java process that performs exec() of an SUID binary after the hotpatch has observed the process path and before it has observed its effective user ID. 2022-06-17 not yet calculated CVE-2022-33915
MISC
MISC amd — processors
  A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing attack to potentially enable information disclosure. 2022-06-15 not yet calculated CVE-2022-23823
MISC amodat — mobile_application_gateway attacker needs to craft a SQL payload. the vulnerable parameter is “agentid” must be authenticated to the admin panel. 2022-06-13 not yet calculated CVE-2022-23169
MISC amodat — mobile_application_gateway The attacker could get access to the database. The SQL injection is in the username parameter at the login panel: username: admin’– 2022-06-13 not yet calculated CVE-2022-23168
MISC amodat — mobile_application_gateway Attacker crafts a GET request to: /mobile/downloadfile.aspx? Filename =../.. /windows/boot.ini the LFI is UNAUTHENTICATED. 2022-06-13 not yet calculated CVE-2022-23167
MISC amozing — ariang AriaNg v0.1.0~v1.2.2 is affected by an incorrect access control vulnerability through not authenticating visitors’ access rights. 2022-06-15 not yet calculated CVE-2021-41418
MISC android — windowmanager
  In WindowManager, there is a possible tapjacking attack due to an incorrect window flag when processing user input. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-157929241 2022-06-15 not yet calculated CVE-2021-39691
MISC android — closef
  In closef of label_backends_android.c, there is a possible way to corrupt memory due to a double free. This could lead to local escalation of privilege during startup of servicemanager, if an attacker can trigger an initialization failure, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-215387420 2022-06-15 not yet calculated CVE-2021-39806
MISC anker — eufy_homebase_2
  A use-after-free vulnerability exists in the mips_collector appsrv_server functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted set of network packets can lead to remote code execution. The device is exposed to attacks from the network. 2022-06-17 not yet calculated CVE-2022-21806
MISC apache — hadoop
  There is a potential heap buffer overflow in Apache Hadoop libhdfs native code. Opening a file path provided by user without validation may result in a denial of service or arbitrary code execution. Users should upgrade to Apache Hadoop 2.10.2, 3.2.3, 3.3.2 or higher. 2022-06-13 not yet calculated CVE-2021-37404
CONFIRM apache — hadoop
  In Apache Hadoop 2.2.0 to 2.10.1, 3.0.0-alpha1 to 3.1.4, 3.2.0 to 3.2.2, and 3.3.0 to 3.3.1, a user who can escalate to yarn user can possibly run arbitrary commands as root user. Users should upgrade to Apache Hadoop 2.10.2, 3.2.3, 3.3.2 or higher. 2022-06-15 not yet calculated CVE-2021-33036
MISC
MLIST apache– flume
  Apache Flume versions 1.4.0 through 1.9.0 are vulnerable to a remote code execution (RCE) attack when a configuration uses a JMS Source with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI to allow only the use of the java protocol or no protocol. 2022-06-14 not yet calculated CVE-2022-25167
CONFIRM
CONFIRM
MLIST apache — nifi
  The optional ShellUserGroupProvider in Apache NiFi 1.10.0 to 1.16.2 and Apache NiFi Registry 0.6.0 to 1.16.2 does not neutralize arguments for group resolution commands, allowing injection of operating system commands on Linux and macOS platforms. The ShellUserGroupProvider is not included in the default configuration. Command injection requires ShellUserGroupProvider to be one of the enabled User Group Providers in the Authorizers configuration. Command injection also requires an authenticated user with elevated privileges. Apache NiFi requires an authenticated user with authorization to modify access policies in order to execute the command. Apache NiFi Registry requires an authenticated user with authorization to read user groups in order to execute the command. The resolution removes command formatting based on user-provided arguments. 2022-06-15 not yet calculated CVE-2022-33140
MISC
MISC apple — mobaku-auction&flea_market
  ‘Mobaoku-Auction&Flea Market’ App for iOS versions prior to 5.5.16 improperly verifies server certificates, which may allow an attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack. 2022-06-14 not yet calculated CVE-2022-29482
MISC apple — swift-corelibs-foundation
  A program using swift-corelibs-foundation is vulnerable to a denial of service attack caused by a potentially malicious source producing a JSON document containing a type mismatch. This vulnerability is caused by the interaction between a deserialization mechanism offered by the Swift standard library, the Codable protocol; and the JSONDecoder class offered by swift-corelibs-foundation, which can deserialize types that adopt the Codable protocol based on the content of a provided JSON document. When a type that adopts Codable requests the initialization of a field with an integer value, the JSONDecoder class uses a type-erased container with different accessor methods to attempt and coerce a corresponding JSON value and produce an integer. In the case the JSON value was a numeric literal with a floating-point portion, JSONDecoder used different type-eraser methods during validation than it did during the final casting of the value. The checked casting produces a deterministic crash due to this mismatch. The JSONDecoder class is often wrapped by popular Swift-based web frameworks to parse the body of HTTP requests and perform basic type validation. This makes the attack low-effort: sending a specifically crafted JSON document during a request to these endpoints will cause them to crash. The attack does not have any confidentiality or integrity risks in and of itself; the crash is produced deterministically by an abort function that ensures that execution does not continue in the face of this violation of assumptions. However, unexpected crashes can lead to violations of invariants in services, so it’s possible that this attack can be used to trigger error conditions that escalate the risk. Producing a denial of service may also be the goal of an attacker in itself. This issue is solved in Swift 5.6.2 for Linux and Windows. This issue was solved by ensuring that the same methods are invoked both when validating and during casting, so that no type mismatch occurs. Swift for Linux and Windows versions are not ABI-interchangeable. To upgrade a service, its owner must update to this version of the Swift toolchain, then recompile and redeploy their software. The new version of Swift includes an updated swift-corelibs-foundation package. Versions of Swift running on Darwin-based operating systems are not affected. 2022-06-16 not yet calculated CVE-2022-1642
MISC argo_project — argo
  The package github.com/argoproj/argo-events/sensors/artifacts before 1.7.1 are vulnerable to Directory Traversal in the (g *GitArtifactReader).Read() API in git.go. This could allow arbitrary file reads if the GitArtifactReader is provided a pathname containing a symbolic link or an implicit directory name such as … 2022-06-17 not yet calculated CVE-2022-25856
CONFIRM
CONFIRM
CONFIRM argopro — argo_events
  Argo Events is an event-driven workflow automation framework for Kubernetes. Prior to version 1.7.1, several `HandleRoute` endpoints make use of the deprecated `ioutil.ReadAll()`. `ioutil.ReadAll()` reads all the data into memory. As such, an attacker who sends a large request to the Argo Events server will be able to crash it and cause denial of service. A patch for this vulnerability has been released in Argo Events version 1.7.1. 2022-06-13 not yet calculated CVE-2022-31054
CONFIRM
MISC
MISC
MISC asg_technologies — asg-zena_cross_platform_server_enterprise ASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to Cleartext Storage of Sensitive Information in a Cookie. 2022-06-17 not yet calculated CVE-2021-45025
MISC
MISC
MISC asg_technologies — asg-zena_cross_platform_server_enterprise ASG technologies ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to Cross Site Scripting (XSS). 2022-06-17 not yet calculated CVE-2021-45026
MISC
MISC
MISC asg_technologies — asg-zena_cross_platform_server_enterprise ASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to XML External Entity (XXE). 2022-06-17 not yet calculated CVE-2021-45024
MISC
MISC
MISC asus — rt-n53 ASUS RT-N53 3.0.0.4.376.3754 has a command injection vulnerability in the SystemCmd parameter of the apply.cgi interface. 2022-06-17 not yet calculated CVE-2022-31874
MISC av1 — video_extension AV1 Video Extension Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30167. 2022-06-15 not yet calculated CVE-2022-30193
MISC axis_communications — multiple_products A vulnerability, which was classified as critical, was found in AXIS P1204, P3225, P3367, M3045, M3005 and M3007. This affects an unknown part of the component CGI Script. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely. It is recommended to upgrade the affected component. 2022-06-15 not yet calculated CVE-2017-20049
N/A
N/A axis_communications — multiple_products A vulnerability has been found in AXIS P1204, P3225, P3367, M3045, M3005 and M3007 and classified as problematic. This vulnerability affects unknown code of the component Web Interface. The manipulation leads to improper access controls. The attack can be initiated remotely. It is recommended to upgrade the affected component. 2022-06-15 not yet calculated CVE-2017-20050
N/A
N/A axis_communications — multiple_products A vulnerability, which was classified as critical, has been found in AXIS P1204, P3225, P3367, M3045, M3005 and M3007. Affected by this issue is some unknown functionality of the component Script Editor. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. 2022-06-15 not yet calculated CVE-2017-20048
N/A
N/A
N/A axis_communications — multiple_products
  A vulnerability classified as problematic has been found in AXIS P1204, P3225, P3367, M3045, M3005 and M3007. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. It is recommended to upgrade the affected component. 2022-06-15 not yet calculated CVE-2017-20046
N/A
N/A axis_communications — multiple_products
  A vulnerability classified as problematic was found in AXIS P1204, P3225, P3367, M3045, M3005 and M3007. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. 2022-06-15 not yet calculated CVE-2017-20047
N/A
N/A
N/A bachmann_visutec — atvise
  An information disclosure vulnerability exists in the License registration functionality of Bachmann Visutec GmbH Atvise 3.5.4, 3.6 and 3.7. A plaintext HTTP request can lead to a disclosure of login credentials. An attacker can perform a man-in-the-middle attack to trigger this vulnerability. 2022-06-17 not yet calculated CVE-2022-21184
MISC bestwebsoft — contact_form_plugin
  A vulnerability classified as problematic has been found in BestWebSoft Contact Form Plugin 4.0.0. This affects an unknown part. The manipulation leads to basic cross site scripting (Stored). It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.0.2 is able to address this issue. It is recommended to upgrade the affected component. 2022-06-16 not yet calculated CVE-2017-20055
MISC
MISC
MISC biscuit — biscuit
  Biscuit is an authentication and authorization token for microservices architectures. The Biscuit specification version 1 contains a vulnerable algorithm that allows malicious actors to forge valid ?-signatures. Such an attack would allow an attacker to create a token with any access level. The version 2 of the specification mandates a different algorithm than gamma signatures and as such is not affected by this vulnerability. The Biscuit implementations in Rust, Haskell, Go, Java and Javascript all have published versions following the v2 specification. There are no known workarounds for this issue. 2022-06-13 not yet calculated CVE-2022-31053
CONFIRM
MISC bitmainer — antminer_monitor
  A vulnerability in Antminer Monitor 0.50.0 exists because of backdoor or misconfiguration inside a settings file in flask server. Settings file has a predefined secret string, which would be randomly generated, however it is static. 2022-06-17 not yet calculated CVE-2021-40903
MISC
MISC
MISC blynk — blynk_library A stack-based buffer overflow vulnerability exists in the BlynkConsole.h runCommand functionality of Blynk -Library v1.0.1. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability. 2022-06-17 not yet calculated CVE-2022-29496
MISC brackeen — brackeen
  ok-file-formats master 2021-9-12 is affected by a buffer overflow in ok_jpg_convert_data_unit_grayscale and ok_jpg_convert_YCbCr_to_RGB. 2022-06-15 not yet calculated CVE-2021-41413
MISC
MISC broadcom — ca_automic_automation CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code. 2022-06-16 not yet calculated CVE-2022-33752
MISC broadcom — ca_automic_automation CA Automic Automation 12.2 and 12.3 contain an insecure memory handling vulnerability in the Automic agent that could allow a remote attacker to potentially access sensitive data. 2022-06-16 not yet calculated CVE-2022-33751
MISC broadcom — ca_automic_automation CA Automic Automation 12.2 and 12.3 contain an authentication error vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary commands. 2022-06-16 not yet calculated CVE-2022-33750
MISC broadcom — ca_automic_automation CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code. 2022-06-16 not yet calculated CVE-2022-33754
MISC broadcom — ca_automic_automation CA Automic Automation 12.2 and 12.3 contain an insecure input handling vulnerability in the Automic Agent that could allow a remote attacker to potentially enumerate users. 2022-06-16 not yet calculated CVE-2022-33755
MISC broadcom — ca_automic_automation CA Automic Automation 12.2 and 12.3 contain an insecure file creation and handling vulnerability in the Automic agent that could allow a user to potentially elevate privileges. 2022-06-16 not yet calculated CVE-2022-33753
MISC broadcom — ca_automic_automation
  CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic AutomationEngine that could allow a remote attacker to potentially access sensitive data. 2022-06-16 not yet calculated CVE-2022-33756
MISC broadcom — ca_clarity
  CA Clarity 15.8 and below and 15.9.0 contain an insecure XML parsing vulnerability that could allow a remote attacker to potentially view the contents of any file on the system. 2022-06-16 not yet calculated CVE-2022-33739
MISC checkmk — debian
  A permission issue affects users that deployed the shipped version of the Checkmk Debian package. Packages created by the agent bakery (enterprise editions only) were not affected. Using the shipped version of the agents, the maintainer scripts located at /var/lib/dpkg/info/ will be owned by the user and the group with ID 1001. If such a user exists on the system, they can change the content of these files (which are then executed by root). This leads to a local privilege escalation on the monitored host. Version 1.6 through 1.6.9p29, version 2.0 through 2.0.0p26, version 2.1 through 2.1.0p3, and version 2.2.0i1 are affected. 2022-06-17 not yet calculated CVE-2022-33912
MISC cisc0 — identity_services_engine
  A vulnerability in the login page of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to log in without credentials and access all roles without any restrictions. This vulnerability is due to exposed sensitive Security Assertion Markup Language (SAML) metadata. An attacker could exploit this vulnerability by using the exposed SAML metadata to bypass authentication to the user portal. A successful exploit could allow the attacker to access all roles without any restrictions. 2022-06-15 not yet calculated CVE-2022-20733
CISCO cisco — appdynamics_controller_software
  A vulnerability in the web-based management interface of Cisco AppDynamics Controller Software could allow an unauthenticated, remote attacker to access a configuration file and the login page for an administrative console that they would not normally have authorization to access. This vulnerability is due to improper authorization checking for HTTP requests that are submitted to the affected web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected instance of AppDynamics Controller. A successful exploit could allow the attacker to access the login page for an administrative console. AppDynamics has released software updates that address this vulnerability. 2022-06-15 not yet calculated CVE-2022-20736
CISCO cisco — identity_servies_engine
  A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability exists because administrative privilege levels for sensitive data are not properly enforced. An attacker with read-only privileges for the web-based management interface on an affected device could exploit this vulnerability by browsing to a page that contains sensitive data. A successful exploit could allow the attacker to collect sensitive information about the system configuration. 2022-06-15 not yet calculated CVE-2022-20819
CISCO cisco — small_business_routers
  A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient user input validation of incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device using root-level privileges. Cisco has not released software updates that address this vulnerability. 2022-06-15 not yet calculated CVE-2022-20825
CISCO cisco — unified_ip_phones
  A vulnerability in Cisco Unified IP Phones could allow an unauthenticated, remote attacker to impersonate another user’s phone if the Cisco Unified Communications Manager (CUCM) is in secure mode. This vulnerability is due to improper key generation during the manufacturing process that could result in duplicated manufactured keys installed on multiple devices. An attacker could exploit this vulnerability by performing a machine-in-the-middle attack on the secure communication between the phone and the CUCM. A successful exploit could allow the attacker to impersonate another user’s phone. This vulnerability cannot be addressed with software updates. There is a workaround that addresses this vulnerability. 2022-06-15 not yet calculated CVE-2022-20817
CISCO cisco –secure_email_and_web_manager
  A vulnerability in the external authentication functionality of Cisco Secure Email and Web Manager, formerly known as Cisco Security Management Appliance (SMA), and Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass authentication and log in to the web management interface of an affected device. This vulnerability is due to improper authentication checks when an affected device uses Lightweight Directory Access Protocol (LDAP) for external authentication. An attacker could exploit this vulnerability by entering a specific input on the login page of the affected device. A successful exploit could allow the attacker to gain unauthorized access to the web-based management interface of the affected device. 2022-06-15 not yet calculated CVE-2022-20798
CISCO cisco –secure_email_and_web_manager
  A vulnerability in the web management interface of Cisco Secure Email and Web Manager, formerly Cisco Security Management Appliance (SMA), and Cisco Email Security Appliance (ESA) could allow an authenticated, remote attacker to retrieve sensitive information from a Lightweight Directory Access Protocol (LDAP) external authentication server connected to an affected device. This vulnerability is due to a lack of proper input sanitization while querying the external authentication server. An attacker could exploit this vulnerability by sending a crafted query through an external authentication web page. A successful exploit could allow the attacker to gain access to sensitive information, including user credentials from the external authentication server. To exploit this vulnerability, an attacker would need valid operator-level (or higher) credentials. 2022-06-15 not yet calculated CVE-2022-20664
CISCO connx — connx In Connx Version 6.2.0.1269 (20210623), a cookie can be issued by the application and not have the secure flag set. 2022-06-14 not yet calculated CVE-2021-40650
MISC
MISC connx — connx
  In Connx Version 6.2.0.1269 (20210623), a cookie can be issued by the application and not have the HttpOnly flag set. 2022-06-14 not yet calculated CVE-2021-40649
MISC
MISC couchbase — couchbase_server Couchbase Server 5.x through 7.x before 7.0.4 exposes Sensitive Information to an Unauthorized Actor. 2022-06-13 not yet calculated CVE-2022-32192
MISC
MISC couchbase — couchbase_server Couchbase Server 6.6.x through 7.x before 7.0.4 exposes Sensitive Information to an Unauthorized Actor. 2022-06-13 not yet calculated CVE-2022-32193
MISC
MISC couchbase — couchbase_server An issue was discovered in Couchbase Server before 6.6.5 and 7.x before 7.0.4. Previous mitigations for CVE-2018-15728 were found to be insufficient when it was discovered that diagnostic endpoints could still be accessed from the network. 2022-06-14 not yet calculated CVE-2022-32561
MISC
MISC
MISC couchbase — couchbase_server An issue was discovered in Couchbase Server before 7.0.4. Sample bucket loading may leak internal user passwords during a failure. 2022-06-13 not yet calculated CVE-2022-32558
MISC
MISC
MISC couchbase — couchbase_server An issue was discovered in Couchbase Server before 7.0.4. Operations may succeed on a collection using stale RBAC permission. 2022-06-13 not yet calculated CVE-2022-32562
MISC
MISC
MISC couchbase — couchbase_server An issue was discovered in Couchbase Server before 7.0.4. XDCR lacks role checking when changing internal settings. 2022-06-13 not yet calculated CVE-2022-32560
MISC
MISC
MISC couchbase — couchbase_server An issue was discovered in Couchbase Server before 7.0.4. The Index Service does not enforce authentication for TCP/TLS servers. 2022-06-14 not yet calculated CVE-2022-32557
MISC
MISC
MISC couchbase — couchbase_server An issue was discovered in Couchbase Server before 7.0.4. Random HTTP requests lead to leaked metrics. 2022-06-14 not yet calculated CVE-2022-32559
MISC
MISC
MISC couchbase — couchbase_server
  An issue was discovered in Couchbase Server before 7.0.4. The Backup Service log leaks unredacted usernames and document ids. 2022-06-13 not yet calculated CVE-2022-32565
MISC
MISC
MISC couchbase — couchbase_server
  An issue was discovered in Couchbase Server before 7.0.4. In couchbase-cli, server-eshell leaks the Cluster Manager cookie. 2022-06-13 not yet calculated CVE-2022-32564
MISC
MISC
MISC covesa — covesa
  An issue in dlt_config_file_parser.c of dlt-daemon v2.18.8 allows attackers to cause a double free via crafted TCP packets. 2022-06-16 not yet calculated CVE-2022-31291
MISC d-link — dir-850l
  An issue was discovered on D-Link DIR-850L 1.21WW devices. A partially completed WPA handshake is sufficient for obtaining full access to the wireless network. A client can access the network by sending packets on Data Frames to the AP without encryption. 2022-06-16 not yet calculated CVE-2018-18907
MISC
MISC deno — deno
  Deno <=1.14.0 file sandbox does not handle symbolic links correctly. When running Deno with specific write access, the Deno.symlink method can be used to gain access to any directory. 2022-06-12 not yet calculated CVE-2021-41641
MISC
MISC devolutions — remote_desktop_manager
  A lack of password masking in Devolutions Remote Desktop Manager allows physically proximate attackers to observe sensitive data. A caching issue can cause sensitive fields to sometimes stay revealed when closing and reopening a panel, which could lead to involuntarily disclosing sensitive information. This issue affects: Devolutions Remote Desktop Manager 2022.1.24 version and prior versions. 2022-06-15 not yet calculated CVE-2022-1342
MISC discordjs — opus
  All versions of package @discordjs/opus are vulnerable to Denial of Service (DoS) when trying to encode using an encoder with zero channels, or a non-initialized buffer. This leads to a hard crash. 2022-06-17 not yet calculated CVE-2022-25345
CONFIRM
CONFIRM discourse — calendar
  Discourse Calendar is a calendar plugin for Discourse, an open-source messaging app. Prior to version 1.0.1, parsing and rendering of Event names can be susceptible to cross-site scripting (XSS) attacks. This vulnerability only affects sites which have modified or disabled Discourse’s default Content Security Policy. This issue is patched in version 1.0.1 of the Discourse Calendar plugin. As a workaround, ensure that the Content Security Policy is enabled, and has not been modified in a way which would make it more vulnerable to XSS attacks. 2022-06-14 not yet calculated CVE-2022-31059
CONFIRM
MISC
MISC discourse — discourse
  Discourse is an open-source discussion platform. Prior to version 2.8.4 in the `stable` branch and version `2.9.0.beta5` in the `beta` and `tests-passed` branches, banner topic data is exposed on login-required sites. This issue is patched in version 2.8.4 in the `stable` branch and version `2.9.0.beta5` in the `beta` and `tests-passed` branches of Discourse. As a workaround, one may disable banners. 2022-06-14 not yet calculated CVE-2022-31060
MISC
CONFIRM
MISC drive_composer — drive_composer Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a “repair” operation on the product. 2022-06-15 not yet calculated CVE-2022-31217
MISC drive_composer — drive_composer
  Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a “repair” operation on the product. 2022-06-15 not yet calculated CVE-2022-31216
MISC drive_composer — drive_composer
  Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a “repair” operation on the product. 2022-06-15 not yet calculated CVE-2022-31218
MISC drive_composer — drive_composer
  Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a “repair” operation on the product. 2022-06-15 not yet calculated CVE-2022-31219
MISC edgex_foundry — edgex_foundry
  EdgeX Foundry is an open source project for building a common open framework for Internet of Things edge computing. Prior to version 2.1.1, the /api/v2/config endpoint exposes message bus credentials to local unauthenticated users. In security-enabled mode, message bus credentials are supposed to be kept in the EdgeX secret store and require authentication to access. This vulnerability bypasses the access controls on message bus credentials when running in security-enabled mode. (No credentials are required when running in security-disabled mode.) As a result, attackers could intercept data or inject fake data into the EdgeX message bus. Users should upgrade to EdgeXFoundry Kamakura release (2.2.0) or to the June 2022 EdgeXFoundry LTS Jakarta release (2.1.1) to receive a patch. More information about which go modules, docker containers, and snaps contain patches is available in the GitHub Security Advisory. There are currently no known workarounds for this issue. 2022-06-14 not yet calculated CVE-2022-31066
MISC
CONFIRM
MISC electron — electron
  Electron is a framework for writing cross-platform desktop applications using JavaScript (JS), HTML, and CSS. A vulnerability in versions prior to 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 allows attackers who have control over a given apps update server / update storage to serve maliciously crafted update packages that pass the code signing validation check but contain malicious code in some components. This kind of attack would require significant privileges in a potential victim’s own auto updating infrastructure and the ease of that attack entirely depends on the potential victim’s infrastructure security. Electron versions 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 contain a fix for this issue. There are no known workarounds. 2022-06-13 not yet calculated CVE-2022-29257
CONFIRM electron — electron
  Electron is a framework for writing cross-platform desktop applications using JavaScript (JS), HTML, and CSS. A vulnerability in versions prior to 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 allows a renderer with JS execution to obtain access to a new renderer process with `nodeIntegrationInSubFrames` enabled which in turn allows effective access to `ipcRenderer`. The `nodeIntegrationInSubFrames` option does not implicitly grant Node.js access. Rather, it depends on the existing sandbox setting. If an application is sandboxed, then `nodeIntegrationInSubFrames` just gives access to the sandboxed renderer APIs, which include `ipcRenderer`. If the application then additionally exposes IPC messages without IPC `senderFrame` validation that perform privileged actions or return confidential data this access to `ipcRenderer` can in turn compromise your application / user even with the sandbox enabled. Electron versions 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 contain a fix for this issue. As a workaround, ensure that all IPC message handlers appropriately validate `senderFrame`. 2022-06-13 not yet calculated CVE-2022-29247
CONFIRM electrum — electrum
  paymentrequest.py in Electrum before 4.2.2 allows a file:// URL in the r parameter of a payment request (e.g., within QR code data). On Windows, this can lead to capture of credentials over SMB. On Linux and UNIX, it can lead to a denial of service by specifying the /dev/zero filename. 2022-06-17 not yet calculated CVE-2022-31246
MISC
MISC elementor — website_builder
  DOM-based Reflected Cross-Site Scripting (XSS) vulnerability in Elementor’s Elementor Website Builder plugin <= 3.5.5 versions. 2022-06-13 not yet calculated CVE-2022-29455
CONFIRM
CONFIRM
CONFIRM employee_leaves_management_system — employee_leaves_management_system Employee Leaves Management System (ELMS) V 2.1 is vulnerable to Cross Site Request Forgery (CSRF) via /myprofile.php. 2022-06-14 not yet calculated CVE-2022-30931
MISC
MISC en100 — ethernet_module
  A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant (All versions), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.37), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions). Affected applications contains a memory corruption vulnerability while parsing specially crafted HTTP packets to /txtrace endpoint. This could allow an attacker to crash the affected application leading to a denial of service condition. 2022-06-14 not yet calculated CVE-2022-30937
MISC fast-string-search — fast-string-search
  All versions of package fast-string-search are vulnerable to Out-of-bounds Read due to incorrect memory freeing and length calculation for any non-string input as the source. This allows the attacker to read previously allocated memory. 2022-06-17 not yet calculated CVE-2022-25872
CONFIRM
CONFIRM fast-string-search — fast-string-search
  All versions of package fast-string-search are vulnerable to Denial of Service (DoS) when computations are incorrect for non-string inputs. One can cause the V8 to attempt reading from non-permitted locations and cause a segmentation fault due to the violation. 2022-06-17 not yet calculated CVE-2022-22138
CONFIRM fedai — fate
  An issue was discovered in function sync_tree in hetero_decision_tree_guest.py in WeBank FATE (Federated AI Technology Enabler) 0.1 through 1.4.2 allows attackers to read sensitive information during the training process of machine learning joint modeling. 2022-06-16 not yet calculated CVE-2020-25459
MISC festo — controller
  In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint “cecc-x-refresh-request” POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection. 2022-06-13 not yet calculated CVE-2022-30311
CONFIRM festo — controller
  In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint “cecc-x-acknerr-request” POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection. 2022-06-13 not yet calculated CVE-2022-30310
CONFIRM festo — controller
  In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint “cecc-x-web-viewer-request-on” POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection. 2022-06-13 not yet calculated CVE-2022-30308
CONFIRM festo — controller
  In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint “cecc-x-web-viewer-request-off” POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection. 2022-06-13 not yet calculated CVE-2022-30309
CONFIRM filecloud — filecloud A vulnerability classified as critical has been found in FileCloud. Affected is the NTFS handler which leads to improper access controls. It is possible to launch the attack remotely but it demands some form of authentication. Upgrading to version 21.3.5.18513 is able to address this issue. It is recommended to upgrade the affected component. 2022-06-15 not yet calculated CVE-2022-1958
MISC
MISC
MISC finastra — nestjs_proxy
  NestJS Proxy is a NestJS module to decorate and proxy calls. Prior to version 0.7.0, the nestjs-proxy library did not have a way to block sensitive cookies (e.g. session cookies) from being forwarded to backend services configured by the application developer. This could have led to sensitive cookies being inadvertently exposed to such services that should not see them. The patched version now blocks cookies from being forwarded by default. However developers can configure an allow-list of cookie names by using the `allowedCookies` config setting. This issue has been fixed in version 0.7.0 of `@finastra/nestjs-proxy`. Users of `@ffdc/nestjs-proxy` are advised that this package has been deprecated and is no longer being maintained or receiving updates. Such users should update their package.json file to use `@finastra/nestjs-proxy` instead. 2022-06-15 not yet calculated CVE-2022-31070
MISC
CONFIRM finastra — nestjs_proxy
  NestJS Proxy is a NestJS module to decorate and proxy calls. Prior to version 0.7.0, the nestjs-proxy library did not have a way to control when Authorization headers should should be forwarded for specific backend services configured by the application developer. This could have resulted in sensitive information such as OAuth bearer access tokens being inadvertently exposed to such services that should not see them. A new feature has been introduced in the patched version of nestjs-proxy that allows application developers to opt out of forwarding the Authorization headers on a per service basis using the `forwardToken` config setting. Developers are advised to review the README for this library on Github or NPM for further details on how this configuration can be applied. This issue has been fixed in version 0.7.0 of `@finastra/nestjs-proxy`. Users of `@ffdc/nestjs-proxy` are advised that this package has been deprecated and is no longer being maintained or receiving updates. Such users should update their package.json file to use `@finastra/nestjs-proxy` instead. 2022-06-15 not yet calculated CVE-2022-31069
CONFIRM
MISC flatcore — flatcore_cms flatCore-CMS v2.0.8 has a code execution vulnerability, which could let a remote malicious user execute arbitrary PHP code. 2022-06-16 not yet calculated CVE-2021-41402
MISC flatcore — flatcore_cms flatCore-CMS version 2.0.8 calls dangerous functions, causing server-side request forgery vulnerabilities. 2022-06-15 not yet calculated CVE-2021-41403
MISC francoisjacquet — rosariosis
  SQL Injection in GitHub repository francoisjacquet/rosariosis prior to 9.0. 2022-06-13 not yet calculated CVE-2022-2067
MISC
CONFIRM fuji_electric — v-server
  Out-of-bounds write vulnerability exists in V-Server v4.0.11.0 and earlier and V-Server Lite v4.0.13.0 and earlier, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. 2022-06-14 not yet calculated CVE-2022-29524
MISC
MISC
MISC fuji_electric — v-sft Use after free vulnerability exists in the simulator module contained in the graphic editor ‘V-SFT’ versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. 2022-06-14 not yet calculated CVE-2022-29522
MISC
MISC fuji_electric — v-sft Out-of-bounds read vulnerability exist in the simulator module contained in the graphic editor ‘V-SFT’ v6.1.3.0 and earlier, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. 2022-06-14 not yet calculated CVE-2022-29506
MISC
MISC
MISC fuji_electric — v-sft Heap-based buffer overflow exists in the simulator module contained in the graphic editor ‘V-SFT’ versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. 2022-06-14 not yet calculated CVE-2022-26302
MISC
MISC fuji_electric — v-sft
  Access of uninitialized pointer vulnerability exists in the simulator module contained in the graphic editor ‘V-SFT’ versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. 2022-06-14 not yet calculated CVE-2022-29925
MISC
MISC fujielectric — v-server Out-of-bounds read vulnerability exists in V-Server v4.0.11.0 and earlier and V-Server Lite v4.0.13.0 and earlier, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. 2022-06-16 not yet calculated CVE-2022-30549
MISC
MISC
MISC fujielectric — v-sft
  Out-of-bounds write vulnerability exists in the simulator module contained in the graphic editor ‘V-SFT’ versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. 2022-06-16 not yet calculated CVE-2022-30538
MISC
MISC fujielectric — v-sft
  Out-of-bounds read vulnerability exists in the simulator module contained in the graphic editor ‘V-SFT’ versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. 2022-06-16 not yet calculated CVE-2022-30546
MISC
MISC ge — voluson_s8
  A vulnerability classified as critical was found in GE Voluson S8. Affected is the underlying Windows XP operating system. Missing patches might introduce an excessive attack surface. Access to the local network is required for this attack to succeed. 2022-06-17 not yet calculated CVE-2020-36549
N/A
N/A ge — voluson_s8
  A vulnerability classified as problematic has been found in GE Voluson S8. Affected is the file /uscgi-bin/users.cgi of the Service Browser. The manipulation leads to improper authentication and elevated access possibilities. It is possible to launch the attack on the local host. 2022-06-17 not yet calculated CVE-2020-36548
N/A
N/A ge — voluson_s8
  A vulnerability was found in GE Voluson S8. It has been rated as critical. This issue affects the Service Browser which itroduces hard-coded credentials. Attacking locally is a requirement. It is recommended to change the configuration settings. 2022-06-17 not yet calculated CVE-2020-36547
N/A
N/A ghostscript — ghostscript
  A NULL pointer dereference vulnerability was found in Ghostscript, which occurs when it tries to render a large number of bits in memory. When allocating a buffer device, it relies on an init_device_procs defined for the device that uses it as a prototype that depends upon the number of bits per pixel. For bpp > 64, mem_x_device is used and does not have an init_device_procs defined. This flaw allows an attacker to parse a large number of bits (more than 64 bits per pixel), which triggers a NULL pointer dereference flaw, causing an application to crash. 2022-06-16 not yet calculated CVE-2022-2085
MISC
MISC
MISC giflib — gif2rgb
  A memory leak (out-of-memory) in gif2rgb in util/gif2rgb.c in giflib 5.1.4 allows remote attackers trigger an out of memory exception or denial of service via a gif format file. 2022-06-14 not yet calculated CVE-2021-40633
MISC git.videolan — ffmpeg A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function decode_frame of the file libavcodec/ansi.c. The manipulation leads to integer coercion error. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. 2022-06-18 not yet calculated CVE-2014-125011
MISC
MISC git.videolan — ffmpeg A vulnerability classified as problematic was found in FFmpeg 2.0. Affected by this vulnerability is the function intra_pred of the file libavcodec/hevcpred_template.c. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. 2022-06-18 not yet calculated CVE-2014-125007
MISC
MISC git.videolan — ffmpeg
  A vulnerability classified as problematic has been found in FFmpeg 2.0. This affects the function add_yblock of the file libavcodec/snow.h. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. 2022-06-18 not yet calculated CVE-2014-125009
MISC
MISC git.videolan — ffmpeg
  A vulnerability classified as critical has been found in FFmpeg 2.0. Affected is the function read_var_block_data. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. 2022-06-18 not yet calculated CVE-2014-125015
MISC
MISC git.videolan — ffmpeg
  A vulnerability classified as problematic was found in FFmpeg 2.0. Affected by this vulnerability is an unknown functionality of the component HEVC Video Decoder. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. 2022-06-18 not yet calculated CVE-2014-125014
MISC
MISC git.videolan — ffmpeg
  A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function msrle_decode_frame of the file libavcodec/msrle.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. 2022-06-18 not yet calculated CVE-2014-125013
MISC
MISC git.videolan — ffmpeg
  A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is an unknown function of the file libavcodec/dxtroy.c. The manipulation leads to integer coercion error. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. 2022-06-18 not yet calculated CVE-2014-125012
MISC
MISC git.videolan — ffmpeg
  A vulnerability classified as critical was found in FFmpeg 2.0. This vulnerability affects the function rpza_decode_stream. The manipulation leads to memory corruption. The attack can be initiated remotely. The name of the patch is Fixes Invalid Writes. It is recommended to apply a patch to fix this issue. 2022-06-18 not yet calculated CVE-2014-125017
MISC
MISC git.videolan — ffmpeg
  A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function decode_slice_header of the file libavcodec/h64.c. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue. 2022-06-18 not yet calculated CVE-2014-125010
MISC
MISC git.videolan — ffmpeg
  A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function get_siz of the file libavcodec/jpeg2000dec.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. 2022-06-18 not yet calculated CVE-2014-125003
MISC
MISC git.videolan — ffmpeg
  A vulnerability classified as problematic has been found in FFmpeg 2.0. Affected is the function vorbis_header of the file libavformat/oggparsevorbis.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. 2022-06-18 not yet calculated CVE-2014-125008
MISC
MISC git.videolan — ffmpeg
  A vulnerability, which was classified as problematic, has been found in FFmpeg 2.0. Affected by this issue is the function output_frame of the file libavcodec/h264.c. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue. 2022-06-18 not yet calculated CVE-2014-125006
MISC
MISC git.videolan — ffmpeg
  A vulnerability was found in Ucweb UC Browser 11.2.5.932. It has been classified as critical. Affected is an unknown function of the component HTML Handler. The manipulation of the argument title leads to improper restriction of rendered ui layers (URL). It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. 2022-06-13 not yet calculated CVE-2017-20041
MISC
MISC git.videolan — ffmpeg
  A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decode_vol_header of the file libavcodec/mpeg4videodec.c. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. 2022-06-18 not yet calculated CVE-2014-125005
MISC
MISC git.videolan — ffmpeg
  A vulnerability has been found in FFmpeg 2.0 and classified as problematic. This vulnerability affects the function decode_hextile of the file libavcodec/vmnc.c. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue. 2022-06-18 not yet calculated CVE-2014-125004
MISC
MISC git.videolan — ffmpeg
  A vulnerability was found in FFmpeg 2.0. It has been rated as problematic. This issue affects the function ff_init_buffer_info of the file utils.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. 2022-06-18 not yet calculated CVE-2014-125016
MISC
MISC git.videolan — ffmpeg
  A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function dnxhd_init_rc of the file libavcodec/dnxhdenc.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. 2022-06-18 not yet calculated CVE-2014-125002
MISC
MISC google — android
  The UE and the EMM communicate with each other using NAS messages. When a new NAS message arrives from the EMM, the modem parses it and fills in internal objects based on the received data. A bug in the parsing code could be used by an attacker to remotely crash the modem, which could lead to DoS or RCE.Product: AndroidVersions: Android SoCAndroid ID: A-228868888 2022-06-15 not yet calculated CVE-2022-20210
MISC google — android
  In hme_add_new_node_to_a_sorted_array of hme_utils.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-207502397 2022-06-15 not yet calculated CVE-2022-20209
MISC google — android
  In parseRecursively of cppbor_parse.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-192743373 2022-06-15 not yet calculated CVE-2022-20208
MISC google — android
  In static definitions of GattServiceConfig.java, there is a possible permission bypass due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-185513714 2022-06-15 not yet calculated CVE-2022-20207
MISC google — android
  In setPackageOrComponentEnabled of NotificationManagerService.java, there is a missing permission check. This could lead to local information disclosure about enabled notification listeners with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-220737634 2022-06-15 not yet calculated CVE-2022-20206
MISC google — android
  In isFileUri of FileUtil.java, there is a possible way to bypass the check for a file:// scheme due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-215212561 2022-06-15 not yet calculated CVE-2022-20205
MISC google — android
  In getUniqueUsagesWithLabels of PermissionUsageHelper.java, there is a possible incorrect permission attribution due to a logic error in the code. This could lead to local escalation of privilege by conflating apps with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-212434116 2022-06-15 not yet calculated CVE-2022-20193
MISC google — android
  In getAppSize of InstalldNativeService.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-220733817 2022-06-15 not yet calculated CVE-2022-20201
MISC google — android
  In registerRemoteBugreportReceivers of DevicePolicyManagerService.java, there is a possible reporting of falsified bug reports due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-171495100 2022-06-15 not yet calculated CVE-2022-20204
MISC google — android
  In ih264_resi_trans_quant_4x4_sse42 of ih264_resi_trans_quant_sse42.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-204704614 2022-06-15 not yet calculated CVE-2022-20202
MISC google — android
  In onCreate of ChooseLockGeneric.java, there is a possible permission bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-222684510 2022-06-15 not yet calculated CVE-2022-20194
MISC google — android
  In updateApState of SoftApManager.java, there is a possible leak of hotspot state due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-212695058 2022-06-15 not yet calculated CVE-2022-20200
MISC google — android
  In llcp_dlc_proc_connect_pdu of llcp_dlc.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure from the NFC stack with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-221851879 2022-06-15 not yet calculated CVE-2022-20198
MISC google — android
  In recycle of Parcel.java, there is a possible way to start foreground activity from background due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-208279300 2022-06-15 not yet calculated CVE-2022-20197
MISC google — android
  In gallery3d and photos, there is a possible permission bypass due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-201535148 2022-06-15 not yet calculated CVE-2022-20196
MISC google — android
  In the keystore library, there is a possible prevention of access to system Settings due to unsafe deserialization. This could lead to local denial of service with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-213172664 2022-06-15 not yet calculated CVE-2022-20195
MISC google — android
  In param_find_digests_internal and related functions of the Titan-M source, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222472803References: N/A 2022-06-15 not yet calculated CVE-2022-20233
MISC google — android
  Product: AndroidVersions: Android kernelAndroid ID: A-207116951References: N/A 2022-06-15 not yet calculated CVE-2022-20173
MISC google — android
  In grantEmbeddedWindowFocus of WindowManagerService.java, there is a possible way to change an input channel for embedded hierarchy due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-215912712 2022-06-15 not yet calculated CVE-2022-20192
MISC google — android
  Product: AndroidVersions: Android kernelAndroid ID: A-209324757References: N/A 2022-06-15 not yet calculated CVE-2022-20191
MISC google — android
  Product: AndroidVersions: Android kernelAndroid ID: A-210594998References: N/A 2022-06-15 not yet calculated CVE-2022-20168
MISC google — android
  Product: AndroidVersions: Android kernelAndroid ID: A-208744915References: N/A 2022-06-15 not yet calculated CVE-2022-20190
MISC google — android
  Product: AndroidVersions: Android kernelAndroid ID: A-207254598References: N/A 2022-06-15 not yet calculated CVE-2022-20188
MISC google — android
  In kbase_mem_alias of mali_kbase_mem_linux.c, there is a possible arbitrary code execution due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-215001024References: N/A 2022-06-15 not yet calculated CVE-2022-20186
MISC google — android
  In TBD of TBD, there is a possible use after free bug. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-208842348References: N/A 2022-06-15 not yet calculated CVE-2022-20185
MISC google — android
  Product: AndroidVersions: Android kernelAndroid ID: A-209153114References: N/A 2022-06-15 not yet calculated CVE-2022-20184
MISC google — android
  In hypx_create_blob_dmabuf of faceauth_hypx.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-188911154References: N/A 2022-06-15 not yet calculated CVE-2022-20183
MISC google — android
  Product: AndroidVersions: Android kernelAndroid ID: A-210936609References: N/A 2022-06-15 not yet calculated CVE-2022-20181
MISC google — android
  In onbind of ShannonRcsService.java, there is a possible access to protect data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-206987222References: N/A 2022-06-15 not yet calculated CVE-2022-20172
MISC google — android
  In ioctl_dpm_qos_update and ioctl_event_control_set of (TBD), there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-224932775References: N/A 2022-06-15 not yet calculated CVE-2022-20178
MISC google — android
  Product: AndroidVersions: Android kernelAndroid ID: A-211162353References: N/A 2022-06-15 not yet calculated CVE-2022-20169
MISC google — android
  In auth_store of sjtag-driver.c, there is a possible read of uninitialized memory due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-197787879References: N/A 2022-06-15 not yet calculated CVE-2022-20176
MISC google — android
  Product: AndroidVersions: Android kernelAndroid ID: A-209252491References: N/A 2022-06-15 not yet calculated CVE-2022-20175
MISC google — android
  In exynos_secEnv_init of mach-gs101.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-210847407References: N/A 2022-06-15 not yet calculated CVE-2022-20174
MISC google — android
  Product: AndroidVersions: Android kernelAndroid ID: A-215565667References: N/A 2022-06-15 not yet calculated CVE-2022-20171
MISC google — android
  Product: AndroidVersions: Android kernelAndroid ID: A-211683760References: N/A 2022-06-15 not yet calculated CVE-2022-20179
MISC google — android
  In multiple locations of the nanopb library, there is a possible way to corrupt memory when decoding untrusted protobuf files. This could lead to local escalation of privilege,with no additional execution privileges needed. User interaction is not needed for exploitation. 2022-06-15 not yet calculated CVE-2022-20203
MISC google — android
  In handle_ramdump of pixel_loader.c, there is a possible way to create a ramdump of non-secure memory due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222348453References: N/A 2022-06-15 not yet calculated CVE-2022-20182
MISC google — android
  Product: AndroidVersions: Android kernelAndroid ID: A-209906686References: N/A 2022-06-15 not yet calculated CVE-2022-20177
MISC google — android
  In registerPhoneAccount of PhoneAccountRegistrar.java, there is a possible way to prevent the user from selecting a phone account due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-217934478 2022-06-15 not yet calculated CVE-2022-20129
MISC google — android
  In setScanMode of AdapterService.java, there is a possible way to enable Bluetooth discovery mode without user interaction due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-203431023 2022-06-15 not yet calculated CVE-2022-20126
MISC google — android
  In ce_t4t_data_cback of ce_t4t.cc, there is a possible out of bounds write due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-221862119 2022-06-15 not yet calculated CVE-2022-20127
MISC google — android
  In multiple functions of AvatarPhotoController.java, there is a possible access to content owned by system content providers due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-187702830 2022-06-15 not yet calculated CVE-2022-20144
MISC google — android
  In deletePackageX of DeletePackageHelper.java, there is a possible way for a Guest user to reset pre-loaded applications for other users due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-170646036 2022-06-15 not yet calculated CVE-2022-20124
MISC google — android
  In nci_proc_rf_management_ntf of nci_hrcv.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-221856662 2022-06-15 not yet calculated CVE-2022-20131
MISC google — android
  In lg_probe and related functions of hid-lg.c and other USB HID files, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure if a malicious USB HID device were plugged in, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-188677105References: Upstream kernel 2022-06-15 not yet calculated CVE-2022-20132
MISC google — android
  In setDiscoverableTimeout of AdapterService.java, there is a possible bypass of user interaction due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-206807679 2022-06-15 not yet calculated CVE-2022-20133
MISC google — android
  In writeToParcel of GateKeeperResponse.java, there is a possible parcel format mismatch. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-220303465 2022-06-15 not yet calculated CVE-2022-20135
MISC google — android
  In addAutomaticZenRule of ZenModeHelper.java, there is a possible permanent denial of service due to resource exhaustion. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-220735360 2022-06-15 not yet calculated CVE-2022-20143
MISC google — android
  In createFromParcel of GeofenceHardwareRequestParcelable.java, there is a possible arbitrary code execution due to parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-216631962 2022-06-15 not yet calculated CVE-2022-20142
MISC google — android
  In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-112551163References: Upstream kernel 2022-06-15 not yet calculated CVE-2022-20141
MISC google — android
  In readArguments of CallSubjectDialog.java, there is a possible way to trick the user to call the wrong phone number due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-218341397 2022-06-15 not yet calculated CVE-2022-20134
MISC google — android
  In ACTION_MANAGED_PROFILE_PROVISIONED of DevicePolicyManagerService.java, there is a possible way for unprivileged app to send MANAGED_PROFILE_PROVISIONED intent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-210469972 2022-06-15 not yet calculated CVE-2022-20138
MISC google — android
  In read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-227618988 2022-06-15 not yet calculated CVE-2022-20140
MISC google — android
  In onCreateContextMenu of NetworkProviderSettings.java, there is a possible way for non-owner users to change WiFi settings due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-206986392 2022-06-15 not yet calculated CVE-2022-20137
MISC google — android
  In TBD of TBD, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-219513976References: Upstream kernel 2022-06-15 not yet calculated CVE-2022-20148
MISC google — android
  In GBoard, there is a possible way to bypass factory reset protections due to a sandbox escape. This could lead to local escalation of privilege if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-194402515 2022-06-15 not yet calculated CVE-2022-20125
MISC google — android
  In transportDec_OutOfBandConfig of tpdec_lib.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-224314979 2022-06-15 not yet calculated CVE-2022-20130
MISC google — android
  In rcu_cblist_dequeue of rcu_segcblist.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222091980References: Upstream kernel 2022-06-15 not yet calculated CVE-2022-20153
MISC google — android
  In uploadFile of FileUploadServiceImpl.java, there is a possible incorrect file access due to a confused deputy. This could lead to local information disclosure of private files with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-211757677References: N/A 2022-06-15 not yet calculated CVE-2022-20146
MISC google — android
  In nfa_dm_check_set_config of nfa_dm_main.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-221216105 2022-06-15 not yet calculated CVE-2022-20147
MISC google — android
  Product: AndroidVersions: Android kernelAndroid ID: A-209421931References: N/A 2022-06-15 not yet calculated CVE-2022-20170
MISC google — android
  In startLegacyVpnPrivileged of Vpn.java, there is a possible way to retrieve VPN credentials due to a protocol downgrade attack. This could lead to remote escalation of privilege if a malicious Wi-Fi AP is used, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-201660636 2022-06-15 not yet calculated CVE-2022-20145
MISC google — android
  Product: AndroidVersions: Android kernelAndroid ID: A-210712565References: N/A 2022-06-15 not yet calculated CVE-2022-20151
MISC google — android
  In the TitanM chip, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-202006198References: N/A 2022-06-15 not yet calculated CVE-2022-20152
MISC google — android
  In phNciNfc_RecvMfResp of phNxpExtns_MifareStd.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-221852424 2022-06-15 not yet calculated CVE-2022-20123
MISC google — android
  In lock_sock_nested of sock.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-174846563References: Upstream kernel 2022-06-15 not yet calculated CVE-2022-20154
MISC google — android
  Product: AndroidVersions: Android kernelAndroid ID: A-211685939References: N/A 2022-06-15 not yet calculated CVE-2022-20149
MISC google — android
  In ipu_core_jqs_msg_transport_kernel_write_sync of ipu-core-jqs-msg-transport.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-176754369References: N/A 2022-06-15 not yet calculated CVE-2022-20155
MISC google — android
  In asn1_ec_pkey_parse of acropora/crypto/asn1_common.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-210971465References: N/A 2022-06-15 not yet calculated CVE-2022-20159
MISC google — android
  Product: AndroidVersions: Android kernelAndroid ID: A-210083655References: N/A 2022-06-15 not yet calculated CVE-2022-20160
MISC google — android
  In asn1_p256_int of crypto/asn1.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-223492713References: N/A 2022-06-15 not yet calculated CVE-2022-20162
MISC google — android
  Product: AndroidVersions: Android kernelAndroid ID: A-204891956References: N/A 2022-06-15 not yet calculated CVE-2022-20164
MISC google — android
  In asn1_parse of asn1.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-220868345References: N/A 2022-06-15 not yet calculated CVE-2022-20165
MISC google — android
  In various methods of kernel base drivers, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-182388481References: Upstream kernel 2022-06-15 not yet calculated CVE-2022-20166
MISC google — android
  Product: AndroidVersions: Android kernelAndroid ID: A-204956204References: N/A 2022-06-15 not yet calculated CVE-2022-20167
MISC google — android
  In unflatten of GraphicBuffer.cpp, there is a possible arbitrary code execution due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-212803946References: N/A 2022-06-15 not yet calculated CVE-2022-20156
MISC google — kctf
  kCTF is a Kubernetes-based infrastructure for capture the flag (CTF) competitions. Prior to version 1.6.0, the kctf cluster set-src-ip-ranges was broken and allowed traffic from any IP. The problem has been patched in v1.6.0. As a workaround, those who want to test challenges privately can mark them as `public: false` and use `kctf chal debug port-forward` to connect. 2022-06-13 not yet calculated CVE-2022-31055
MISC
CONFIRM
MISC got — got
  The got package before 12.1.0 for Node.js allows a redirect to a UNIX socket. 2022-06-18 not yet calculated CVE-2022-33987
MISC
MISC gpac — mp4box
  In GPAC MP4Box v1.1.0, there is a stack buffer overflow at src/utils/error.c:1769 which leads to a denial of service vulnerability. 2022-06-16 not yet calculated CVE-2021-41458
MISC grafana — grafana ** DISPUTED ** Grafana 8.4.3 allows unauthenticated access via (for example) a /dashboard/snapshot/*?orgId=0 URI. NOTE: the vendor considers this a UI bug, not a vulnerability. 2022-06-17 not yet calculated CVE-2022-32276
MISC
MISC haraj — haraj A cross-site scripting vulnerability in the ads comment section of Haraj v3.7 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request. 2022-06-16 not yet calculated CVE-2022-31298
MISC
MISC
MISC haraj — haraj A cross-site scripting vulnerability in the DM Section component of Haraj v3.7 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request. 2022-06-16 not yet calculated CVE-2022-31300
MISC
MISC
MISC haraj — haraj Haraj v3.7 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Post Ads component. 2022-06-16 not yet calculated CVE-2022-31301
MISC
MISC
MISC haraj — haraj
  Haraj v3.7 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the User Upgrade Form. 2022-06-16 not yet calculated CVE-2022-31299
MISC
MISC
MISC harmonyos — bone_voice_id_ta
  The bone voice ID TA has a memory overwrite vulnerability. Successful exploitation of this vulnerability may result in malicious code execution. 2022-06-13 not yet calculated CVE-2021-40036
MISC harmonyos — huawei The setting module has a vulnerability of improper use of APIs. Successful exploitation of this vulnerability may affect data confidentiality. 2022-06-13 not yet calculated CVE-2022-31757
MISC
MISC harmonyos — huawei The kernel module has the race condition vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. 2022-06-13 not yet calculated CVE-2022-31758
MISC
MISC harmonyos — huawei
  The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability. 2022-06-13 not yet calculated CVE-2022-31753
MISC
MISC harmonyos — huawei
  Dialog boxes can still be displayed even if the screen is locked in carrier-customized USSD services. Successful exploitation of this vulnerability may affect data integrity and confidentiality. 2022-06-13 not yet calculated CVE-2022-31760
MISC
MISC harmonyos — permission_management
  HwSEServiceAPP has a vulnerability in permission management. Successful exploitation of this vulnerability may cause disclosure of the Card Production Life Cycle (CPLC) information. 2022-06-13 not yet calculated CVE-2021-46811
MISC
MISC hevc — video_extensions
  HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22018, CVE-2022-29111, CVE-2022-29119. 2022-06-15 not yet calculated CVE-2022-30188
MISC hpjansson — chafa
  Heap-based Buffer Overflow in GitHub repository hpjansson/chafa prior to 1.12.0. 2022-06-13 not yet calculated CVE-2022-2061
MISC
CONFIRM huawei — emui
  Vulnerability of residual files not being deleted after an update in the ChinaDRM module. Successful exploitation of this vulnerability may affect availability. 2022-06-13 not yet calculated CVE-2021-46813
MISC ibm — financial_transaction_manager_for_digital_payments_for_multi-platform
  IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.9 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 166801. 2022-06-15 not yet calculated CVE-2019-4575
XF
CONFIRM ibm — iax
  IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a local user to exploit a vulnerability in the lpd daemon to cause a denial of service. IBM X-Force ID: 224444. 2022-06-15 not yet calculated CVE-2022-22444
CONFIRM
XF ibm — spectrum_project_operations_center In some cases, an unsuccessful attempt to log into IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.14.000 does not cause the administrator’s invalid sign-on count to be incremented on the IBM Spectrum Protect Server. An attacker could exploit this vulnerability using brute force techniques to gain unauthorized administrative access to the IBM Spectrum Protect Server. IBM X-Force ID: 226325. 2022-06-17 not yet calculated CVE-2022-22485
XF
CONFIRM ibm — x-force_exchange
  The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the get_word_rgb_row function in rdppm.c. 2022-06-18 not yet calculated CVE-2021-46822
MISC
MISC ibm — robotic_process_automation IBM Robotic Process Automation 20.10.0, 20.12.5, 21.0.0, 21.0.1, and 21.0.2 contains a vulnerability that could allow a user to obtain sensitive information due to information properly masked in the control center UI. IBM X-Force ID: 227294. 2022-06-17 not yet calculated CVE-2022-30607
CONFIRM
XF imagemagick — imagemagick A vulnerability was found in ImageMagick, causing an outside the range of representable values of type ‘unsigned char’ at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior. 2022-06-16 not yet calculated CVE-2022-32545
MISC
MISC
MISC imagemagick — imagemagick A vulnerability was found in ImageMagick, causing an outside the range of representable values of type ‘unsigned long’ at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior. 2022-06-16 not yet calculated CVE-2022-32546
MISC
MISC
MISC imagemagick — imagemagick
  In ImageMagick, there is load of misaligned address for type ‘double’, which requires 8 byte alignment and for type ‘float’, which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior. 2022-06-16 not yet calculated CVE-2022-32547
MISC
MISC
MISC innosetup — installer
  A vulnerability was found in InnoSetup Installer. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to uncontrolled search path. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. 2022-06-16 not yet calculated CVE-2017-20051
MISC
MISC intel — processors
  Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. 2022-06-15 not yet calculated CVE-2022-21125
MISC
MLIST
CONFIRM
FEDORA
FEDORA intel — processors
  Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. 2022-06-15 not yet calculated CVE-2022-21123
MISC
MLIST
FEDORA
FEDORA intel — processors
  Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. 2022-06-15 not yet calculated CVE-2022-21166
MISC
MLIST
FEDORA
FEDORA intel — processors
  Improper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of service via local access. 2022-06-15 not yet calculated CVE-2022-21180
MISC
MLIST intel — processors
  Observable behavioral in power management throttling for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via network access. 2022-06-15 not yet calculated CVE-2022-24436
MISC intel — processors
  Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. 2022-06-15 not yet calculated CVE-2022-21127
MISC
MLIST inventree — inventree
  Cross-site Scripting (XSS) – Stored in GitHub repository inventree/inventree prior to 0.7.2. 2022-06-17 not yet calculated CVE-2022-2113
MISC
CONFIRM inventree — inventree
  Unrestricted Upload of File with Dangerous Type in GitHub repository inventree/inventree prior to 0.7.2. 2022-06-17 not yet calculated CVE-2022-2111
MISC
CONFIRM inventree — inventree
  Improper Neutralization of Formula Elements in a CSV File in GitHub repository inventree/inventree prior to 0.7.2. 2022-06-17 not yet calculated CVE-2022-2112
MISC
CONFIRM invision_community — ips_community_suite
  A Server-Side Request Forgery (SSRF) vulnerability in IPS Community Suite before 4.6.2 allows remote authenticated users to request arbitrary URLs or trigger deserialization via phar protocol when generating class names dynamically. In some cases an exploitation is possible by an unauthenticated user. 2022-06-13 not yet calculated CVE-2021-40604
MISC iobit — iotransfer In IOBit IOTransfer 4.3.1.1561, an unauthenticated attacker can send GET and POST requests to Airserv and gain arbitrary read/write access to the entire file-system (with admin privileges) on the victim’s endpoint, which can result in data theft and remote code execution. 2022-06-16 not yet calculated CVE-2022-24562
MISC
MISC
MISC itop — itops
  ITOP v3.0.1 was discovered to contain a cross-site scripting (XSS) vulnerability via /itop/pages/ajax.render.php. 2022-06-14 not yet calculated CVE-2022-31403
MISC
MISC
MISC itsourcecode — advanced_school_management_system itsourcecode Advanced School Management System v1.0 is vulnerable to Arbitrary code execution via ip/school/view/all_teacher.php. 2022-06-15 not yet calculated CVE-2022-32433
MISC itsourcecode — advanced_school_management_system itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_events.php?event_id=. 2022-06-15 not yet calculated CVE-2022-32376
MISC itsourcecode — advanced_school_management_system itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_student_subject.php?index=. 2022-06-15 not yet calculated CVE-2022-32380
MISC itsourcecode — advanced_school_management_system itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_parents_profile.php?my_index=. 2022-06-15 not yet calculated CVE-2022-32379
MISC itsourcecode — advanced_school_management_system itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_teacher_profile.php?my_index=. 2022-06-15 not yet calculated CVE-2022-32378
MISC itsourcecode — advanced_school_management_system itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_exam_timetable.php?id=. 2022-06-15 not yet calculated CVE-2022-32377
MISC itsourcecode — advanced_school_management_system itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_subject.php?id=. 2022-06-15 not yet calculated CVE-2022-32372
MISC itsourcecode — advanced_school_management_system itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_admin_profile.php?my_index=. 2022-06-15 not yet calculated CVE-2022-32381
MISC itsourcecode — advanced_school_management_system itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_timetable.php?id=. 2022-06-15 not yet calculated CVE-2022-32375
MISC itsourcecode — advanced_school_management_system itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_subject_routing.php?id=. 2022-06-15 not yet calculated CVE-2022-32374
MISC itsourcecode — advanced_school_management_system itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_exam.php?id=. 2022-06-15 not yet calculated CVE-2022-32373
MISC itsourcecode — advanced_school_management_system itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_teacher.php?id=. 2022-06-15 not yet calculated CVE-2022-32371
MISC itsourcecode — advanced_school_management_system itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_classroom.php?id=. 2022-06-15 not yet calculated CVE-2022-32370
MISC itsourcecode — advanced_school_management_system itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_grade.php?id=. 2022-06-15 not yet calculated CVE-2022-32368
MISC javadelight — delight_nashorn_sandox
  An issue was discovered in Delight Nashorn Sandbox 0.2.0. There is an ReDoS vulnerability that can be exploited to launching a denial of service (DoS) attack. 2022-06-14 not yet calculated CVE-2021-40660
MISC jforum — jforum
  JForum v2.8.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via http://target_host:port/jforum-2.8.0/jforum.page, which allows attackers to arbitrarily add admin accounts. 2022-06-16 not yet calculated CVE-2022-26173
MISC
MISC
MISC
MISC
MISC joplin — desktop_app Cross Site Scripting (XSS) vulnerability in Joplin Desktop App before 1.8.5 allows attackers to execute aribrary code due to improper sanitizing of html. 2022-06-16 not yet calculated CVE-2021-33295
MISC
MISC
MISC jupyter — notebook
  Jupyter Notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.12, authenticated requests to the notebook server with `ContentsManager.allow_hidden = False` only prevented listing the contents of hidden directories, not accessing individual hidden files or files in hidden directories (i.e. hidden files were ‘hidden’ but not ‘inaccessible’). This could lead to notebook configurations allowing authenticated access to files that may reasonably be expected to be disallowed. Because fully authenticated requests are required, this is of relatively low impact. But if a server’s root directory contains sensitive files whose only protection from the server is being hidden (e.g. `~/.ssh` while serving $HOME), then any authenticated requests could access files if their names are guessable. Such contexts also necessarily have full access to the server and therefore execution permissions, which also generally grants access to all the same files. So this does not generally result in any privilege escalation or increase in information access, only an additional, unintended means by which the files could be accessed. Version 6.4.12 contains a patch for this issue. There are currently no known workarounds. 2022-06-14 not yet calculated CVE-2022-29238
CONFIRM jupyter — server
  Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints) for Jupyter web applications like Jupyter Notebook. Prior to version 1.17.1, if notebook server is started with a value of `root_dir` that contains the starting user’s home directory, then the underlying REST API can be used to leak the access token assigned at start time by guessing/brute forcing the PID of the jupyter server. While this requires an authenticated user session, this URL can be used from a cross-site scripting payload or from a hooked or otherwise compromised browser to leak this access token to a malicious third party. This token can be used along with the REST API to interact with Jupyter services/notebooks such as modifying or overwriting critical files, such as .bashrc or .ssh/authorized_keys, allowing a malicious user to read potentially sensitive data and possibly gain control of the impacted system. This issue is patched in version 1.17.1. 2022-06-14 not yet calculated CVE-2022-29241
CONFIRM jvn — ec-cube4
  Cross-site request forgery (CSRF) vulnerability in Easy Blog for EC-CUBE4 Ver.1.0.1 and earlier allows a remote unauthenticated attacker to hijack the authentication of the administrator and delete a blog article or a category via a specially crafted page. 2022-06-13 not yet calculated CVE-2022-27174
MISC
MISC jvn — revoworks
  Incomplete filtering of special elements vulnerability exists in RevoWorks SCVX using ‘File Sanitization Library’ 1.043 and prior versions, RevoWorks Browser 2.2.67 and prior versions (when using ‘File Sanitization Option’), and RevoWorks Desktop 2.1.84 and prior versions (when using ‘File Sanitization Option’), which may allow an attacker to execute a malicious macro by having a user to download, import, and open a specially crafted file in the local environment. 2022-06-14 not yet calculated CVE-2022-27176
MISC
MISC jvn — t&d_data_server
  Directory traversal vulnerability in T&D Data Server (Japanese Edition) Ver.2.22 and earlier, T&D Data Server (English Edition) Ver.2.30 and earlier, THERMO RECORDER DATA SERVER (Japanese Edition) Ver.2.13 and earlier, and THERMO RECORDER DATA SERVER (English Edition) Ver.2.13 and earlier allows a remote attacker to view an arbitrary file on the server via unspecified vectors. 2022-06-14 not yet calculated CVE-2022-29509
MISC
MISC
MISC kiegroup — drools
  drools <=7.59.x is affected by an XML External Entity (XXE) vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability. 2022-06-16 not yet calculated CVE-2021-41411
MISC kreado — kreasfero
  Kreado Kreasfero 1.5 does not properly sanitize uploaded files to the media directory. One can upload a malicious PHP file and obtain remote code execution. 2022-06-14 not yet calculated CVE-2021-42675
MISC
MISC
MISC kromitgmbh — titra
  Weak Password Requirements in GitHub repository kromitgmbh/titra prior to 0.78.1. 2022-06-16 not yet calculated CVE-2022-2098
MISC
CONFIRM linux — linux_kernel
  drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function. 2022-06-18 not yet calculated CVE-2022-33981
MISC
MISC
MISC
MISC linux — linux_kernel
  An issue was discovered in the Linux kernel through 5.18.3 on powerpc 32-bit platforms. There is a buffer overflow in ptrace PEEKUSER and POKEUSER (aka PEEKUSR and POKEUSR) when accessing floating point registers. 2022-06-10 not yet calculated CVE-2022-32981
MISC
MLIST magicpin — magicpin An XML external entity (XXE) injection vulnerability in Magicpin v3.4 allows attackers to access sensitive database information via a crafted SVG file. 2022-06-14 not yet calculated CVE-2022-31447
MISC
MISC maianaffiliate — maianaffiliate A PHP code injection vulnerability in MaianAffiliate v.1.0 allows an authenticated attacker to gain RCE through the MaianAffiliate admin panel. 2022-06-16 not yet calculated CVE-2021-41421
MISC
MISC maianaffiliate — maianaffiliate
  A stored XSS vulnerability in MaianAffiliate v.1.0 allows an authenticated attacker for arbitrary JavaScript code execution in the context of authenticated and unauthenticated users through the MaianAffiliate admin panel. 2022-06-16 not yet calculated CVE-2021-41420
MISC
MISC mendix — saml_module A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions < V1.16.6), Mendix SAML Module (Mendix 8 compatible) (All versions < V2.2.2), Mendix SAML Module (Mendix 9 compatible) (All versions < V3.2.3). In certain configurations SAML module is vulnerable to Cross Site Scripting (XSS) attacks due to insufficient error message sanitation. This could allow an attacker to execute malicious code by tricking users into accessing a malicious link. 2022-06-14 not yet calculated CVE-2022-32286
MISC mendix — saml_module
  A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions < V1.16.6), Mendix SAML Module (Mendix 8 compatible) (All versions < V2.2.2), Mendix SAML Module (Mendix 9 compatible) (All versions < V3.2.3). The affected module is vulnerable to XML External Entity (XXE) attacks due to insufficient input sanitation. This may allow an attacker to disclose confidential data under certain circumstances. 2022-06-14 not yet calculated CVE-2022-32285
MISC mercury — mipc451-4
  MERCURY MIPC451-4 1.0.22 Build 220105 Rel.55642n was discovered to contain a remote code execution (RCE) vulnerability which is exploitable via a crafted POST request. 2022-06-16 not yet calculated CVE-2022-31849
MISC metasys — ads_adx_oas
  Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the MUI Graphics web interface. 2022-06-15 not yet calculated CVE-2022-21938
CONFIRM
CERT metasys — ads_adx_oas
  A vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 allows unverified password change. 2022-06-15 not yet calculated CVE-2022-21935
CONFIRM
CERT metasys — ads_adx_oas
  Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the web interface. 2022-06-15 not yet calculated CVE-2022-21937
CONFIRM
CERT microsoft — av1_vide_extension AV1 Video Extension Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30193. 2022-06-15 not yet calculated CVE-2022-30167
MISC microsoft — azure Azure Service Fabric Container Elevation of Privilege Vulnerability. 2022-06-15 not yet calculated CVE-2022-30137
MISC microsoft — azure Azure RTOS GUIX Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30177, CVE-2022-30179. 2022-06-15 not yet calculated CVE-2022-30178
MISC microsoft — azure Azure RTOS GUIX Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30177, CVE-2022-30178. 2022-06-15 not yet calculated CVE-2022-30179
MISC microsoft — azure Azure RTOS GUIX Studio Information Disclosure Vulnerability. 2022-06-15 not yet calculated CVE-2022-30180
MISC microsoft — azure
  Azure RTOS GUIX Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30178, CVE-2022-30179. 2022-06-15 not yet calculated CVE-2022-30177
MISC microsoft — azure
  Azure Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability. 2022-06-15 not yet calculated CVE-2022-29149
MISC microsoft — excel
  Microsoft Excel Remote Code Execution Vulnerability. 2022-06-15 not yet calculated CVE-2022-30173
MISC microsoft — hevc_video_extensions
  HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22018, CVE-2022-29111, CVE-2022-30188. 2022-06-15 not yet calculated CVE-2022-29119
MISC microsoft — hevc_video_extensions
  HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-29111, CVE-2022-29119, CVE-2022-30188. 2022-06-15 not yet calculated CVE-2022-22018
MISC microsoft — hevc_video_extensions
  HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22018, CVE-2022-29119, CVE-2022-30188. 2022-06-15 not yet calculated CVE-2022-29111
MISC microsoft — kerberos
  Kerberos AppContainer Security Feature Bypass Vulnerability. 2022-06-15 not yet calculated CVE-2022-30164
MISC microsoft — office Microsoft Office Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30159, CVE-2022-30171. 2022-06-15 not yet calculated CVE-2022-30172
MISC microsoft — office
  Microsoft Office Remote Code Execution Vulnerability. 2022-06-15 not yet calculated CVE-2022-30174
MISC microsoft — office
  Microsoft Office Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30159, CVE-2022-30172. 2022-06-15 not yet calculated CVE-2022-30171
MISC microsoft — photos
  Microsoft Photos App Remote Code Execution Vulnerability. 2022-06-15 not yet calculated CVE-2022-30168
MISC microsoft — sql_server
  Microsoft SQL Server Remote Code Execution Vulnerability. 2022-06-15 not yet calculated CVE-2022-29143
MISC microsoft — windows Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability. 2022-06-15 not yet calculated CVE-2022-30131
MISC microsoft — windows Windows Media Center Elevation of Privilege Vulnerability. 2022-06-15 not yet calculated CVE-2022-30135
MISC microsoft — windows Windows Container Manager Service Elevation of Privilege Vulnerability. 2022-06-15 not yet calculated CVE-2022-30132
MISC microsoft — windows
  Local Security Authority Subsystem Service Elevation of Privilege Vulnerability. 2022-06-15 not yet calculated CVE-2022-30166
MISC microsoft– edge
  Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. 2022-06-15 not yet calculated CVE-2022-22021
MISC microsoft — file_server Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability. 2022-06-15 not yet calculated CVE-2022-30154
MISC microsoft — office
  Microsoft Office Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30171, CVE-2022-30172. 2022-06-15 not yet calculated CVE-2022-30159
MISC microsoft — office365
  A vulnerability was found in Microsoft O365 and classified as critical. This issue affects the Conditional Access Policy which leads to improper access controls. By default the policy is not verified for every request. The attack may be initiated remotely. Exploit details have been disclosed to the public. It is recommended to change the configuration settings. NOTE: Vendor claims that pre-requisites are very high, the feature works as intended, and that configuration settings might mitigate the issue. 2022-06-14 not yet calculated CVE-2022-2077
N/A
N/A
N/A
N/A microsoft — office365
  ** DISPUTED ** A vulnerability has been found in Microsoft O365 and classified as critical. The session cookies introduce a session expiration issue as they might be used by two clients at the same time. The attack can be initiated remotely. Exploit details have been disclosed to the public. The real-world consequences of this vulnerability are still doubted at the moment. It is recommended to change the configuration settings. NOTE: Vendor claims that pre-requisites are very high, the feature works as intended, and that configuration settings might mitigate the issue. 2022-06-14 not yet calculated CVE-2022-2076
N/A
N/A
N/A
N/A microsoft — sharepoint
  Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30157. 2022-06-15 not yet calculated CVE-2022-30158
MISC microsoft — sharepoint
  Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30158. 2022-06-15 not yet calculated CVE-2022-30157
MISC microsoft — windows Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30161. 2022-06-15 not yet calculated CVE-2022-30153
MISC microsoft — windows Windows Kernel Denial of Service Vulnerability. 2022-06-15 not yet calculated CVE-2022-30155
MISC microsoft — windows Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. 2022-06-15 not yet calculated CVE-2022-30160
MISC microsoft — windows
  Windows File History Remote Code Execution Vulnerability. 2022-06-15 not yet calculated CVE-2022-30142
MISC microsoft — windows
  Windows Defender Remote Credential Guard Elevation of Privilege Vulnerability. 2022-06-15 not yet calculated CVE-2022-30150
MISC microsoft — windows
  Windows Desired State Configuration (DSC) Information Disclosure Vulnerability. 2022-06-15 not yet calculated CVE-2022-30148
MISC microsoft — windows
  Windows Installer Elevation of Privilege Vulnerability. 2022-06-15 not yet calculated CVE-2022-30147
MISC microsoft — windows
  Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161. 2022-06-15 not yet calculated CVE-2022-30143
MISC microsoft — windows
  Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161. 2022-06-15 not yet calculated CVE-2022-30146
MISC microsoft — windows
  Windows Encrypting File System (EFS) Remote Code Execution Vulnerability. 2022-06-15 not yet calculated CVE-2022-30145
MISC microsoft — windows
  Windows Network Address Translation (NAT) Denial of Service Vulnerability. 2022-06-15 not yet calculated CVE-2022-30152
MISC microsoft — windows
  Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161. 2022-06-15 not yet calculated CVE-2022-30141
MISC microsoft — windows
  Windows Hyper-V Remote Code Execution Vulnerability. 2022-06-15 not yet calculated CVE-2022-30163
MISC microsoft — windows
  Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability. 2022-06-15 not yet calculated CVE-2022-30151
MISC microsoft — windows
  Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161. 2022-06-15 not yet calculated CVE-2022-30139
MISC microsoft — windows
  Windows Kerberos Elevation of Privilege Vulnerability. 2022-06-15 not yet calculated CVE-2022-30165
MISC microsoft — windows
  Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30153, CVE-2022-30161. 2022-06-15 not yet calculated CVE-2022-30149
MISC microsoft — windows
  Windows Kernel Information Disclosure Vulnerability. 2022-06-15 not yet calculated CVE-2022-30162
MISC microsoft — windows
  Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153. 2022-06-15 not yet calculated CVE-2022-30161
MISC microsoft — windows
  Windows iSCSI Discovery Service Remote Code Execution Vulnerability. 2022-06-15 not yet calculated CVE-2022-30140
MISC microsoft — windows
  Windows Network File System Remote Code Execution Vulnerability. 2022-06-15 not yet calculated CVE-2022-30136
MISC microsoft — windows_smbv3
  Microsoft Windows SMBv3 suffers from a null pointer dereference in versions of Windows prior to the April, 2022 patch set. By sending a malformed FileNormalizedNameInformation SMBv3 request over a named pipe, an attacker can cause a Blue Screen of Death (BSOD) crash of the Windows kernel. For most systems, this attack requires authentication, except in the special case of Windows Domain Controllers, where unauthenticated users can always open named pipes as long as they can establish an SMB session. Typically, after the BSOD, the victim SMBv3 server will reboot. 2022-06-14 not yet calculated CVE-2022-32230
CONFIRM
MISC
MISC
MISC mini_cms — mini_cns
  A cross-site scripting (XSS) vulnerability exists in Mini CMS V1.11. The vulnerability exists in the article upload: post-edit.php page. 2022-06-13 not yet calculated CVE-2021-41663
MISC
MISC
MISC mint — workbench
  Vulnerabilities in the Mint WorkBench allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Mint WorkBench installer file allows a low-privileged user to run a “repair” operation on the product 2022-06-15 not yet calculated CVE-2022-26057
MISC mitel — mivoice_business
  A vulnerability in the management interface of MiVoice Business through 9.3 PR1 and MiVoice Business Express through 8.0 SP3 PR3 could allow an unauthenticated attacker (that has network access to the management interface) to conduct a buffer overflow attack due to insufficient validation of URL parameters. A successful exploit could allow arbitrary code execution. 2022-06-17 not yet calculated CVE-2022-31784
MISC
MISC mitsubishi_electric — melsec-Q
  Improper Resource Locking vulnerability in Mitsubishi Electric MELSEC-Q Series Q03UDECPU all versions, Mitsubishi Electric MELSEC-Q Series Q04/06/10/13/20/26/50/100UDEHCPU all versions, Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU the first 5 digits of serial number “24051” and prior, Mitsubishi Electric MELSEC-Q Series Q04/06/13/26UDPVCPU the first 5 digits of serial number “24051” and prior, Mitsubishi Electric MELSEC-L series L02/06/26CPU(-P) the first 5 digits of serial number “24051” and prior and Mitsubishi Electric MELSEC-L series L26CPU-(P)BT the first 5 digits of serial number “24051” and prior allows a remote unauthenticated attacker to cause a denial of service (DoS) condition in Ethernet communications by sending specially crafted packets. A system reset of the products is required for recovery. 2022-06-15 not yet calculated CVE-2022-24946
MISC
MISC modern_events_calendar — lite Cross-site scripting vulnerability in Modern Events Calendar Lite versions prior to 6.3.0 allows remote an authenticated attacker to inject an arbitrary script via unspecified vectors. 2022-06-16 not yet calculated CVE-2022-30533
MISC
MISC monstra — monstra_cms Monstra 3.0.4 does not filter the case of php, which leads to an unrestricted file upload vulnerability. 2022-06-15 not yet calculated CVE-2021-40940
MISC mout — mout
  This affects all versions of package mout. The deepFillIn function can be used to ‘fill missing properties recursively’, while the deepMixIn mixes objects into the target object, recursively mixing existing child objects as well. In both cases, the key used to access the target object recursively is not checked, leading to exploiting this vulnerability. **Note:** This vulnerability derives from an incomplete fix of [CVE-2020-7792](https://security.snyk.io/vuln/SNYK-JS-MOUT-1014544). 2022-06-17 not yet calculated CVE-2022-21213
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM naver — cloud_explorer Naver Cloud Explorer Beta allows the attacker to execute arbitrary code as System privilege via malicious DLL injection. 2022-06-13 not yet calculated CVE-2022-24077
CONFIRM neorazorx — facturascripts
  Cross-site Scripting (XSS) – Stored in GitHub repository neorazorx/facturascripts prior to 2022.06. 2022-06-13 not yet calculated CVE-2022-2065
MISC
CONFIRM neorazorx — facturascripts
  Cross-site Scripting (XSS) – Reflected in GitHub repository neorazorx/facturascripts prior to 2022.06. 2022-06-13 not yet calculated CVE-2022-2066
MISC
CONFIRM netgear — wnap320_router netgear wnap320 router WNAP320_V2.0.3_firmware is vulnerable to Incorrect Access Control via /recreate.php, which can leak all users cookies. 2022-06-17 not yet calculated CVE-2022-31876
MISC
MISC nocodb — ncodb Cross-site Scripting (XSS) – Stored in GitHub repository nocodb/nocodb prior to 0.91.7+. 2022-06-14 not yet calculated CVE-2022-2079
MISC
CONFIRM nocodb — nocodb
  Insufficient Session Expiration in GitHub repository nocodb/nocodb prior to 0.91.7+. 2022-06-13 not yet calculated CVE-2022-2064
MISC
CONFIRM nocodb — nocodb
  Improper Privilege Management in GitHub repository nocodb/nocodb prior to 0.91.7+. 2022-06-13 not yet calculated CVE-2022-2063
MISC
CONFIRM nokia — bharti_airtel_routers
  Nokia “G-2425G-A” Bharti Airtel Routers Hardware version “3FE48299DEAA” Software Version “3FE49362IJHK42” is vulnerable to Cross-Site Scripting (XSS) via the admin->Maintenance>Device Management. 2022-06-14 not yet calculated CVE-2022-30903
MISC
MISC nokia — vitalsuite_spm
  NOKIA VitalSuite SPM 2020 is affected by SQL injection through UserName’. 2022-06-16 not yet calculated CVE-2021-41487
MISC
MISC npm — pack
  npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace or with a workspace flag (ie. `–workspaces`, `–workspace=<name>`). Anyone who has run `npm pack` or `npm publish` inside a workspace, as of v7.9.0 and v7.13.0 respectively, may be affected and have published files into the npm registry they did not intend to include. Users should upgrade to the latest, patched version of npm v8.11.0, run: npm i -g npm@latest . Node.js versions v16.15.1, v17.19.1, and v18.3.0 include the patched v8.11.0 version of npm. 2022-06-13 not yet calculated CVE-2022-29244
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC npm — pg-native
  All versions of package pg-native; all versions of package libpq are vulnerable to Denial of Service (DoS) when the addons attempt to cast the second argument to an array and fail. This happens for every non-array argument passed. **Note:** pg-native is a mere binding to npm’s libpq library, which in turn has the addons and bindings to the actual C libpq library. This means that problems found in pg-native may transitively impact npm’s libpq. 2022-06-17 not yet calculated CVE-2022-25852
CONFIRM
CONFIRM npm — querymen
  All versions of package querymen are vulnerable to Prototype Pollution if the parameters of exported function handler(type, name, fn) can be controlled by users without any sanitization. Note: This vulnerability derives from an incomplete fix of [CVE-2020-7600](https://security.snyk.io/vuln/SNYK-JS-QUERYMEN-559867). 2022-06-17 not yet calculated CVE-2022-25871
CONFIRM nuitka — nuitka
  Command Injection in GitHub repository nuitka/nuitka prior to 0.9. 2022-06-12 not yet calculated CVE-2022-2054
CONFIRM
MISC octokit — octokit
  Octokit is a Ruby toolkit for the GitHub API. Versions 4.23.0 and 4.24.0 of the octokit gem were published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to `-rw-rw-rw-` (i.e. 0666) instead of `rw-r–r–` (i.e. 0644). This means everyone who is not the owner (Group and Public) with access to the instance where this release had been installed could modify the world-writable files from this gem. This issue is patched in Octokit 4.25.0. Two workarounds are available. Users can use the previous version of the gem, v4.22.0. Alternatively, users can modify the file permissions manually until they are able to upgrade to the latest version. 2022-06-15 not yet calculated CVE-2022-31072
MISC
CONFIRM octokit — octopoller
  Octopoller is a micro gem for polling and retrying. Version 0.2.0 of the octopoller gem was published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to `-rw-rw-rw-` (i.e. 0666) instead of `rw-r–r–` (i.e. 0644). This means everyone who is not the owner (Group and Public) with access to the instance where this release had been installed could modify the world-writable files from this gem. This issue is patched in Octopoller 0.3.0. Two workarounds are available. Users can use the previous version of the gem, v0.1.0. Alternatively, users can modify the file permissions manually until they are able to upgrade to the latest version. 2022-06-15 not yet calculated CVE-2022-31071
CONFIRM
MISC ompl — opml
  Memory leaks in LazyPRM.cpp of OMPL v1.5.0 can cause unexpected behavior. 2022-06-17 not yet calculated CVE-2021-41490
MISC online_tours_and_travels_management_system — online_tours_and_travels_management_system Online Tours And Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the tname parameter at /admin/operations/tax.php. 2022-06-15 not yet calculated CVE-2022-32992
MISC opc_foundation — opc_ua_net_standard_stack
  OPC UA .NET Standard Stack 1.04.368 allows a remote attacker to exhaust the memory resources of a server via a crafted request that triggers Uncontrolled Resource Consumption. 2022-06-16 not yet calculated CVE-2022-29866
MISC
MISC opc_foundation — opc_ua_net_standard_stack
  OPC UA .NET Standard Stack allows a remote attacker to bypass the application authentication check via crafted fake credentials. 2022-06-16 not yet calculated CVE-2022-29865
MISC
MISC opc_foundation — opc_ua_net_standard_stack
  OPC UA .NET Standard Stack 1.04.368 allows a remote attacker to cause a server to crash via a large number of messages that trigger Uncontrolled Resource Consumption. 2022-06-16 not yet calculated CVE-2022-29864
MISC
MISC opc_foundation — opc_ua_net_standard_stack
  OPC UA .NET Standard Stack 1.04.368 allows remote attacker to cause a crash via a crafted message that triggers excessive memory allocation. 2022-06-16 not yet calculated CVE-2022-29863
MISC
MISC opc_foundation — opc_ua_net_standard_stack
  An infinite loop in OPC UA .NET Standard Stack 1.04.368 allows a remote attackers to cause the application to hang via a crafted message. 2022-06-16 not yet calculated CVE-2022-29862
MISC
MISC open_forms — open_forms
  Open Forms is an application for creating and publishing smart forms. Prior to versions 1.0.9 and 1.1.1, the cookie consent page in Open Forms contains an open redirect by injecting a `referer` querystring parameter and failing to validate the value. A malicious actor is able to redirect users to a website under their control, opening them up for phishing attacks. The redirect is initiated by the open forms backend which is a legimate page, making it less obvious to end users they are being redirected to a malicious website. Versions 1.0.9 and 1.1.1 contain patches for this issue. There are no known workarounds avaialble. 2022-06-13 not yet calculated CVE-2022-31040
MISC
CONFIRM open_forms — open_forms
  Open Forms is an application for creating and publishing smart forms. Open Forms supports file uploads as one of the form field types. These fields can be configured to allow only certain file extensions to be uploaded by end users (e.g. only PDF / Excel / …). The input validation of uploaded files is insufficient in versions prior to 1.0.9 and 1.1.1. Users could alter or strip file extensions to bypass this validation. This results in files being uploaded to the server that are of a different file type than indicated by the file name extension. These files may be downloaded (manually or automatically) by staff and/or other applications for further processing. Malicious files can therefore find their way into internal/trusted networks. Versions 1.0.9 and 1.1.1 contain patches for this issue. As a workaround, an API gateway or intrusion detection solution in front of open-forms may be able to scan for and block malicious content before it reaches the Open Forms application. 2022-06-13 not yet calculated CVE-2022-31041
CONFIRM
MISC oracle — cloud_infrastructure
  Vulnerability in the Oracle Cloud Infrastructure product of Oracle Cloud Services. Easily exploitable vulnerability allows high privileged attacker with network access to compromise Oracle Cloud Infrastructure. Successful attacks of this vulnerability can result in unauthorized access to Oracle Cloud Infrastructure accessible data. All affected customers were notified of CVE-2022-21503 by Oracle. CVSS 3.1 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N) 2022-06-17 not yet calculated CVE-2022-21503
MISC oracle — linux_uek
  The code in UEK6 U3 was missing an appropiate file descriptor count to be missing. This resulted in a use count error that allowed a file descriptor to a socket to be closed and freed while it was still in use by another portion of the kernel. An attack with local access can operate on the socket, and cause a denial of service. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). 2022-06-14 not yet calculated CVE-2022-21504
MISC otrs — otrs Attacker is able to determine if the provided username exists (and it’s valid) using Request New Password feature, based on the response time. 2022-06-13 not yet calculated CVE-2022-32741
CONFIRM otrs — otrs When Secure::DisableBanner system configuration has been disabled and agent shares his calendar via public URL, received ICS file contains OTRS release number. 2022-06-13 not yet calculated CVE-2022-32739
CONFIRM otrs — otrs A reply to a forwarded email article by a 3rd party could unintensionally expose the email content to the ticket customer under certain circumstances. 2022-06-13 not yet calculated CVE-2022-32740
CONFIRM palantir — multipass
  The Multipass service was found to have code paths that could be abused to cause a denial of service for authentication or authorization operations. A malicious attacker could perform an application-level denial of service attack, potentially causing authentication and/or authorization operations to fail for the duration of the attack. This could lead to performance degradation or login failures for customer Palantir Foundry environments. This vulnerability is resolved in Multipass 3.647.0. This issue affects: Palantir Foundry Multipass versions prior to 3.647.0. 2022-06-14 not yet calculated CVE-2022-27889
MISC parse_community — parse_server
  Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 4.10.11 and 5.2.2, the certificate in the Parse Server Apple Game Center auth adapter not validated. As a result, authentication could potentially be bypassed by making a fake certificate accessible via certain Apple domains and providing the URL to that certificate in an authData object. Versions 4.0.11 and 5.2.2 prevent this by introducing a new `rootCertificateUrl` property to the Parse Server Apple Game Center auth adapter which takes the URL to the root certificate of Apple’s Game Center authentication certificate. If no value is set, the `rootCertificateUrl` property defaults to the URL of the current root certificate as of May 27, 2022. Keep in mind that the root certificate can change at any time and that it is the developer’s responsibility to keep the root certificate URL up-to-date when using the Parse Server Apple Game Center auth adapter. There are no known workarounds for this issue. 2022-06-17 not yet calculated CVE-2022-31083
MISC
CONFIRM
MISC
MISC peel — shopping_cms
  PEEL Shopping CMS 9.4.0 is vulnerable to authenticated SQL injection in utilisateurs.php. A user that belongs to the administrator group can inject a malicious SQL query in order to affect the execution logic of the application and retrive information from the database. 2022-06-15 not yet calculated CVE-2021-41672
MISC
MISC phpcms — phpcms There is a reflective cross-site scripting (XSS) vulnerability in the PHPCMS V9.6.3 management side. 2022-06-15 not yet calculated CVE-2021-40910
MISC php — fedora
  In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service. 2022-06-16 not yet calculated CVE-2022-31625
MISC
FEDORA
FEDORA php — fedora
  In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when pdo_mysql extension with mysqlnd driver, if the third party is allowed to supply host to connect to and the password for the connection, password of excessive length can trigger a buffer overflow in PHP, which can lead to a remote code execution vulnerability. 2022-06-16 not yet calculated CVE-2022-31626
MISC
FEDORA
FEDORA piwigo — piwigo In Piwigo 11.5.0, there exists a persistent cross-site scripting in the single mode function through /admin.php?page=batch_manager&mode=unit. 2022-06-14 not yet calculated CVE-2021-40678
MISC potplayer — potplayer
  An exploitable out-of-bounds write vulnerability in PotPlayer 1.7.21523 build 210729 may lead to code execution, information disclosure, and denial of service. 2022-06-15 not yet calculated CVE-2021-40212
MISC
MISC powerjob — powerjob
  An issue was discovered in PowerJob through 3.2.2, allows attackers to change arbitrary user passwords via the id parameter to /appinfo/save. 2022-06-16 not yet calculated CVE-2020-28865
MISC powertek_corporation — powertek_firmware 
  Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 allows remote authorization bypass in the web interface. To exploit the vulnerability, an attacker must send an HTTP packet to the data retrieval interface (/cgi/get_param.cgi) with the tmpToken cookie set to an empty string followed by a semicolon. This bypasses an active session authorization check. This can be then used to fetch the values of protected sys.passwd and sys.su.name fields that contain the username and password in cleartext. 2022-06-13 not yet calculated CVE-2022-33174
MISC powertek_corporation — powertek_firmware 
  Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 have an insecure permissions setting on the user.token field that is accessible to everyone through the /cgi/get_param.cgi HTTP API. This leads to disclosing active session ids of currently logged-in administrators. The session id can then be reused to act as the administrator, allowing reading of the cleartext password, or reconfiguring the device. 2022-06-13 not yet calculated CVE-2022-33175
MISC proietti — tech_srl_planet_time_enterprise Proietti Tech srl Planet Time Enterprise 4.2.0.1,4.2.0.0,4.1.0.0,4.0.0.0,3.3.1.0,3.3.0.0 is vulnerable to Remote code execution via the Viewstate parameter. 2022-06-17 not yet calculated CVE-2022-30422
MISC
MISC python — pgadmin4
  A vulnerability classified as problematic was found in Python 2.7.13. This vulnerability affects unknown code of the component pgAdmin4. The manipulation leads to uncontrolled search path. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. 2022-06-16 not yet calculated CVE-2017-20052
MISC
MISC python-idap — python_idap
  python-ldap before 3.4.0 is vulnerable to a denial of service when ldap.schema is used for untrusted schema definitions, because of a regular expression denial of service (ReDoS) flaw in the LDAP schema parser. By sending crafted regex input, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition. 2022-06-18 not yet calculated CVE-2021-46823
MISC
MISC qualcomm — snapdragon Improper memory allocation during counter check DLM handling can lead to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile 2022-06-14 not yet calculated CVE-2021-35096
CONFIRM qualcomm — snapdragon Memory corruption in graphics support layer due to use after free condition in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables 2022-06-14 not yet calculated CVE-2021-35130
CONFIRM qualcomm — snapdragon Possible buffer overflow due to lack of validation for the length of NAI string read from EFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile 2022-06-14 not yet calculated CVE-2021-35102
CONFIRM qualcomm — snapdragon Improper validation of session id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables 2022-06-14 not yet calculated CVE-2021-35098
CONFIRM qualcomm — snapdragon Memory corruption in BT controller due to improper length check while processing vendor specific commands in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking 2022-06-14 not yet calculated CVE-2021-35129
CONFIRM qualcomm — snapdragon Improper handling of writes to virtual GICR control can lead to assertion failure in the hypervisor in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile 2022-06-14 not yet calculated CVE-2021-35101
CONFIRM qualcomm — snapdragon Possible null pointer access due to improper validation of system information message to be processed in Snapdragon Industrial IOT, Snapdragon Mobile 2022-06-14 not yet calculated CVE-2021-35087
CONFIRM qualcomm — snapdragon Possible out of bounds read due to improper typecasting while handling page fault for global memory in Snapdragon Connectivity, Snapdragon Mobile 2022-06-14 not yet calculated CVE-2021-35091
CONFIRM qualcomm — snapdragon Possible hypervisor memory corruption due to TOC TOU race condition when updating address mappings in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile 2022-06-14 not yet calculated CVE-2021-35090
CONFIRM qualcomm — snapdragon Improper validation of tag id while RRC sending tag id to MAC can lead to TOCTOU race condition in Snapdragon Connectivity, Snapdragon Mobile 2022-06-14 not yet calculated CVE-2021-35111
CONFIRM qualcomm — snapdragon Improper serialization of message queue client registration can lead to race condition allowing multiple gunyah message clients to register with same label in Snapdragon Connectivity, Snapdragon Mobile 2022-06-14 not yet calculated CVE-2021-35095
CONFIRM qualcomm — snapdragon Memory corruption in DSP service due to improper validation of input parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile 2022-06-14 not yet calculated CVE-2021-35126
CONFIRM qualcomm — snapdragon Buffer copy in GATT multi notification due to improper length check for the data coming over-the-air in Snapdragon Connectivity, Snapdragon Industrial IOT 2022-06-14 not yet calculated CVE-2021-35123
CONFIRM qualcomm — snapdragon Possible use after free due to lack of null check of DRM file status after file structure is freed in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables 2022-06-14 not yet calculated CVE-2021-30334
CONFIRM qualcomm — snapdragon Improper verification of timeout-based authentication in identity credential can lead to invalid authorization in HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile 2022-06-14 not yet calculated CVE-2021-35094
CONFIRM qualcomm — snapdragon Lack of MBN header size verification against input buffer can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables 2022-06-14 not yet calculated CVE-2021-30350
CONFIRM qualcomm — snapdragon Possible memory leak due to improper validation of certificate chain length while parsing server certificate chain in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables 2022-06-14 not yet calculated CVE-2021-35078
CONFIRM qualcomm — snapdragon RPM secure Stream can access any secure resource due to improper SMMU configuration and can lead to information disclosure in Snapdragon Industrial IOT, Snapdragon Mobile 2022-06-14 not yet calculated CVE-2021-35070
CONFIRM qualcomm — snapdragon Possible buffer over read due to improper validation of SIB type when processing a NR system Information message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile 2022-06-14 not yet calculated CVE-2021-35086
CONFIRM qualcomm — snapdragon Reachable assertion due to improper validation of coreset in PDCCH configuration in SA mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile 2022-06-14 not yet calculated CVE-2021-30340
CONFIRM qualcomm — snapdragon RPM secure Stream can access any secure resource due to improper SMMU configuration in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking 2022-06-14 not yet calculated CVE-2021-30346
CONFIRM qualcomm — snapdragon Improper integrity check can lead to race condition between tasks PDCP and RRC? right after a valid RRC security mode command packet has been received in Snapdragon Industrial IOT 2022-06-14 not yet calculated CVE-2021-35082
CONFIRM qualcomm — snapdragon Improper validation of permissions for third party application accessing Telephony service API can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile 2022-06-14 not yet calculated CVE-2021-35079
CONFIRM qualcomm — snapdragon APK can load a crafted model into the CDSP which can lead to a compromise of CDSP and other APK`s data executing there in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables 2022-06-14 not yet calculated CVE-2021-35116
CONFIRM qualcomm — snapdragon Possible null pointer dereference due to improper validation of RRC connection reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile 2022-06-14 not yet calculated CVE-2021-35076
CONFIRM qualcomm — snapdragon Possible assertion due to improper validation of rank restriction field in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile 2022-06-14 not yet calculated CVE-2021-35073
CONFIRM qualcomm — snapdragon Possible buffer overflow due to improper validation of array index while processing external DIAG command in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables 2022-06-14 not yet calculated CVE-2021-35072
CONFIRM qualcomm — snapdragon Disabled SMMU from secure side while RPM is assigned a secure stream can lead to information disclosure in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables 2022-06-14 not yet calculated CVE-2021-35080
CONFIRM qualcomm — snapdragon Possible buffer overflow due to lack of buffer length check during management frame Rx handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile 2022-06-14 not yet calculated CVE-2021-35085
CONFIRM qualcomm — snapdragon Improper access control sequence for AC database after memory allocation can lead to possible memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking 2022-06-14 not yet calculated CVE-2021-30349
CONFIRM qualcomm — snapdragon Improper integrity check can lead to race condition between tasks PDCP and RRC? right after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile 2022-06-14 not yet calculated CVE-2021-30347
CONFIRM qualcomm — snapdragon Possible buffer over read due to lack of size validation while copying data from DBR buffer to RX buffer and can lead to Denial of Service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking 2022-06-14 not yet calculated CVE-2021-35071
CONFIRM qualcomm — snapdragon
  Possible buffer over read due to improper calculation of string length while parsing Id3 tag in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables 2022-06-14 not yet calculated CVE-2021-35100
CONFIRM qualcomm — snapdragon
  Processing DCB/AVB algorithm with an invalid queue index from IOCTL request could lead to arbitrary address modification in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music 2022-06-14 not yet calculated CVE-2021-35092
CONFIRM qualcomm — snapdragon
  Possible buffer overflow due to improper validation of SSID length received from beacon or probe response during an IBSS session in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music 2022-06-14 not yet calculated CVE-2021-35081
CONFIRM qualcomm — snapdragon
  RPM secure Stream can access any secure resource due to improper SMMU configuration in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking 2022-06-14 not yet calculated CVE-2021-30345
CONFIRM qualcomm — snapdragon
  Improper buffer size validation of DSM packet received can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables 2022-06-14 not yet calculated CVE-2021-30341
CONFIRM qualcomm — snapdragon
  Memory corruption in bluetooth host due to integer overflow while processing BT HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music 2022-06-14 not yet calculated CVE-2022-25651
CONFIRM qualcomm — snapdragon
  Reading PRNG output may lead to improper key generation due to lack of buffer validation in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking 2022-06-14 not yet calculated CVE-2021-30339
CONFIRM qualcomm — snapdragon
  Buffer overflow in sahara protocol while processing commands leads to overwrite of secure configuration data in Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice & Music 2022-06-14 not yet calculated CVE-2021-30327
CONFIRM qualcomm — snapdragon
  Possible out of bound read due to improper validation of certificate chain in SSL or Internet key exchange in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables 2022-06-14 not yet calculated CVE-2021-35083
CONFIRM qualcomm — snapdragon
  Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables 2022-06-14 not yet calculated CVE-2021-30342
CONFIRM qualcomm — snapdragon
  Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile 2022-06-14 not yet calculated CVE-2021-30343
CONFIRM qualcomm — snapdragon
  A user with user level permission can access graphics protected region due to improper access control in register configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables 2022-06-14 not yet calculated CVE-2021-35112
CONFIRM qualcomm — snapdragon
  Improper handling between export and release functions on the same handle from client can lead to use after free in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile 2022-06-14 not yet calculated CVE-2021-35120
CONFIRM qualcomm — snapdragon
  Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables 2022-06-14 not yet calculated CVE-2021-30344
CONFIRM qualcomm — snapdragon
  An out-of-bounds write can occur due to an incorrect input check in the camera driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables 2022-06-14 not yet calculated CVE-2021-35118
CONFIRM qualcomm — snapdragon
  An array index is improperly used to lock and unlock a mutex which can lead to a Use After Free condition In the Synx driver in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile 2022-06-14 not yet calculated CVE-2021-35121
CONFIRM qualcomm — snapdragon
  Possible buffer overflow due to improper parsing of headers while playing the FLAC audio clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking 2022-06-14 not yet calculated CVE-2021-35104
CONFIRM qualcomm — snapdragon
  Potential out of Bounds read in FIPS event processing due to improper validation of the length from the firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile 2022-06-14 not yet calculated CVE-2021-35119
CONFIRM qualcomm — snapdragon
  XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking 2022-06-14 not yet calculated CVE-2021-30281
CONFIRM qualcomm — snapdragon
  Possible out of bound read due to lack of length check of data length for a DIAG event in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music 2022-06-14 not yet calculated CVE-2021-35084
CONFIRM qualcomm — snapdragon_auto Improper buffer initialization on the backend driver can lead to buffer overflow in Snapdragon Auto 2022-06-14 not yet calculated CVE-2021-35114
CONFIRM qualcomm — snapdrgaon Out of bound read in WLAN HOST due to improper length check can lead to DOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables 2022-06-14 not yet calculated CVE-2022-22065
CONFIRM qualcomm — snapdrgaon
  kernel event may contain unexpected content which is not generated by NPU software in asynchronous execution mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables 2022-06-14 not yet calculated CVE-2022-22068
CONFIRM qualcomm — snapdrgaon
  Possible use after free when process shell memory is freed using IOCTL munmap call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music 2022-06-14 not yet calculated CVE-2022-22071
CONFIRM qualcomm — snapdrgaon
  Memory corruption due to possible buffer overflow while parsing DSF header with corrupted channel count in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables 2022-06-14 not yet calculated CVE-2022-22082
CONFIRM qualcomm — snapdrgaon
  Memory corruption when extracting qcp audio file due to lack of check on data length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables 2022-06-14 not yet calculated CVE-2022-22084
CONFIRM qualcomm — snapdrgaon
  memory corruption in video due to buffer overflow while parsing mkv clip with no codechecker in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables 2022-06-14 not yet calculated CVE-2022-22087
CONFIRM qualcomm — snapdrgaon
  Buffer overflow can occur due to improper validation of NDP application information length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music 2022-06-14 not yet calculated CVE-2022-22072
CONFIRM qualcomm — snapdrgaon
  Possible buffer over read due to lack of size validation while unpacking frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables 2022-06-14 not yet calculated CVE-2022-22064
CONFIRM qualcomm — snapdrgaon
  Denial of service due to memory corruption while extracting ape header from clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables 2022-06-14 not yet calculated CVE-2022-22083
CONFIRM qualcomm — snapdrgaon
  Memory corruption in audio due to use after free while managing buffers from internal cache in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile 2022-06-14 not yet calculated CVE-2022-22090
CONFIRM qualcomm — snapdrgaon
  Memory corruption in video due to double free while parsing 3gp clip with invalid meta data atoms in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables 2022-06-14 not yet calculated CVE-2022-22086
CONFIRM qualcomm — snapdrgaon
  Use after free in graphics fence due to a race condition while closing fence file descriptor and destroy graphics timeline simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables 2022-06-14 not yet calculated CVE-2022-22057
CONFIRM qualcomm — snapdrgaon
  Memory corruption in video due to buffer overflow while reading the dts file in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables 2022-06-14 not yet calculated CVE-2022-22085
CONFIRM qualcomm — snapdrgaon
  Memory corruption in multimedia driver due to double free while processing data from user in Snapdragon Auto 2022-06-14 not yet calculated CVE-2022-22103
CONFIRM qualcomm — trustzone_memory_interface
  Improper input validation in TrustZone memory transfer interface can lead to information disclosure in Snapdragon Compute 2022-06-14 not yet calculated CVE-2021-30338
CONFIRM rakuten — casa
  Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote attacker to obtain the information stored in the product because the product is set to accept HTTP connections from the WAN side by default. 2022-06-13 not yet calculated CVE-2022-26834
MISC
MISC rakuten — casa
  Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote attacker to log in with the root privilege and perform an arbitrary operation if the product is in its default settings in which is set to accept SSH connections from the WAN side, and is also connected to the Internet with the authentication information unchanged from the default settings. 2022-06-13 not yet calculated CVE-2022-28704
MISC
MISC rakuten — casa
  Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 uses a hard-coded credential which may allow a remote unauthenticated attacker to log in with the root privilege and perform an arbitrary operation. 2022-06-13 not yet calculated CVE-2022-29525
MISC
MISC redcap — redacap
  A Stored Cross-Site Scripting (XSS) vulnerability was discovered in Messenger/messenger_ajax.php in REDCap 12.0.11. This issue allows any authenticated user to inject arbitrary code into the messenger title (aka new_title) field when editing an existing conversation. The payload executes in the browser of any conversation participant with the sidebar shown. 2022-06-15 not yet calculated CVE-2022-24004
MISC
MISC redcap — redacap
  A Stored Cross-Site Scripting (XSS) vulnerability was discovered in ProjectGeneral/edit_project_settings.php in REDCap 12.0.11. This issue allows any user with project management permissions to inject arbitrary code into the project title (app_title) field when editing an existing project. The payload is then reflected within the title tag of the page. 2022-06-15 not yet calculated CVE-2022-24127
MISC
MISC robohelp — server
  RoboHelp Server earlier versions than RHS 11 Update 3 are affected by an Improper Authorization vulnerability which could lead to privilege escalation. An authenticated attacker could leverage this vulnerability to achieve full administrator privileges. Exploitation of this issue does not require user interaction. 2022-06-16 not yet calculated CVE-2022-30670
MISC rundeck — rundeck
  Rundeck is an open source automation service with a web console, command line tools and a WebAPI. The Key Storage converter plugin mechanism was not enabled correctly in Rundeck 4.2.0 and 4.2.1, resulting in use of the encryption layer for Key Storage possibly not working. Any credentials created or overwritten using Rundeck 4.2.0 or 4.2.1 might result in them being written in plaintext to the backend storage. This affects those using any `Storage Converter` plugin. Rundeck 4.3.1 and 4.2.2 have fixed the code and upon upgrade will re-encrypt any plain text values. Version 4.3.0 does not have the vulnerability, but does not include the patch to re-encrypt plain text values if 4.2.0 or 4.2.1 were used. To prevent plaintext credentials from being stored in Rundeck 4.2.0/4.2.1, write access to key storage can be disabled via ACLs. After upgrading to 4.3.1 or later, write access can be restored. 2022-06-15 not yet calculated CVE-2022-31044
CONFIRM sap — 3d_visual_enterprise_viewer When a user opens manipulated AutoCAD (.dwg, TeighaTranslator.exe) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. 2022-06-14 not yet calculated CVE-2022-32235
MISC
MISC sap — 3d_visual_enterprise_viewer When a user opens manipulated JPEG 2000 (.jp2, jp2k.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. 2022-06-14 not yet calculated CVE-2022-32239
MISC
MISC sap — 3d_visual_enterprise_viewer When a user opens manipulated Radiance Picture (.hdr, hdr.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. 2022-06-14 not yet calculated CVE-2022-32242
MISC
MISC sap — 3d_visual_enterprise_viewer When a user opens manipulated Portable Document Format (.pdf, PDFView.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. 2022-06-14 not yet calculated CVE-2022-32241
MISC
MISC sap — 3d_visual_enterprise_viewer When a user opens manipulated Jupiter Tesselation (.jt, JTReader.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. 2022-06-14 not yet calculated CVE-2022-32240
MISC
MISC sap — 3d_visual_enterprise_viewer When a user opens manipulated Windows Bitmap (.bmp, 2d.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. 2022-06-14 not yet calculated CVE-2022-32236
MISC
MISC sap — 3d_visual_enterprise_viewer When a user opens manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. 2022-06-14 not yet calculated CVE-2022-32237
MISC
MISC sap — 3d_visual_enterprise_viewer
  When a user opens manipulated Encapsulated Post Script (.eps, ai.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. 2022-06-14 not yet calculated CVE-2022-32238
MISC
MISC sap — financial_consolidation
  SAP Financial Consolidation – version 1010,?does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. 2022-06-14 not yet calculated CVE-2022-31595
MISC
MISC sap — netweaver
  Depending on the configuration of the route permission table in file ‘saprouttab’, it is possible for an unauthenticated attacker to execute SAProuter administration commands in SAP NetWeaver and ABAP Platform – versions KERNEL 7.49, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, KRNL64NUC 7.49, KRNL64UC 7.49, SAP_ROUTER 7.53, 7.22, from a remote client, for example stopping the SAProuter, that could highly impact systems availability. 2022-06-14 not yet calculated CVE-2022-27668
MISC
MISC sap — netweaver
  Due to insufficient input validation, SAP NetWeaver Development Infrastructure (Design Time Repository) – versions 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to inject script into the URL and execute code in the user’s browser. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application. 2022-06-14 not yet calculated CVE-2022-29618
MISC
MISC sap — netweaver
  Some part of SAP NetWeaver (EP Web Page Composer) does not sufficiently validate an XML document accepted from an untrusted source, which allows an adversary to exploit unprotected XML parking at endpoints, and a possibility to conduct SSRF attacks that could compromise system’s Availability by causing system to crash. 2022-06-13 not yet calculated CVE-2022-28217
MISC
MISC sap — netweaver
  SAP NetWeaver, ABAP Platform and SAP Host Agent – versions KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, 8.04, KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, 8.04, SAPHOSTAGENT 7.22, allows an authenticated user to misuse a function of sapcontrol webfunctionality(startservice) in Kernel which enables malicious users to retrieve information. On successful exploitation, an attacker can obtain technical information like system number or physical address, which is otherwise restricted, causing a limited impact on the confidentiality of the application. 2022-06-14 not yet calculated CVE-2022-29612
MISC
MISC sap — netweaver
  SAP startservice – of SAP NetWeaver Application Server ABAP, Application Server Java, ABAP Platform and HANA Database – versions KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, SAPHOSTAGENT 7.22, – on Unix systems, s-bit helper program sapuxuserchk, can be abused physically resulting in a privilege escalation of an attacker leading to low impact on confidentiality and integrity, but a profound impact on availability. 2022-06-14 not yet calculated CVE-2022-29614
MISC
MISC sap — netweaver
  SAP NetWeaver Developer Studio (NWDS) – version 7.50, is based on Eclipse, which contains the logging framework log4j in version 1.x. The application’s confidentiality and integrity could have a low impact due to the vulnerabilities associated with version 1.x. 2022-06-14 not yet calculated CVE-2022-29615
MISC
MISC sap — one_support_launchpad
  A highly privileged user can exploit SUID-root program to escalate his privileges to root on a local Unix system. 2022-06-14 not yet calculated CVE-2022-31594
MISC
MISC sap — one_support_launchpad
  Due to improper authorization check, business users who are using Israeli File from SHAAM program (/ATL/VQ23 transaction), are granted more than needed authorization to perform certain transaction, which may lead to users getting access to data that would otherwise be restricted. 2022-06-14 not yet calculated CVE-2022-31589
MISC
MISC sap — powerdesigner_proxy SAP PowerDesigner Proxy – version 16.7, allows an attacker with low privileges and has local access, with the ability to work around system’s root disk access restrictions to Write/Create a program file on system disk root path, which could then be executed with elevated privileges of the application during application start up or reboot, potentially compromising Confidentiality, Integrity and Availability of the system. 2022-06-14 not yet calculated CVE-2022-31590
MISC
MISC scalanace — multiple_versions
  A vulnerability has been identified in SCALANCE XM408-4C (All versions < V6.5), SCALANCE XM408-4C (L3 int.) (All versions < V6.5), SCALANCE XM408-8C (All versions < V6.5), SCALANCE XM408-8C (L3 int.) (All versions < V6.5), SCALANCE XM416-4C (All versions < V6.5), SCALANCE XM416-4C (L3 int.) (All versions < V6.5), SCALANCE XR524-8C, 1x230V (All versions < V6.5), SCALANCE XR524-8C, 1x230V (L3 int.) (All versions < V6.5), SCALANCE XR524-8C, 24V (All versions < V6.5), SCALANCE XR524-8C, 24V (L3 int.) (All versions < V6.5), SCALANCE XR524-8C, 2x230V (All versions < V6.5), SCALANCE XR524-8C, 2x230V (L3 int.) (All versions < V6.5), SCALANCE XR526-8C, 1x230V (All versions < V6.5), SCALANCE XR526-8C, 1x230V (L3 int.) (All versions < V6.5), SCALANCE XR526-8C, 24V (All versions < V6.5), SCALANCE XR526-8C, 24V (L3 int.) (All versions < V6.5), SCALANCE XR526-8C, 2x230V (All versions < V6.5), SCALANCE XR526-8C, 2x230V (L3 int.) (All versions < V6.5), SCALANCE XR528-6M (All versions < V6.5), SCALANCE XR528-6M (2HR2) (All versions < V6.5), SCALANCE XR528-6M (2HR2, L3 int.) (All versions < V6.5), SCALANCE XR528-6M (L3 int.) (All versions < V6.5), SCALANCE XR552-12M (All versions < V6.5), SCALANCE XR552-12M (2HR2) (All versions < V6.5), SCALANCE XR552-12M (2HR2) (All versions < V6.5), SCALANCE XR552-12M (2HR2, L3 int.) (All versions < V6.5). The OSPF protocol implementation in affected devices fails to verify the checksum and length fields in the OSPF LS Update messages. An unauthenticated remote attacker could exploit this vulnerability to cause interruptions in the network by sending specially crafted OSPF packets. Successful exploitation requires OSPF to be enabled on an affected device. 2022-06-14 not yet calculated CVE-2021-37182
MISC shirasagi — shirasagi
  Cross-site scripting vulnerability in SHIRASAGI v1.0.0 to v1.14.2, and v1.15.0 allows a remote attacker to inject an arbitrary script via unspecified vectors. 2022-06-14 not yet calculated CVE-2022-29485
MISC
MISC
MISC
MISC sicam — gridedge_essential_arm
  A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6), SICAM GridEdge Essential Intel (All versions < V2.6.6), SICAM GridEdge Essential with GDS ARM (All versions < V2.6.6), SICAM GridEdge Essential with GDS Intel (All versions < V2.6.6). The affected software does not apply cross-origin resource sharing (CORS) restrictions for critical operations. In case an attacker tricks a legitimate user into accessing a special resource a malicious request could be executed. 2022-06-14 not yet calculated CVE-2022-30228
MISC sicam — gridedge_essential_arm
  A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6), SICAM GridEdge Essential Intel (All versions < V2.6.6), SICAM GridEdge Essential with GDS ARM (All versions < V2.6.6), SICAM GridEdge Essential with GDS Intel (All versions < V2.6.6). The affected software does not require authenticated access for privileged functions. This could allow an unauthenticated attacker to change data of an user, such as credentials, in case that user’s id is known. 2022-06-14 not yet calculated CVE-2022-30229
MISC sicam — gridedge_essential_arm
  A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6), SICAM GridEdge Essential Intel (All versions < V2.6.6), SICAM GridEdge Essential with GDS ARM (All versions < V2.6.6), SICAM GridEdge Essential with GDS Intel (All versions < V2.6.6). The affected software does not require authenticated access for privileged functions. This could allow an unauthenticated attacker to create a new user with administrative permissions. 2022-06-14 not yet calculated CVE-2022-30230
MISC sicam — gridedge_essential_arm
  A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6), SICAM GridEdge Essential Intel (All versions < V2.6.6), SICAM GridEdge Essential with GDS ARM (All versions < V2.6.6), SICAM GridEdge Essential with GDS Intel (All versions < V2.6.6). The affected software discloses password hashes of other users upon request. This could allow an authenticated user to retrieve another users password hash. 2022-06-14 not yet calculated CVE-2022-30231
MISC siemens — sinema_remote_connect_server
  A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). An error message pop up window in the web interface of the affected application does not prevent injection of JavaScript code. This could allow attackers to perform reflected cross-site scripting (XSS) attacks. 2022-06-14 not yet calculated CVE-2022-29034
MISC
FULLDISC siemens — spectrum_power_4
  A vulnerability has been identified in Spectrum Power 4 (All versions using Shared HIS), Spectrum Power 7 (All versions using Shared HIS), Spectrum Power MGMS (All versions using Shared HIS). An unauthenticated attacker could log into the component Shared HIS used in Spectrum Power systems by using an account with default credentials. A successful exploitation could allow the attacker to access the component Shared HIS with administrative privileges. 2022-06-14 not yet calculated CVE-2022-26476
MISC siemens — teamcenter
  A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9), Teamcenter V13.1 (All versions < V13.1.0.9), Teamcenter V13.2 (All versions), Teamcenter V13.3 (All versions < V13.3.0.3), Teamcenter V14.0 (All versions). Java EE Server Manager HTML Adaptor in Teamcenter consists of default hardcoded credentials. Access to the application allows a user to perform a series of actions that could potentially lead to remote code execution with elevated permissions. 2022-06-14 not yet calculated CVE-2022-31619
MISC siemens — teamcenter_active_workspace
  A vulnerability has been identified in Teamcenter Active Workspace V5.2 (All versions < V5.2.9), Teamcenter Active Workspace V6.0 (All versions < V6.0.3). A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the affected application that could allow an attacker to execute malicious code by tricking users into accessing a malicious link. 2022-06-14 not yet calculated CVE-2022-32145
MISC siemens — sinema_remote_connect_server
  A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). Affected application is missing general HTTP security headers in the web server configured on port 443. This could aid attackers by making the servers more prone to clickjacking, channel downgrade attacks and other similar client-based attack vectors. 2022-06-14 not yet calculated CVE-2022-27219
MISC siemens — sinema_remote_connect_server
  A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). An attacker in machine-in-the-middle could obtain plaintext secret values by observing length differences during a series of guesses in which a string in an HTTP request URL potentially matches an unknown string in an HTTP response body, aka a “BREACH” attack. 2022-06-14 not yet calculated CVE-2022-27221
MISC siemens — sinema_remote_connect_server
  A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). Affected application is missing general HTTP security headers in the web server configured on port 6220. This could aid attackers by making the servers more prone to clickjacking, channel downgrade attacks and other similar client-based attack vectors. 2022-06-14 not yet calculated CVE-2022-27220
MISC sinema — remote_connect_server A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains an older feature that allows to import device configurations via a specific endpoint. An attacker could use this vulnerability for information disclosure. 2022-06-14 not yet calculated CVE-2022-32258
MISC sinema — remote_connect_server A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). There is a missing authentication verification for a resource used to change the roles and permissions of a user. This could allow an attacker to change the permissions of any user and gain the privileges of an administrative user. 2022-06-14 not yet calculated CVE-2022-32251
MISC sinema — remote_connect_server A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application creates temporary user credentials for UMC (User Management Component) users. An attacker could use these temporary credentials for authentication bypass in certain scenarios. 2022-06-14 not yet calculated CVE-2022-32260
MISC sinema — remote_connect_server A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The system images for installation or update of the affected application contain unit test scripts with sensitive information. An attacker could gain information about testing architecture and also tamper with test configuration. 2022-06-14 not yet calculated CVE-2022-32259
MISC sinema — remote_connect_server A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains a misconfiguration in the APT update. This could allow an attacker to add insecure packages to the application. 2022-06-14 not yet calculated CVE-2022-32261
MISC sinema — remote_connect_server A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application consists of a web service that lacks proper access control for some of the endpoints. This could lead to unauthorized access to limited information. 2022-06-14 not yet calculated CVE-2022-32255
MISC sinema — remote_connect_server A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). A customized HTTP POST request could force the application to write the status of a given user to a log file, exposing sensitive user information that could provide valuable guidance to an attacker. 2022-06-14 not yet calculated CVE-2022-32254
MISC sinema — remote_connect_server A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). Due to improper input validation, the OpenSSL certificate’s password could be printed to a file reachable by an attacker. 2022-06-14 not yet calculated CVE-2022-32253
MISC sinema — remote_connect_server A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The application does not perform the integrity check of the update packages. Without validation, an admin user might be tricked to install a malicious package, granting root privileges to an attacker. 2022-06-14 not yet calculated CVE-2022-32252
MISC sinema — remote_connect_server When a user opens manipulated Scalable Vector Graphics (.svg, svg.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. 2022-06-14 not yet calculated CVE-2022-32243
MISC
MISC sinema — remote_connect_server A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application consists of a web service that lacks proper access control for some of the endpoints. This could lead to low privileged users accessing privileged information. 2022-06-14 not yet calculated CVE-2022-32256
MISC sinema — remote_connect_server
  A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains a file upload server that is vulnerable to command injection. An attacker could use this to achieve arbitrary code execution. 2022-06-14 not yet calculated CVE-2022-32262
MISC sourcecodester — online_discussion_forum_site Online Discussion Forum Site v1.0 is vulnerable to SQL Injection via /odfs/classes/Master.php?f=delete_team. 2022-06-16 not yet calculated CVE-2022-31911
MISC sourcecodester — online_discussion_forum_site Online Discussion Forum Site v1.0 is vulnerable to Cross Site Scripting (XSS) via /odfs/classes/Master.php?f=save_category, name. 2022-06-16 not yet calculated CVE-2022-31913
MISC sourcecodester — zoo_management_system Zoo Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via zms/admin/public_html/save_animal?an_id=24. 2022-06-16 not yet calculated CVE-2022-31914
MISC sourcecodester — bank_management_system
  A vulnerability, which was classified as critical, has been found in SourceCodester Bank Management System 1.0. Affected by this issue is login.php. The manipulation of the argument password with the input 1’and 1=2 union select 1,sleep(10),3,4,5 –+ leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. 2022-06-15 not yet calculated CVE-2022-2086
N/A
N/A sourcecodester — bank_management_system
  A vulnerability, which was classified as problematic, was found in SourceCodester Bank Management System 1.0. This affects the file /mnotice.php?id=2. The manipulation of the argument notice with the input <script>alert(1)</script> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. 2022-06-15 not yet calculated CVE-2022-2087
N/A
N/A sourcecodester — church_management_system
  Church Management System version 1.0 is affected by a SQL anjection vulnerability through creating a user with a PHP file as an avatar image, which is accessible through the /uploads directory. This can lead to RCE on the web server by uploading a PHP webshell. 2022-06-13 not yet calculated CVE-2021-41661
MISC sourcecodester — fast_food_ordering_system Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/classes/Master.php?f=delete_menu. 2022-06-14 not yet calculated CVE-2022-32330
MISC sourcecodester — fast_food_ordering_system Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/categories/view_category.php?id=. 2022-06-14 not yet calculated CVE-2022-32331
MISC sourcecodester — fast_food_ordering_system Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/classes/Master.php?f=delete_category. 2022-06-14 not yet calculated CVE-2022-32332
MISC sourcecodester — fast_food_ordering_system Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/menus/view_menu.php?id=. 2022-06-14 not yet calculated CVE-2022-32336
MISC sourcecodester — fast_food_ordering_system Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/categories/manage_category.php?id=. 2022-06-14 not yet calculated CVE-2022-32334
MISC sourcecodester — fast_food_ordering_system Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/sales/receipt.php?id=. 2022-06-14 not yet calculated CVE-2022-32333
MISC sourcecodester — fast_food_ordering_system Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/menus/manage_menu.php?id=. 2022-06-14 not yet calculated CVE-2022-32335
MISC sourcecodester — fast_food_ordering_system Fast Food Ordering System v1.0 is vulnerable to Delete any file. via /ffos/classes/Master.php?f=delete_img. 2022-06-14 not yet calculated CVE-2022-32328
MISC sourcecodester — hospitals_patient_records_management_system Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_patient. 2022-06-14 not yet calculated CVE-2022-32344
MISC sourcecodester — hospitals_patient_records_management_system Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_room_type. 2022-06-14 not yet calculated CVE-2022-32350
MISC sourcecodester — hospitals_patient_records_management_system Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/doctors/view_doctor.php?id=. 2022-06-14 not yet calculated CVE-2022-32339
MISC sourcecodester — hospitals_patient_records_management_system Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/doctors/manage_doctor.php?id=. 2022-06-14 not yet calculated CVE-2022-32338
MISC sourcecodester — hospitals_patient_records_management_system Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/patients/manage_patient.php?id=. 2022-06-14 not yet calculated CVE-2022-32337
MISC sourcecodester — hospitals_patient_records_management_system Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/room_types/view_room_type.php?id=. 2022-06-14 not yet calculated CVE-2022-32342
MISC sourcecodester — hospitals_patient_records_management_system Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via hprms/admin/room_types/manage_room_type.php?id=. 2022-06-14 not yet calculated CVE-2022-32343
MISC sourcecodester — hospitals_patient_records_management_system Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_patient_history. 2022-06-14 not yet calculated CVE-2022-32349
MISC sourcecodester — hospitals_patient_records_management_system Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/rooms/manage_room.php?id=. 2022-06-14 not yet calculated CVE-2022-32345
MISC sourcecodester — hospitals_patient_records_management_system Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_room. 2022-06-14 not yet calculated CVE-2022-32347
MISC sourcecodester — hospitals_patient_records_management_system Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_doctor. 2022-06-14 not yet calculated CVE-2022-32348
MISC sourcecodester — hospitals_patient_records_management_system Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/?page=user/manage_user&id=. 2022-06-14 not yet calculated CVE-2022-32341
MISC sourcecodester — hospitals_patient_records_management_system Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_patient_admission. 2022-06-14 not yet calculated CVE-2022-32352
MISC sourcecodester — hospitals_patient_records_management_system Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_message. 2022-06-14 not yet calculated CVE-2022-32351
MISC sourcecodester — hospitals_patient_records_management_system Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/rooms/view_room.php?id=. 2022-06-14 not yet calculated CVE-2022-32346
MISC sourcecodester — hospitals_patient_records_management_system Hospital’s Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/?page=patients/view_patient&id=. 2022-06-14 not yet calculated CVE-2022-32340
MISC sourcecodester — online_fire_reporting_system Online Fire Reporting System v1.0 is vulnerable to Cross Site Scripting (XSS) via /ofrs/classes/Master.php. 2022-06-16 not yet calculated CVE-2022-31906
MISC sourcecodester — online_fire_reporting_system Online Fire Reporting System v1.0 was discovered to contain a SQL injection vulnerability via the GET parameter in /report/list.php. 2022-06-14 not yet calculated CVE-2022-31415
MISC sourcecodester — online_tutor_portal_site Online Tutor Portal Site v1.0 is vulnerable to SQL Injection via /otps/classes/Master.php?f=delete_team. 2022-06-16 not yet calculated CVE-2022-31912
MISC sourcecodester — online_tutor_portal_site Online Tutor Portal Site v1.0 is vulnerable to Cross Site Scripting (XSS). via /otps/classes/Master.php. 2022-06-16 not yet calculated CVE-2022-31910
MISC sourcecodester — product_show_room_site Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/fields/manage_field.php?id=. 2022-06-14 not yet calculated CVE-2022-32365
MISC sourcecodester — product_show_room_site Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=user/manage_user&id=. 2022-06-14 not yet calculated CVE-2022-32354
MISC sourcecodester — product_show_room_site Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/categories/view_category.php?id=. 2022-06-14 not yet calculated CVE-2022-32363
MISC sourcecodester — product_show_room_site Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/fields/view_field.php?id=. 2022-06-14 not yet calculated CVE-2022-32366
MISC sourcecodester — product_show_room_site Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=products/manage_product&id=. 2022-06-14 not yet calculated CVE-2022-32364
MISC sourcecodester — product_show_room_site Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/categories/manage_field_order.php?id=. 2022-06-14 not yet calculated CVE-2022-32353
MISC sourcecodester — product_show_room_site Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=products/view_product&id=. 2022-06-14 not yet calculated CVE-2022-32355
MISC sourcecodester — product_show_room_site Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=inquiries/view_inquiry&id=. 2022-06-14 not yet calculated CVE-2022-32367
MISC sourcecodester — product_show_room_site Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/classes/Master.php?f=delete_category. 2022-06-14 not yet calculated CVE-2022-32359
MISC sourcecodester — product_show_room_site Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/classes/Master.php?f=delete_inquiry. 2022-06-14 not yet calculated CVE-2022-32358
MISC sourcecodester — product_show_room_site Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/categories/manage_category.php?id=. 2022-06-14 not yet calculated CVE-2022-32362
MISC sourcecodester — rescue_dispatch_management_system Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via rdmsadmin?page=usermanage_user&id=. 2022-06-17 not yet calculated CVE-2022-31941
MISC sourcecodester — south_gate_inn_online_reservation_system The South Gate Inn Online Reservation System v1.0 contains an SQL injection vulnerability that can be chained with a malicious PHP file upload, which is caused by improper file handling in the editImg function. This vulnerability leads to remote code execution. 2022-06-13 not yet calculated CVE-2021-41662
MISC sourcecodester — student_registration_and_fee_payment_system Student Registration and Fee Payment System v1.0 is vulnerable to SQL Injection via /scms/student.php. 2022-06-16 not yet calculated CVE-2022-31908
MISC sourcecodester — theme_park_ticketing_system Theme Park Ticketing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at edit_ticket.php. 2022-06-15 not yet calculated CVE-2022-32302
MISC sourcesodester — directory_management_system Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the fullname parameter in add-directory.php. 2022-06-16 not yet calculated CVE-2022-31384
MISC
MISC
MISC sourcesodester — directory_management_system
  Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in view-directory.php. 2022-06-16 not yet calculated CVE-2022-31383
MISC
MISC
MISC sourcesodester — directory_management_system
  Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the searchdata parameter in search-dirctory.php. 2022-06-16 not yet calculated CVE-2022-31382
MISC
MISC
MISC sourcesodester — online_discussion_forum_site An issue in the delete_post() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily delete posts. 2022-06-16 not yet calculated CVE-2022-31295
MISC
MISC sourcesodester — online_discussion_forum_site An issue in the save_users() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily create or update user accounts. 2022-06-16 not yet calculated CVE-2022-31294
MISC
MISC sourcesodester — online_discussion_forum_site Online Discussion Forum Site 1 was discovered to contain a blind SQL injection vulnerability via the component /odfs/posts/view_post.php. 2022-06-17 not yet calculated CVE-2022-31296
MISC
MISC sourcesodester — online_ordering_system Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/index.php?q=category&search=. 2022-06-17 not yet calculated CVE-2022-31355
MISC sourcesodester — online_ordering_system Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/admin/inventory/index.php?view=edit&id=. 2022-06-17 not yet calculated CVE-2022-31357
MISC sourcesodester — online_ordering_system Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/admin/store/index.php?view=edit&id=. 2022-06-17 not yet calculated CVE-2022-31356
MISC splunk_enterprise — splunk_universal_forwarder
  In Splunk Enterprise and Universal Forwarder versions before 9.0, the Splunk command-line interface (CLI) did not validate TLS certificates while connecting to a remote Splunk platform instance by default. Splunk peer communications configured properly with valid certificates were not vulnerable. However, connections from misconfigured nodes without valid certificates did not fail by default. After updating to version 9.0, see Configure TLS host name validation for the Splunk CLI (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/EnableTLSCertHostnameValidation#Configure_TLS_host_name_validation_for_the_Splunk_CLI) to enable the remediation. 2022-06-15 not yet calculated CVE-2022-32156
CONFIRM
CONFIRM
CONFIRM splunk_enterprise — dashboard
  Dashboards in Splunk Enterprise versions before 9.0 might let an attacker inject risky search commands into a form token when the token is used in a query in a cross-origin request. The result bypasses SPL safeguards for risky commands. See New capabilities can limit access to some custom and potentially risky commands (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/SPLsafeguards#New_capabilities_can_limit_access_to_some_custom_and_potentially_risky_commands) for more information. Note that the attack is browser-based and an attacker cannot exploit it at will. 2022-06-15 not yet calculated CVE-2022-32154
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM splunk_enterprise — splunk_enterprise_deployment_servers
  Splunk Enterprise deployment servers in versions before 9.0 let clients deploy forwarder bundles to other deployment clients through the deployment server. An attacker that compromised a Universal Forwarder endpoint could use the vulnerability to execute arbitrary code on all other Universal Forwarder endpoints subscribed to the deployment server. 2022-06-15 not yet calculated CVE-2022-32158
CONFIRM
CONFIRM splunk_enterprise — splunk_enterprise_deployment_servers
  Splunk Enterprise deployment servers in versions before 9.0 allow unauthenticated downloading of forwarder bundles. Remediation requires you to update the deployment server to version 9.0 and Configure authentication for deployment servers and clients (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/ConfigDSDCAuthEnhancements#Configure_authentication_for_deployment_servers_and_clients). Once enabled, deployment servers can manage only Universal Forwarder versions 9.0 and higher. Though the vulnerability does not directly affect Universal Forwarders, remediation requires updating all Universal Forwarders that the deployment server manages to version 9.0 or higher prior to enabling the remediation. 2022-06-15 not yet calculated CVE-2022-32157
CONFIRM
CONFIRM
CONFIRM
CONFIRM splunk_enterprise — splunk_enterprise_peers Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by default. Splunk peer communications configured properly with valid certificates were not vulnerable. However, an attacker with administrator credentials could add a peer without a valid certificate and connections from misconfigured nodes without valid certificates did not fail by default. For Splunk Enterprise, update to Splunk Enterprise version 9.0 and Configure TLS host name validation for Splunk-to-Splunk communications (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/EnableTLSCertHostnameValidation) to enable the remediation. 2022-06-15 not yet calculated CVE-2022-32153
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM splunk_enterprise — splunk_enterprise_peers
  The httplib and urllib Python libraries that Splunk shipped with Splunk Enterprise did not validate certificates using the certificate authority (CA) certificate stores by default in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203. Python 3 client libraries now verify server certificates by default and use the appropriate CA certificate stores for each library. Apps and add-ons that include their own HTTP libraries are not affected. For Splunk Enterprise, update to Splunk Enterprise version 9.0 and Configure TLS host name validation for Splunk-to-Splunk communications (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/EnableTLSCertHostnameValidation) to enable the remediation. 2022-06-15 not yet calculated CVE-2022-32151
CONFIRM
CONFIRM
CONFIRM
CONFIRM splunk_enterprise — splunk_enterprise_peers
  Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by default. Splunk peer communications configured properly with valid certificates were not vulnerable. However, an attacker with administrator credentials could add a peer without a valid certificate and connections from misconfigured nodes without valid certificates did not fail by default. For Splunk Enterprise, update to Splunk Enterprise version 9.0 and Configure TLS host name validation for Splunk-to-Splunk communications (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/EnableTLSCertHostnameValidation) to enable the remediation. 2022-06-15 not yet calculated CVE-2022-32152
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM splunk_enterprise — splunk_universal_forwarder
  In universal forwarder versions before 9.0, management services are available remotely by default. When not required, it introduces a potential exposure, but it is not a vulnerability. If exposed, we recommend each customer assess the potential severity specific to your environment. In 9.0, the universal forwarder now binds the management port to localhost preventing remote logins by default. If management services are not required in versions before 9.0, set disableDefaultPort = true in server.conf OR allowRemoteLogin = never in server.conf OR mgmtHostPort = localhost in web.conf. See Configure universal forwarder management security (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/EnableTLSCertHostnameValidation#Configure_universal_forwarder_management_security) for more information on disabling the remote management services. 2022-06-15 not yet calculated CVE-2022-32155
CONFIRM
CONFIRM
CONFIRM strapi — strapi
  Strapi v3.x.x versions and earlier contain a stored cross-site scripting vulnerability in file upload function. By exploiting this vulnerability, an arbitrary script may be executed on the web browser of the user who is logging in to the product with the administrative privilege. 2022-06-13 not yet calculated CVE-2022-29894
MISC
MISC
MISC subscription-manager — subscription-manager Subscription-Manager v1.0 /main.js has a cross-site scripting (XSS) vulnerability in the machineDetail parameter. 2022-06-15 not yet calculated CVE-2021-41415
MISC synaptics — fingerprint_driver
  Improper Input Validation vulnerability in synaTEE.signed.dll of Synaptics Fingerprint Driver allows a local authorized attacker to overwrite a heap tag, with potential loss of confidentiality. This issue affects: Synaptics Synaptics Fingerprint Driver 5.1.xxx.26 versions prior to xxx=340 on x86/64; 5.2.xxxx.26 versions prior to xxxx=3541 on x86/64; 5.2.2xx.26 versions prior to xx=29 on x86/64; 5.2.3xx.26 versions prior to xx=25 on x86/64; 5.3.xxxx.26 versions prior to xxxx=3543 on x86/64; 5.5.xx.1058 versions prior to xx=44 on x86/64; 5.5.xx.1102 versions prior to xx=34 on x86/64; 5.5.xx.1116 versions prior to xx=14 on x86/64; 6.0.xx.1104 versions prior to xx=50 on x86/64; 6.0.xx.1108 versions prior to xx=31 on x86/64; 6.0.xx.1111 versions prior to xx=58 on x86/64. 2022-06-16 not yet calculated CVE-2021-3675
MISC
CONFIRM
MISC tenda — hg9 Tenda ONT GPON AC1200 Dual band WiFi HG9 v1.0.1 is vulnerable to Command Injection via the Ping function. 2022-06-16 not yet calculated CVE-2022-30023
MISC
MISC
MISC textpattern — textpattern Textpattern 4.8.7 is affected by a HTML injection vulnerability through “Content>Write>Body”. 2022-06-14 not yet calculated CVE-2021-40658
MISC thinkcmf — thinkcmf
  thinkcmf v5.1.7 has an unauthorized vulnerability. The attacker can modify the password of the administrator account with id 1 through the background user management group permissions. The use condition is that the background user management group authority is required. 2022-06-14 not yet calculated CVE-2021-40616
MISC thomson — tcw710
  A vulnerability was found in Thomson TCW710 ST5D.10.05. It has been declared as problematic. This vulnerability affects unknown code of the file /goform/RgUrlBlock.asp. The manipulation of the argument BasicParentalNewKeyword with the input ><script>alert(1)</script> as part of POST Request leads to cross site scripting (Persistent). The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. 2022-06-12 not yet calculated CVE-2018-25039
MISC
MISC thomson — tcw710
  A vulnerability was found in Thomson TCW710 ST5D.10.05 and classified as problematic. Affected by this issue is some unknown functionality of the file /goform/RgDdns. The manipulation of the argument DdnsHostName with the input ><script>alert(1)</script> as part of POST Request leads to cross site scripting (Persistent). The attack may be launched remotely. The exploit has been disclosed to the public and may be used. 2022-06-12 not yet calculated CVE-2018-25037
MISC
MISC thomson — tcw710
  A vulnerability has been found in Thomson TCW710 ST5D.10.05 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /goform/RgTime. The manipulation of the argument TimeServer1/TimeServer2/TimeServer3 with the input ><script>alert(1)</script> as part of POST Request leads to cross site scripting (Persistent). The attack can be launched remotely. The exploit has been disclosed to the public and may be used. 2022-06-12 not yet calculated CVE-2018-25036
MISC
MISC thomson — tcw710
  A vulnerability, which was classified as problematic, was found in Thomson TCW710 ST5D.10.05. Affected is an unknown function of the file /goform/RGFirewallEL. The manipulation of the argument EmailAddress/SmtpServerName with the input ><script>alert(1)</script> as part of POST Request leads to cross site scripting (Persistent). It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. 2022-06-12 not yet calculated CVE-2018-25035
MISC
MISC thomson — tcw710
  A vulnerability, which was classified as problematic, has been found in Thomson TCW710 ST5D.10.05. This issue affects some unknown processing of the file /goform/wlanPrimaryNetwork. The manipulation of the argument ServiceSetIdentifier with the input ><script>alert(1)</script> as part of POST Request leads to cross site scripting (Persistent). The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. 2022-06-12 not yet calculated CVE-2018-25034
MISC
MISC thomson — tcw710
  A vulnerability was found in Thomson TCW710 ST5D.10.05. It has been classified as problematic. This affects an unknown part of the file /goform/RgDhcp. The manipulation of the argument PppUserName with the input ><script>alert(1)</script> as part of POST Request leads to cross site scripting (Persistent). It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. 2022-06-12 not yet calculated CVE-2018-25038
MISC
MISC topsec — topidp3000
  An issue in TopIDP3000 Topsec Operating System tos_3.3.005.665b.15_smpidp allows attackers to perform a brute-force attack via a crafted session_id cookie. 2022-06-14 not yet calculated CVE-2022-31273
MISC tourism_management_system_version — tourism_management_system_version Tourism Management System Version: V 3.2 is affected by: Cross Site Request Forgery (CSRF). 2022-06-14 not yet calculated CVE-2022-30930
MISC
MISC trendnet — tew-831dr
  An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The web interface is vulnerable to CSRF. An attacker can change the pre-shared key of the Wi-Fi router if the interface’s IP address is known. 2022-06-16 not yet calculated CVE-2022-30327
MISC
MISC trendnet — tew-831dr
  An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The default pre-shared key for the Wi-Fi networks is the same for every router except for the last four digits. The device default pre-shared key for both 2.4 GHz and 5 GHz networks can be guessed or brute-forced by an attacker within range of the Wi-Fi network. 2022-06-16 not yet calculated CVE-2022-30325
MISC
MISC trendnet — tew-831dr
  An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. An OS injection vulnerability exists within the web interface, allowing an attacker with valid credentials to execute arbitrary shell commands. 2022-06-16 not yet calculated CVE-2022-30329
MISC
MISC trendnet — tew-831dr
  An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The username and password setup for the web interface does not require entering the existing password. A malicious user can change the username and password of the interface. 2022-06-16 not yet calculated CVE-2022-30328
MISC
MISC trendnet — tew-831dr
  An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The network pre-shared key field on the web interface is vulnerable to XSS. An attacker can use a simple XSS payload to crash the basic.config page of the web interface. 2022-06-16 not yet calculated CVE-2022-30326
MISC
MISC trendnet — ip-110wn Trendnet IP-110wn camera fw_tv-ip110wn_v2(1.2.2.68) has an xss vulnerability via the proname parameter in /admin/scheprofile.cgi 2022-06-17 not yet calculated CVE-2022-31875
MISC trendnet — ip-110wn Trendnet IP-110wn camera fw_tv-ip110wn_v2(1.2.2.68) has an XSS vulnerability via the prefix parameter in /admin/general.cgi. 2022-06-17 not yet calculated CVE-2022-31873
MISC typo3 — typo3 TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, system internal credentials or keys (e.g. database credentials) can be logged as plaintext in exception handlers, when logging the complete exception stack trace. TYPO3 versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, 11.5.11 contain a fix for the problem. 2022-06-14 not yet calculated CVE-2022-31047
MISC
CONFIRM
MISC typo3 — typo3 TYPO3 is an open source web content management system. Prior to versions 9.5.34 ELTS, 10.4.29, and 11.5.11, Admin Tool sessions initiated via the TYPO3 backend user interface had not been revoked even if the corresponding user account was degraded to lower permissions or disabled completely. This way, sessions in the admin tool theoretically could have been prolonged without any limit. TYPO3 versions 9.5.34 ELTS, 10.4.29, and 11.5.11 contain a fix for the problem. 2022-06-14 not yet calculated CVE-2022-31050
MISC
CONFIRM
MISC typo3 — typo3
  TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the export functionality fails to limit the result set to allowed columns of a particular database table. This way, authenticated users can export internal details of database tables they already have access to. TYPO3 versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, 11.5.11 fix the problem described above. In order to address this issue, access to mentioned export functionality is completely denied for regular backend users. 2022-06-14 not yet calculated CVE-2022-31046
MISC
CONFIRM
MISC typo3 — typo3
  TYPO3 is an open source web content management system. Prior to versions 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the Form Designer backend module of the Form Framework is vulnerable to cross-site scripting. A valid backend user account with access to the form module is needed to exploit this vulnerability. TYPO3 versions 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11 contain a fix for the problem. 2022-06-14 not yet calculated CVE-2022-31048
MISC
CONFIRM
MISC typo3 — typo3
  TYPO3 is an open source web content management system. Prior to versions 9.5.34 ELTS, 10.4.29, and 11.5.11, user submitted content was used without being properly encoded in HTML emails sent to users. The actually affected components were mail clients used to view those messages. TYPO3 versions 9.5.34 ELTS, 10.4.29, and 11.5.11 contain a fix for the problem. 2022-06-14 not yet calculated CVE-2022-31049
MISC
MISC
CONFIRM u5cms — u5cms u5cms version 8.3.5 is vulnerable to Cross Site Scripting (XSS). When a user accesses the default home page if the parameter passed in is http://127.0.0.1/? “Onmouseover=%27tzgl (96502)%27bad=”, it can cause html injection. 2022-06-17 not yet calculated CVE-2022-32442
MISC u5cms — u5cms
  An issue was discovered in u5cms verion 8.3.5 There is a URL redirection vulnerability that can cause a user’s browser to be redirected to another site via /loginsave.php. 2022-06-17 not yet calculated CVE-2022-32444
MISC utorrent — utorrent A vulnerability was found in uTorrent. It has been rated as critical. Affected by this issue is some unknown functionality of the component JSON RPC Server. The manipulation leads to privilege escalation. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. 2022-06-17 not yet calculated CVE-2018-25041
MISC
MISC
MISC
MISC utorrent — utorrent
  A vulnerability classified as critical has been found in uTorrent. This affects an unknown part. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to upgrade the affected component. 2022-06-17 not yet calculated CVE-2018-25042
MISC
MISC
MISC utorrent — utorrent
  A vulnerability classified as critical was found in uTorrent. This vulnerability affects unknown code of the component PRNG. The manipulation leads to weak authentication. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. 2022-06-17 not yet calculated CVE-2018-25043
MISC
MISC
MISC utorrent — utorrent
  A vulnerability, which was classified as critical, has been found in uTorrent. This issue affects some unknown processing of the component Guest Account. The manipulation leads to privilege escalation. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. 2022-06-17 not yet calculated CVE-2018-25044
MISC
MISC
MISC utorrent — web
  A vulnerability was found in uTorrent Web. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component HTTP RPC Server. The manipulation leads to privilege escalation. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. 2022-06-17 not yet calculated CVE-2018-25040
MISC
MISC
MISC victor_cms — victor_cms
  Victor CMS 1.0 is vulnerable to SQL injection via c_id parameter of admin_edit_comment.php, p_id parameter of admin_edit_post.php, u_id parameter of admin_edit_user.php, and edit parameter of admin_update_categories.php. 2022-06-16 not yet calculated CVE-2020-35597
MISC
MISC
MISC vmware — hcx
  VMware HCX update addresses an information disclosure vulnerability. A malicious actor with network user access to the VMware HCX appliance may be able to gain access to sensitive information. 2022-06-16 not yet calculated CVE-2022-22953
MISC vmware — .net_and_visual_studio .NET and Visual Studio Information Disclosure Vulnerability. 2022-06-15 not yet calculated CVE-2022-30184
MISC voipmonitor — web_gui
  VoIPmonitor WEB GUI up to version 24.61 is affected by SQL injection through the “api.php” file and “user” parameter. 2022-06-17 not yet calculated CVE-2021-41408
MISC
MISC wavlink — wn579 A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN579 X3 M79X3.V5030.180719 allows attackers to obtain sensitive router information via a crafted POST request. 2022-06-14 not yet calculated CVE-2022-31847
MISC wavlink — wn579 A vulnerability in live_check.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function. 2022-06-14 not yet calculated CVE-2022-31845
MISC
MISC wavlink — wn579 A vulnerability in live_mfg.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function. 2022-06-14 not yet calculated CVE-2022-31846
MISC
MISC wavlink — aerial
  A vulnerability in live_mfg.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.191012 allows attackers to obtain sensitive router information via execution of the exec cmd function. 2022-06-14 not yet calculated CVE-2022-31308
MISC wavlink — aerial
  An issue in adm.cgi of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows attackers to execute arbitrary commands via a crafted POST request. 2022-06-14 not yet calculated CVE-2022-31311
MISC wavlink — aerial
  A vulnerability in live_check.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows attackers to obtain sensitive router information via execution of the exec cmd function. 2022-06-14 not yet calculated CVE-2022-31309
MISC web_based_quiz_systems — web_based_quiz_systems Web Based Quiz System v1.0 was discovered to contain a SQL injection vulnerability via the eid parameter at welcome.php. 2022-06-15 not yet calculated CVE-2022-32991
MISC weblizar — user_login_log_plugin
  A vulnerability was found in weblizar User Login Log Plugin 2.2.1. It has been classified as problematic. Affected is an unknown function. The manipulation leads to basic cross site scripting (Stored). It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. 2022-06-16 not yet calculated CVE-2017-20056
MISC
MISC
MISC webtareas — webtareas Cross Site Scripting (XSS) vulnerability in webTareas 2.2p1 via the Name field to /linkedcontent/editfolder.php. 2022-06-16 not yet calculated CVE-2021-36609
MISC webtareas — webtareas
  Cross Site Scripting (XSS) vulnerability in webTareas 2.2p1 via the Name field to /projects/editproject.php. 2022-06-16 not yet calculated CVE-2021-36608
MISC windows — autopilot_device_management_and_enrollment_client Windows Autopilot Device Management and Enrollment Client Spoofing Vulnerability. 2022-06-15 not yet calculated CVE-2022-30189
MISC wiris — mathtype
  Wiris Mathtype v7.28.0 was discovered to contain a path traversal vulnerability in the resourceFile parameter. This vulnerability is exploited via a crafted request to the resource handler. 2022-06-16 not yet calculated CVE-2022-31372
MISC wordpre4ss — phil_bakers_gate_plugin
  Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability in Phil Baker’s Age Gate plugin <= 2.17.0 at WordPress. 2022-06-15 not yet calculated CVE-2021-36901
CONFIRM
CONFIRM wordpress — admin_management_xtended
  Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Admin Management Xtended plugin <= 2.4.4 at WordPress. 2022-06-15 not yet calculated CVE-2022-29450
CONFIRM
CONFIRM wordpress — api_key_for_google_maps
  Cross-Site Request Forgery (CSRF) vulnerability in API KEY for Google Maps plugin <= 1.2.1 at WordPress leading to Google Maps API key update. 2022-06-15 not yet calculated CVE-2022-29453
CONFIRM
CONFIRM wordpress — auto_delete_posts
  The Auto Delete Posts WordPress plugin through 1.3.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and delete specific posts, categories and attachments at once. 2022-06-13 not yet calculated CVE-2022-1779
MISC wordpress — change_uploaded_file_permissions
  Due to missing checks the Change Uploaded File Permissions WordPress plugin through 4.0.0 is vulnerable to CSRF attacks. This can be used to change the file and folder permissions of any folder. This could be problematic when specific files like ini files are made readable for everyone due to this. 2022-06-13 not yet calculated CVE-2022-1788
MISC wordpress — export_all_urls Authenticated (editor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Export All URLs plugin <= 4.1 at WordPress. 2022-06-15 not yet calculated CVE-2022-29452
CONFIRM
CONFIRM wordpress — filr
  The Filr WordPress plugin before 1.2.2.1 does not have authorisation check in two of its AJAX actions, allowing them to be called by any authenticated users, such as subscriber. They are are protected with a nonce, however the nonce is leaked on the dashboard. This could allow them to upload arbitrary HTML files as well as delete all files or arbitrary ones. 2022-06-13 not yet calculated CVE-2022-1777
MISC wordpress — google_places_reviews_plugin
  The Google Places Reviews WordPress plugin before 2.0.0 does not properly escape its Google API key setting, which is reflected on the site’s administration panel. A malicious administrator could abuse this bug, in a multisite WordPress configuration, to trick super-administrators into viewing the booby-trapped payload and taking over their account. 2022-06-13 not yet calculated CVE-2022-1772
MISC wordpress — google_tag_manager
  The Google Tag Manager for WordPress (GTM4WP) plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the `gtm4wp-options[scroller-contentid]` parameter found in the `~/public/frontend.php` file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 1.15.1. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled. 2022-06-13 not yet calculated CVE-2022-1961
MISC
MISC
MISC wordpress — hc_custom_wp-admin
  The HC Custom WP-Admin URL WordPress plugin through 1.4 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, allowing them to change the login URL 2022-06-13 not yet calculated CVE-2022-1594
MISC wordpress — image_slider Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Image Slider by NextCode plugin <= 1.1.2 at WordPress. 2022-06-15 not yet calculated CVE-2022-29437
CONFIRM
CONFIRM wordpress — image_slider
  Cross-Site Request Forgery (CSRF) vulnerability in Image Slider by NextCode plugin <= 1.1.2 at WordPress allows deleting slides. 2022-06-15 not yet calculated CVE-2022-29439
CONFIRM
CONFIRM wordpress — image_slider
  Authenticated (author or higher user role) Persistent Cross-Site Scripting (XSS) vulnerability in Image Slider by NextCode plugin <= 1.1.2 at WordPress. 2022-06-15 not yet calculated CVE-2022-29438
CONFIRM
CONFIRM wordpress — jupiterxcore_plugin Vulnerable versions of the Jupiter (<= 6.10.1) and JupiterX (<= 2.0.6) Themes allow logged-in users, including subscriber-level users, to perform Path Traversal and Local File inclusion. In the JupiterX theme, the jupiterx_cp_load_pane_action AJAX action present in the lib/admin/control-panel/control-panel.php file calls the load_control_panel_pane function. It is possible to use this action to include any local PHP file via the slug parameter. The Jupiter theme has a nearly identical vulnerability which can be exploited via the mka_cp_load_pane_action AJAX action present in the framework/admin/control-panel/logic/functions.php file, which calls the mka_cp_load_pane_action function. 2022-06-13 not yet calculated CVE-2022-1657
MISC wordpress — jupiterxcore_plugin
  Jupiter Theme <= 6.10.1 and JupiterX Core Plugin <= 2.0.7 allow any authenticated attacker, including a subscriber or customer-level attacker, to gain administrative privileges via the “abb_uninstall_template” (both) and “jupiterx_core_cp_uninstall_template” (JupiterX Core Only) AJAX actions 2022-06-13 not yet calculated CVE-2022-1654
MISC wordpress — jupiterxcore_plugin
  Vulnerable versions of the JupiterX Core (<= 2.0.6) plugin register an AJAX action jupiterx_conditional_manager which can be used to call any function in the includes/condition/class-condition-manager.php file by sending the desired function to call in the sub_action parameter. This can be used to view site configuration and logged-in users, modify post conditions, or perform a denial of service attack. 2022-06-13 not yet calculated CVE-2022-1659
MISC wordpress — jupiterxcore_plugin
  Vulnerable versions of the Jupiter Theme (<= 6.10.1) allow arbitrary plugin deletion by any authenticated user, including users with the subscriber role, via the abb_remove_plugin AJAX action registered in the framework/admin/control-panel/logic/plugin-management.php file. Using this functionality, any logged-in user can delete any installed plugin on the site. 2022-06-13 not yet calculated CVE-2022-1658
MISC wordpress — latex
  The LaTeX for WordPress plugin through 3.4.10 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack which could also lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping 2022-06-13 not yet calculated CVE-2022-1780
MISC wordpress — messages_for_wordpress
  Authenticated (subscriber or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Messages For WordPress <= 2.1.10 at WordPress. 2022-06-15 not yet calculated CVE-2022-29442
CONFIRM
CONFIRM wordpress — mobile_browser_color_select
  The Mobile browser color select plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the admin_update_data() function. This makes it possible for unauthenticated attackers to inject malicious web scripts via forged request granted they can trick a site administrator into performing an action such as clicking on a link. 2022-06-13 not yet calculated CVE-2022-1969
MISC
MISC wordpress — muneebs_custom_popup_builder
  Improper Access Control vulnerability leading to multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Muneeb’s Custom Popup Builder plugin <= 1.3.1 at WordPress. 2022-06-15 not yet calculated CVE-2022-28612
CONFIRM
CONFIRM wordpress — new_user_email_set_up
  The New User Email Set Up WordPress plugin through 0.5.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack 2022-06-13 not yet calculated CVE-2022-1790
MISC wordpress — newsletter_plugin
  The Newsletter WordPress plugin before 7.4.5 does not sanitize and escape the $_SERVER[‘REQUEST_URI’] before echoing it back in admin pages. Although this uses addslashes, and most modern browsers automatically URLEncode requests, this is still vulnerable to Reflected XSS in older browsers such as Internet Explorer 9 or below. 2022-06-13 not yet calculated CVE-2022-1756
MISC wordpress — nicdark_doo_travel_management
  Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Nicdark d.o.o. Travel Management plugin <= 2.0 at WordPress. 2022-06-15 not yet calculated CVE-2022-27859
CONFIRM
CONFIRM wordpress — one_click_plugin_updater
  The One Click Plugin Updater WordPress plugin through 2.4.14 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and disable / hide the badge of the available updates and the related check. 2022-06-13 not yet calculated CVE-2022-1791
MISC wordpress — peteraes_collaboration_e-mails_plugin
  The Peter’s Collaboration E-mails WordPress plugin through 2.2.0 is vulnerable to CSRF due to missing nonce checks. This allows the change of its settings, which can be used to lower the required user level, change texts, the used email address and more. 2022-06-13 not yet calculated CVE-2022-1761
MISC wordpress — photo_gallery_by_supsystic_plugin Cross-Site Request Forgery (CSRF) vulnerability in Photo Gallery by Supsystic plugin <= 1.15.5 at WordPress allows changing the plugin settings. 2022-06-15 not yet calculated CVE-2021-36891
CONFIRM
CONFIRM wordpress — posttabs
  The postTabs WordPress plugin through 2.10.6 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, which also lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping 2022-06-13 not yet calculated CVE-2022-1781
MISC wordpress — private_messages_for_wordpress Cross-Site Request Forgery (CSRF) vulnerability in Private Messages For WordPress plugin <= 2.1.10 at WordPress allows attackers to send messages. 2022-06-15 not yet calculated CVE-2022-29441
CONFIRM
CONFIRM wordpress — promotion_slider
  Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Promotion Slider plugin <= 3.3.4 at WordPress. 2022-06-15 not yet calculated CVE-2022-29440
CONFIRM
CONFIRM wordpress — quick_subscribe
  The Quick Subscribe WordPress plugin through 1.7.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and leading to Stored XSS due to the lack of sanitisation and escaping in some of them 2022-06-13 not yet calculated CVE-2022-1792
MISC wordpress — sticky_popup_plugin
  The Sticky Popup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ popup_title’ parameter in versions up to, and including, 1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with admin level capabilities and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This issue mostly affects sites where unfiltered_html has been disabled for administrators and on multi-site installations where unfiltered_html is disabled for administrators. 2022-06-13 not yet calculated CVE-2022-1750
MISC wordpress — team_manager
  Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in DynamicWebLab’s WordPress Team Manager plugin <= 1.6.9 at WordPress. 2022-06-15 not yet calculated CVE-2022-29406
CONFIRM
CONFIRM wordpress — wp-chgfontsize_plugin
  The WP-chgFontSize WordPress plugin through 1.8 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping 2022-06-13 not yet calculated CVE-2022-1764
MISC wordpress –nicdarks_hotel_booking
  Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Nicdark’s Hotel Booking plugin <= 3.0 at WordPress. 2022-06-15 not yet calculated CVE-2022-29443
CONFIRM
CONFIRM wordpress– sideblog
  The Sideblog WordPress plugin through 6.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping 2022-06-13 not yet calculated CVE-2022-1787
MISC wordpress — copify
  The Copify plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.0. This is due to missing nonce validation on the CopifySettings page. This makes it possible for unauthenticated attackers to update the plugins settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. 2022-06-13 not yet calculated CVE-2022-1900
MISC wordpress — download_manager
  The Download Manager Plugin for WordPress is vulnerable to reflected Cross-Site Scripting in versions up to, and including 3.2.42. This is due to insufficient input sanitization and output escaping on the ‘frameid’ parameter found in the ~/src/Package/views/shortcode-iframe.php file. 2022-06-13 not yet calculated CVE-2022-1985
MISC
MISC
MISC wordpress — export_any_wordpress_data_to_xml/csv
  The Export any WordPress data to XML/CSV WordPress plugin before 1.3.5 does not sanitize the cpt POST parameter when exporting post data before using it in a database query, leading to an SQL injection vulnerability. 2022-06-13 not yet calculated CVE-2022-1800
MISC wordpress — genki_pre-publish_reminder
  The Genki Pre-Publish Reminder WordPress plugin through 1.4.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored XSS as well as RCE when custom code is added via the plugin settings. 2022-06-13 not yet calculated CVE-2022-1758
MISC wordpress — hot_linked_image_cacher_plugin
  The Hot Linked Image Cacher WordPress plugin through 1.16 is vulnerable to CSRF. This can be used to store / cache images from external domains on the server, which could lead to legal risks (due to copyright violations or licensing rules). 2022-06-13 not yet calculated CVE-2022-1765
MISC wordpress — iq_block_country_plugin
  The iQ Block Country WordPress plugin through 1.2.13 does not properly checks HTTP headers in order to validate the origin IP address, allowing threat actors to bypass it’s block feature by spoofing the headers. 2022-06-13 not yet calculated CVE-2022-1762
MISC wordpress — keep_backup_daily
  The Keep Backup Daily plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘t’ parameter in versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. 2022-06-13 not yet calculated CVE-2022-1820
MISC
MISC wordpress — mitsol_social_post_feed_plugin
  The Mitsol Social Post Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.10 due to insufficient input sanitization and output escaping on the application id parameters. This makes it possible for authenticated (admin+) attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html is disabled. 2022-06-13 not yet calculated CVE-2022-0209
MISC
MISC wordpress — ninja_forms_contact_form_plugin
  Authenticated (admin or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Saturday Drive’s Ninja Forms Contact Form plugin <= 3.6.9 at WordPress via “label”. 2022-06-16 not yet calculated CVE-2021-36827
CONFIRM
CONFIRM wordpress — private_files
  The Private Files WordPress plugin through 0.40 is missing CSRF check when disabling the protection, which could allow attackers to make a logged in admin perform such action via a CSRF attack and make the blog public 2022-06-13 not yet calculated CVE-2022-1793
MISC wordpress — rb_internal_links_plugin
  The RB Internal Links WordPress plugin through 2.0.16 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, as well as perform Stored Cross-Site Scripting attacks due to the lack of sanitisation and escaping 2022-06-13 not yet calculated CVE-2022-1759
MISC wordpress — rsvpmaker_plugin
  The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to insufficient escaping and parameterization on user supplied data passed to multiple SQL queries in the ~/rsvpmaker-email.php file. This makes it possible for unauthenticated attackers to steal sensitive information from the database in versions up to, and including, 9.3.2. Please note that this is separate from CVE-2022-1453 & CVE-2022-1505. 2022-06-13 not yet calculated CVE-2022-1768
MISC
MISC
MISC wordpress — static_page_extended_plugin
  Due to missing checks the Static Page eXtended WordPress plugin through 2.1 is vulnerable to CSRF attacks which allows changing the plugin settings, including required user levels for specific features. This could also lead to Stored Cross-Site Scripting due to the lack of escaping in some of the settings 2022-06-13 not yet calculated CVE-2022-1763
MISC wordpress — toolbar_to_share
  The ToolBar to Share plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0. This is due to missing nonce validation on the plugin_toolbar_comparte page. This makes it possible for unauthenticated attackers to update the plugins settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. 2022-06-13 not yet calculated CVE-2022-1918
MISC
MISC wordpress — wp_admin_style
  The WP Admin Style WordPress plugin through 0.1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed 2022-06-13 not yet calculated CVE-2022-1814
MISC wordpress — wp_athletics
  The WP Athletics WordPress plugin through 1.1.7 does not sanitise and escape a parameter before outputting back in an admin page, leading to a Reflected Cross-Site Scripting 2022-06-13 not yet calculated CVE-2022-1773
MISC wordpress — wpmk_ajax_finder_plugin
  The WPMK Ajax Finder WordPress plugin is vulnerable to Cross-Site Request Forgery via the createplugin_atf_admin_setting_page() function found in the ~/inc/config/create-plugin-config.php file due to a missing nonce check which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.1. 2022-06-13 not yet calculated CVE-2022-1749
MISC
MISC wordpress — zephyr_project_manager
  The Zephyr Project Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘project’ parameter in versions up to, and including, 3.2.40 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. 2022-06-13 not yet calculated CVE-2022-1822
MISC
MISC wuzhicms — wuzhicms
  SQL injection vulnerabilities exist in Wuzhicms v4.1.0 which allows attackers to execute arbitrary SQL commands via the $keyValue parameter in /coreframe/app/pay/admin/index.php 2022-06-16 not yet calculated CVE-2021-41654
MISC xakuros — xo_slider_plugin
  Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Xakuro’s XO Slider plugin <= 3.3.2 at WordPress. 2022-06-15 not yet calculated CVE-2022-32280
CONFIRM
CONFIRM xfce — xfce XFCE 4.16 allows attackers to execute arbitrary code because xdg-open can execute a .desktop file on an attacker-controlled FTP server. 2022-06-13 not yet calculated CVE-2022-32278
MISC
DEBIAN xiaomi — lamp
  Xiaomi Lamp 1 v2.0.4_0066 was discovered to be vulnerable to replay attacks. This allows attackers to to bypass the expected access restrictions and gain control of the switch and other functions via a crafted POST request. 2022-06-16 not yet calculated CVE-2022-31277
MISC xos-shop — xos-shop_system
  Arbitrary File Deletion vulnerability in XOS-Shop xos_shop_system 1.0.9 via current_manufacturer_image parameter to /shop/admin/categories.php 2022-06-16 not yet calculated CVE-2021-46820
MISC xos-shop — xos-shop_system
  Arbitrary File Deletion vulnerability in XOS-Shop xos_shop_system 1.0.9 via current_manufacturer_image parameter to /shop/admin/manufacturers.php. 2022-06-16 not yet calculated CVE-2021-37764
MISC xpedition — designer
  A vulnerability has been identified in Xpedition Designer (All versions < VX.2.11). The affected application assigns improper access rights to the service executable. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges. 2022-06-14 not yet calculated CVE-2022-31465
MISC xyzscripts — contact_form_manager_plugin
  A vulnerability was found in XYZScripts Contact Form Manager Plugin. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. 2022-06-16 not yet calculated CVE-2017-20054
MISC
MISC
MISC xyzscripts — contact_form_manager_plugin
  A vulnerability was found in XYZScripts Contact Form Manager Plugin. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. 2022-06-16 not yet calculated CVE-2017-20053
MISC
MISC
MISC yandex — browser_for_windows
  Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.684 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process. 2022-06-15 not yet calculated CVE-2022-28225
MISC yandex — browser_for_windows
  Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.801 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating temporary files in directory with insecure permissions during Yandex Browser update process. 2022-06-15 not yet calculated CVE-2022-28226
MISC yandex — browser
  Local privilege vulnerability in Yandex Browser for Windows prior to 22.5.0.862 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process. 2022-06-15 not yet calculated CVE-2021-25261
MISC yugue — kkcms kkcms v1.3.7 was discovered to contain a SQL injection vulnerability via the cid parameter at /template/wapian/vlist.php. 2022-06-15 not yet calculated CVE-2022-32101
MISC yuque — youdiancms YoudianCMS v9.5.0 was discovered to contain a SQL injection vulnerability via the id parameter at /App/Lib/Action/Admin/SiteAction.class.php. 2022-06-15 not yet calculated CVE-2022-32299
MISC yuque — youdiancms YoudianCMS v9.5.0 was discovered to contain a SQL injection vulnerability via the MailSendID parameter at /App/Lib/Action/Admin/MailAction.class.php. 2022-06-15 not yet calculated CVE-2022-32300
MISC yuque — youdiancms YoudianCMS v9.5.0 was discovered to contain a SQL injection vulnerability via the IdList parameter at /App/Lib/Action/Home/ApiAction.class.php. 2022-06-15 not yet calculated CVE-2022-32301
MISC zoom — on-premise_meeting_connector
  Zooms On-Premise Meeting Connector MMR before version 4.8.113.20220526 fails to properly check the permissions of a Zoom meeting attendee. As a result, a threat actor in the Zooms waiting room can join the meeting without the consent of the host. 2022-06-15 not yet calculated CVE-2022-28749
MISC zoom — opener
  The Zoom Opener installer is downloaded by a user from the Launch meeting page, when attempting to join a meeting without having the Zoom Meeting Client installed. The Zoom Opener installer for Zoom Client for Meetings before version 5.10.3 and Zoom Rooms for Conference Room for Windows before version 5.10.3 are susceptible to a DLL injection attack. This vulnerability could be used to run arbitrary code on the victims host. 2022-06-15 not yet calculated CVE-2022-22788
MISC zzcms — zzcms An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/deluser.php (when the attacker has admin authority) via the id parameter. 2022-06-17 not yet calculated CVE-2019-12357
MISC zzcms — zzcms An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /dl/dl_sendsms.php (when the attacker has dls_print authority) via a dlid cookie. 2022-06-17 not yet calculated CVE-2019-12358
MISC zzcms — zzcms An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/ztliuyan_sendmail.php (when the attacker has admin authority) via the id parameter. 2022-06-17 not yet calculated CVE-2019-12359
MISC zzcms — zzcms An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /user/dls_print.php (when the attacker has dls_print authority) via the id parameter. 2022-06-17 not yet calculated CVE-2019-12355
MISC zzcms — zzcms An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /user/dls_download.php (when the attacker has dls_download authority) via the id parameter. 2022-06-17 not yet calculated CVE-2019-12356
MISC zzcms — zzcms
  An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /dl/dl_sendmail.php (when the attacker has dls_print authority) via a dlid cookie. 2022-06-17 not yet calculated CVE-2019-12352
MISC zzcms — zzcms
  An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/showbad.php (when the attacker has admin authority) via the id parameter. 2022-06-17 not yet calculated CVE-2019-12354
MISC
General availability: Azure Data Explorer connector for Power Automate, Logic Apps, and Power Apps

General availability: Azure Data Explorer connector for Power Automate, Logic Apps, and Power Apps

This article is contributed. See the original author and article here.


Azure Data Explorer connector for Power Automate, Logic Apps, and Power Apps enables you to automate alerts and notifications, orchestrate business workflows, and build low-code, no-code apps. This is done by using native Azure Data Explorer actions to execute KQL queries and commands on your cluster.


Some of the key scenarios that can be built using integration of Azure Data Explorer with Power Automate and Logic Apps:



  • Automation of alerts and notifications

  • Automation of recurring tasks and business workflows

  • Automation of copy of data scenarios

  • Automation of export of data

  • Integration with Microsoft or 3rd party services


Some of the key scenarios that can be built using integration of Azure Data Explorer with Power Apps: 



  • Management of reference data

  • Data entry scenarios such as audit in manufacturing plants

  • Decision making apps e.g. in energy and utilities industry, one of the common scenario is to predict the maintenance of machines and sending a technician to respond to those scenarios.


Check out the usage example documentation to get started.



 

flow-sql-example.png

Row-level security in Azure Database for PostgreSQL – Hyperscale

Row-level security in Azure Database for PostgreSQL – Hyperscale

This article is contributed. See the original author and article here.

 


Row-level security (RLS) provides an important layer of security and is available as of PostgreSQL 9.5. It is also frequently used to implement data security for multi-tenant and SaaS applications. In this article, we will look at row level security on Azure Database for PostgreSQL – Hyperscale (Citus) to help you better understand how this feature might be used to implement data security in your application.


 


Before we get to RLS, here’s how Azure Database for PostgreSQL – Hyperscale helps with the distribution (sharding) of data. It brings the sharding logic to data layer and manages the shards across the nodes which make up the server group. Once you choose a relevant distribution key, Citus distributes the data. If you are a SaaS provider, the distribution key could be customer / tenant identifier. In such a case, with RLS, you can ensure the right set of data is visible to different users of the database across organizations while Citus can manage their data within single database cluster / server group.


 


Having looked at why, let’s jump right into how of this. We’re going to walk you through the steps to configure and test row level security in Azure Database for PostgreSQL – Hyperscale. You should start by Creating Azure PostgreSQL Hyperscale (Citus) instance / server group.


Once the hyperscale server group is created and ready for connection, let’s proceed with the next steps.


 


Create a Table and Load Some Sample Data:


We’re going to create a new schema which will hold the table(s) where we want to enable RLS. This is not really required but just to ensure that you get full understanding of how this should work in the real environment.


 


CREATE SCHEMA test1;


 


In this schema, we’ll create a distributed table and load some data into it.


 


Create table:


 


CREATE TABLE test1.events(


tenant_id int,


id int,


type text


);


 


Shard the table on ‘tenant_id’ column:


 


SELECT create_distributed_table(‘test1.events’,’tenant_id’);


 


Load dummy data into the table:


 


INSERT INTO test1.events VALUES (1,1,’push’);


INSERT INTO test1.events VALUES (2,2,’push’);


INSERT INTO test1.events VALUES (1,2,’push’);


INSERT INTO test1.events VALUES (2,1,’push’);


 


After adding this dummy data into the new table, next step is to add roles other than the default admin (citus) which will have access to data as per the need.


 


Add Additional Roles as Required:


To do this, you need to login to Azure Portal as the default role ‘citus’ isn’t given privileges to create new roles.


As shown below, once you navigate to the hyperscale server group on the portal –


nitinm09_0-1654309807855.png


 


Step 1 – click on ‘Roles’ under Server group management,


Step 2 – click on ‘+ Add’ to add new role


Step 3 – provide a name for the new role and assign a password to it.


 


For this exercise, we’ll create two roles, namely – tenant1 and tenant2. The reason we chose the role names is to ensure that shard key (in this case tenant_id) can be part of the name of the role and hence 1 and 2. You will see in the next section, why this is important.


 


Once this is done, grant privileges to these roles as needed.


 


Grant Required Privileges to the New Role(s):


Since we created a new schema to hold the distributed table, first step is to ensure that the new roles have access to this schema.


 


GRANT usage ON SCHEMA test1 TO tenant1, tenant2;


 


Without this step, if you try to assign privileges directly, PostgreSQL will return an error suggesting the role doesn’t have permission to access the schema.


 


Next, assign actual privileges on the table(s) to the roles.


 


GRANT SELECT, UPDATE, INSERT, DELETE


  ON test1.events TO tenant1, tenant2;


 


At this time, we have given the required privileges on the table to the newly created roles. However, if a user logs in with these, they will be able to see all the data across shards.


 


This is where the row level security comes into picture.


 


Configure Row Level Security:


To ensure that the primary role (citus) has access to all the data when we add new roles and enable RLS, create a policy which is applicable to this role:


 


CREATE POLICY admin_all ON test1.events


  TO citus           — apply to this role


  USING (true)       — read any existing row


  WITH CHECK (true);


 


Note that the policy will come into effect once row level security is enabled for the table.


 


The next step is to create a policy which will define the check on rows accessible by users.


 


CREATE POLICY user_mod ON test1.events


  USING (current_user = ‘tenant’ || tenant_id::text);


  — lack of CHECK means same condition as USING


 


The policy defines which rows user has access to as it concatenates string ‘tenant’ with the tenant_id column of the table. If you scroll back to where we created the roles and why we chose those names for the roles, it should make sense now.


 


And then finally enable the RLS on the table.


 


ALTER TABLE test1.events ENABLE ROW LEVEL SECURITY;


 


To further simplify this – the rows in the table have tenant_id values 1 or 2. Policy defines expression (‘tenant’ || ‘1’) as role name to have access to rows where tenant_id is 1 and so on. Of course, you need to create more roles as you keep adding rows to the table with different tenant IDs.


 


This check is pushed down to all the worked nodes in the hyperscale server group and will ensure that the access to the data is governed by the policy created by row level security.


 


This is it! Go ahead, login with the new role and try to fetch or change the rows in the table.


 


On the dummy data defined here, when ‘tenant1’ logs in and runs the following query –


 


SELECT * FROM test1.events;


 


The output is this –


 


nitinm09_1-1654309807858.png


 


This ensures that the role ‘tenant1’ only has access to rows with tenant_id being 1 and similarly role ‘tenant2’ will have access to rows with tenant_id being 2 and so on.


 


Stay tuned for more!


 


FastTrack for Azure: Move to Azure efficiently with customized guidance from Azure engineering. FastTrack for Azure – Benefits and FAQ | Microsoft Azure