Vulnerability Summary for the Week of February 14, 2022

Released
Feb 21, 2022
Document ID
SB22-052

The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High: vulnerabilities with a CVSS base score of 7.0–10.0
  • Medium: vulnerabilities with a CVSS base score of 4.0–6.9
  • Low: vulnerabilities with a CVSS base score of 0.0–3.9

Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis. 


 

High Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
accel-ppp -- accel-pppThe rad_packet_recv function in opt/src/accel-pppd/radius/packet.c suffers from a buffer overflow vulnerability, whereby user input len is copied into a fixed buffer &attr->val.integer without any bound checks. If the client connects to the server and sends a large radius packet, a buffer overflow vulnerability will be triggered.2022-02-147.5CVE-2022-24704
MISC
accel-ppp -- accel-pppThe rad_packet_recv function in radius/packet.c suffers from a memcpy buffer overflow, resulting in an overly-large recvfrom into a fixed buffer that causes a buffer overflow and overwrites arbitrary memory. If the server connects with a malicious client, crafted client requests can remotely trigger this vulnerability.2022-02-147.5CVE-2022-24705
MISC
apache -- apisixAn attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX (with default API key) is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different from the data panel, the impact is lower. But there is still a risk to bypass the IP restriction of Apache APISIX's data panel. There is a check in the batch-requests plugin which overrides the client IP with its real remote IP. But due to a bug in the code, this check can be bypassed.2022-02-117.5CVE-2022-24112
MISC
MLIST
apache -- cassandraWhen running Apache Cassandra with the following configuration: enable_user_defined_functions: true enable_scripted_user_defined_functions: true enable_user_defined_functions_threads: false it is possible for an attacker to execute arbitrary code on the host. The attacker would need to have enough permissions to create user defined functions in the cluster to be able to exploit this. Note that this configuration is documented as unsafe, and will continue to be considered unsafe after this CVE.2022-02-118.5CVE-2021-44521
MISC
MLIST
MISC
broadcom -- xcom_data_transportXCOM Data Transport for Windows, Linux, and UNIX 11.6 releases contain a vulnerability due to insufficient input validation that could potentially allow remote attackers to execute arbitrary commands with elevated privileges.2022-02-1410CVE-2022-23992
MISC
dairy_farm_shop_management_system_project -- dairy_farm_shop_management_systemDairy Farm Shop Management System v1.0 was discovered to contain hardcoded credentials in the source code which allows attackers access to the control panel if compromised.2022-02-117.5CVE-2020-36062
MISC
MISC
MISC
drupal -- drupalDrupal's JSON:API and REST/File modules allow file uploads through their HTTP APIs. The modules do not correctly run all file validation, which causes an access bypass vulnerability. An attacker might be able to upload files that bypass the file validation process implemented by modules on the site.2022-02-117.5CVE-2020-13675
CONFIRM
foxit -- pdf_readerFoxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have a Stack-Based Buffer Overflow related to XFA, for the 'subform colSpan="-2"' and 'draw colSpan="1"' substrings.2022-02-117.5CVE-2022-24954
MISC
MISC
foxit -- pdf_readerFoxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have an Uncontrolled Search Path Element for DLL files.2022-02-117.5CVE-2022-24955
MISC
golang -- goRat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption.2022-02-117.8CVE-2022-23772
MISC
google -- androidIn onActivityViewReady of DetailDialog.kt, there is a possible Intent Redirect due to a confused deputy. This could lead to local escalation of privilege that allows actions performed as the System UI, with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-1934456032022-02-117.2CVE-2021-39668
MISC
google -- androidIn fastboot, there is a possible secure boot bypass due to a configuration error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android SoC Android ID: A-2020187012022-02-117.2CVE-2021-39672
MISC
google -- androidIn openFileAndEnforcePathPermissionsHelper of MediaProvider.java, there is a possible bypass of a permissions check due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-2006821352022-02-117.2CVE-2021-39663
MISC
google -- androidIn btm_sec_connected and btm_sec_disconnected of btm_sec.cc file , there is a possible use after free. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-2010834422022-02-117.2CVE-2021-39674
MISC
google -- androidIn checkUriPermission of MediaProvider.java , there is a possible way to gain access to the content of media provider collections due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-1973021162022-02-117.2CVE-2021-39662
MISC
google -- androidIn updatePackageMappingsData of UsageStatsService.java, there is a possible way to bypass security and privacy settings of app usage due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-1973999482022-02-117.2CVE-2021-39619
MISC
google -- androidIn writeThrowable of AndroidFuture.java, there is a possible parcel serialization/deserialization mismatch due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-1972282102022-02-117.2CVE-2021-39676
MISC
google -- androidSummary:Product: AndroidVersions: Android SoCAndroid ID: A-2046864382022-02-1110CVE-2021-39616
MISC
google -- androidAn improper boundary check in eden_runtime hal service prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution.2022-02-117.2CVE-2022-23428
MISC
google -- androidIn GKI_getbuf of gki_buffer.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-2057291832022-02-1110CVE-2021-39675
MISC
google -- androidismsEx service is a vendor service in unisoc equipment?ismsEx service is an extension of sms system service?but it does not check the permissions of the caller?resulting in permission leaks?Third-party apps can use this service to arbitrarily modify and set system properties?Product: AndroidVersions: Android SoCAndroid ID: A-2074792072022-02-1110CVE-2021-39658
MISC
google -- androidImproper input validation in Exynos baseband prior to SMR Feb-2022 Release 1 allows attackers to send arbitrary NAS signaling messages with fake base station.2022-02-117.5CVE-2022-23425
MISC
google -- androidims_ex is a vendor system service used to manage VoLTE in unisoc devices?But it does not verify the caller's permissions?so that normal apps (No phone permissions) can obtain some VoLTE sensitive information and manage VoLTE calls.Product: AndroidVersions: Android SoCAndroid ID: A-2064926342022-02-119.4CVE-2021-39635
MISC
microweber -- microweberOS Command Injection in Packagist microweber/microweber prior to 1.2.11.2022-02-119.3CVE-2022-0557
CONFIRM
MISC
mitsubishielectric -- cw_configuratorMultiple Mitsubishi Electric Factory Automation products have a vulnerability that allows an attacker to execute arbitrary code.2022-02-117.5CVE-2020-14523
MISC
MISC
MISC
nokia -- bts_trs_web_consoleNokia BTS TRS web console FTM_W20_FP2_2019.08.16_0010 allows Authentication Bypass. A malicious unauthenticated user can get access to all the functionalities exposed via the web panel, circumventing the authentication process, by using URL encoding for the . (dot) character.2022-02-117.5CVE-2021-31932
MISC
portainer -- portainerIn Portainer Agent before 2.11.1, an API server can continue running even if not associated with a Portainer instance in the past few days.2022-02-117.5CVE-2022-24961
MISC
MISC
MISC
MISC
qualcomm -- apq8009w_firmwareImproper validation of maximum size of data write to EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables2022-02-117.2CVE-2021-30323
CONFIRM
qualcomm -- apq8096au_firmwareImproper validation of data length received from DMA buffer can lead to memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking2022-02-117.2CVE-2021-35069
CONFIRM
qualcomm -- aqt1000_firmwareImproper validation of program headers containing ELF metadata can lead to image verification bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking2022-02-117.2CVE-2021-30317
CONFIRM
qualcomm -- aqt1000_firmwarePossible out of bounds write due to improper validation of number of GPIOs configured in an internal parameters array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile2022-02-117.2CVE-2021-30322
CONFIRM
qualcomm -- ar8035_firmwarePossible integer overflow due to improper fragment datatype while calculating number of fragments in a request message in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile2022-02-117.2CVE-2021-35074
CONFIRM
qualcomm -- ar8035_firmwarePossible use after free scenario in compute offloads to DSP while multiple calls spawn a dynamic process in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile2022-02-117.2CVE-2021-35077
CONFIRM
qualcomm -- ar8035_firmwarePossible null pointer dereference due to lack of WDOG structure validation during registration in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile2022-02-117.2CVE-2021-35075
CONFIRM
radare -- radare2Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2.2022-02-167.5CVE-2022-0559
MISC
CONFIRM
schneider-electric -- interactive_graphical_scada_system_data_collectorA CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could lead to remote code execution through a number of paths, when an attacker, writes arbitrary files to folders in context of the DC module, by sending constructed messages on the network. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior)2022-02-117.5CVE-2021-22803
MISC
schneider-electric -- interactive_graphical_scada_system_data_collectorA CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in remote code execution due to missing length check on user supplied data, when a constructed message is received on the network. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior)2022-02-117.5CVE-2021-22802
MISC
snowsoftware -- snow_inventory_java_scannerA vulnerability in Snow Inventory Java Scanner allows an attacker to run malicious code at a higher level of privileges. This issue affects: SNOW Snow Inventory Java Scanner 1.02022-02-167.2CVE-2021-4106
MISC
tongda2000 -- tongda_oaTongda2000 v11.10 was discovered to contain a SQL injection vulnerability in /mobile_seal/get_seal.php via the DEVICE_LIST parameter.2022-02-147.5CVE-2022-24206
MISC
tongda2000 -- tongda_oaTongda2000 v11.10 was discovered to contain a SQL injection vulnerability in export_data.php via the d_name parameter.2022-02-147.5CVE-2022-23902
MISC
tsg-solutions -- tokheim_profleet_dialogTokheim Profleet DiaLOG 11.005.02 is affected by SQL Injection. The component is the Field__UserLogin parameter on the logon page.2022-02-1110CVE-2021-34235
MISC

Back to top

 

Medium Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
10web -- spidercalendarThe SpiderCalendar WordPress plugin through 1.5.65 does not sanitise and escape the callback parameter before outputting it back in the page via the window AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting issue.2022-02-144.3CVE-2022-0212
MISC
apache -- cayenneHessian serialization is a network protocol that supports object-based transmission. Apache Cayenne's optional Remote Object Persistence (ROP) feature is a web services-based technology that provides object persistence and query functionality to 'remote' applications. In Apache Cayenne 4.1 and earlier, running on non-current patch versions of Java, an attacker with client access to Cayenne ROP can transmit a malicious payload to any vulnerable third-party dependency on the server. This can result in arbitrary code execution.2022-02-116.5CVE-2022-24289
MISC
MLIST
appneta -- tcpreplaytcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c.2022-02-114.3CVE-2021-45387
MISC
appneta -- tcpreplaytcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c2022-02-114.3CVE-2021-45386
MISC
drupal -- drupalThe QuickEdit module does not properly check access to fields in some circumstances, which can lead to unintended disclosure of field data. Sites are only affected if the QuickEdit module (which comes with the Standard profile) is installed.2022-02-114CVE-2020-13676
CONFIRM
drupal -- drupalUnder some circumstances, the Drupal core JSON:API module does not properly restrict access to certain content, which may result in unintended access bypass. Sites that do not have the JSON:API module enabled are not affected.2022-02-114.3CVE-2020-13677
CONFIRM
drupal -- drupalThe QuickEdit module does not properly validate access to routes, which could allow cross-site request forgery under some circumstances and lead to possible data integrity issues. Sites are only affected if the QuickEdit module (which comes with the Standard profile) is installed. Removing the "access in-place editing" permission from untrusted users will not fully mitigate the vulnerability.2022-02-114.3CVE-2020-13674
CONFIRM
drupal -- drupalCross-site Scripting (XSS) vulnerability in ckeditor of Drupal Core allows attacker to inject XSS. This issue affects: Drupal Core 8.8.x versions prior to 8.8.10.; 8.9.x versions prior to 8.9.6; 9.0.x versions prior to 9.0.6.2022-02-114.3CVE-2020-13669
CONFIRM
fastify -- fastify-multipartThis affects the package fastify-multipart before 5.3.1. By providing a name=constructor property it is still possible to crash the application. **Note:** This is a bypass of CVE-2020-8136 (https://security.snyk.io/vuln/SNYK-JS-FASTIFYMULTIPART-1290382).2022-02-115CVE-2021-23597
CONFIRM
CONFIRM
CONFIRM
ffjpeg_project -- ffjpegA Null Pointer Dereference vulnerability exits in ffjpeg d5cfd49 (2021-12-06) in bmp_load(). When the size information in metadata of the bmp is out of range, it returns without assign memory buffer to `pb->pdata` and did not exit the program. So the program crashes when it tries to access the pb->data, in jfif_encode() at jfif.c:763. This is due to the incomplete patch for CVE-2020-13438.2022-02-114.3CVE-2021-45385
MISC
MISC
golang -- goCurve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.2022-02-116.4CVE-2022-23806
MISC
golang -- gocmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags.2022-02-115CVE-2022-23773
MISC
google -- androidUnprotected dynamic receiver in Telecom prior to SMR Feb-2022 Release 1 allows untrusted applications to launch arbitrary activity.2022-02-114.6CVE-2022-22292
MISC
google -- androidIn startVideoStream() there is a possibility of an OOB Read in the heap, when the camera buffer is ‘zero’ in size.Product: AndroidVersions: Android-11Android ID: A-2050970282022-02-115CVE-2021-39677
MISC
google -- androidIn onCreate of InstallCaCertificateWarning.java, there is a possible way to mislead an user about CA installation circumstances due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-1969699912022-02-114.4CVE-2021-39669
MISC
google -- androidAn improper boundary check in RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution.2022-02-114.6CVE-2022-23431
MISC
google -- androidAn improper input validation in SMC_SRPMB_WSM handler of RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution.2022-02-114.6CVE-2022-23432
MISC
google -- androidIn checkSpsUpdated of AAVCAssembler.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-2040778812022-02-114.3CVE-2021-39665
MISC
google -- androidIn code generated by aidl_const_expressions.cpp, there is a possible out of bounds read due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-2067186302022-02-114.3CVE-2021-39671
MISC
google -- chromeUse after free in Data Transfer in Google Chrome on Chrome OS prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.2022-02-126.8CVE-2022-0308
MISC
MISC
google -- chromeObject lifecycle issue in ANGLE in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2022-02-116.8CVE-2021-4100
MISC
MISC
google -- chromeInsufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.2022-02-114.3CVE-2021-4098
MISC
MISC
google -- chromeInappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to incorrectly set origin via a crafted HTML page.2022-02-124.3CVE-2022-0111
MISC
MISC
google -- chromeInappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page.2022-02-124.3CVE-2022-0108
MISC
MISC
google -- chromeInappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to obtain potentially sensitive information via a crafted HTML page.2022-02-124.3CVE-2022-0109
MISC
MISC
google -- chromeUse after free in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2022-02-116.8CVE-2021-4099
MISC
MISC
google -- chromeIncorrect security UI in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.2022-02-124.3CVE-2022-0110
MISC
MISC
google -- chromeUse after free in Optimization Guide in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.2022-02-126.8CVE-2022-0307
MISC
MISC
google -- chromeInappropriate implementation in DevTools in Google Chrome prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to to potentially allow extension to escape the sandbox via a crafted HTML page.2022-02-126.8CVE-2022-0097
MISC
MISC
google -- chromeUse after free in PDF Accessibility in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2022-02-126.8CVE-2022-0105
MISC
MISC
google -- chromeUse after free in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via a crafted HTML page.2022-02-126.8CVE-2022-0106
MISC
MISC
google -- chromeUse after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.2022-02-126.8CVE-2022-0107
MISC
MISC
google -- chromeUse after free in Safe browsing in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2022-02-126.8CVE-2022-0289
MISC
MISC
google -- chromeType confusion in V8 in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2022-02-126.8CVE-2022-0102
MISC
MISC
google -- chromeHeap buffer overflow in Bookmarks in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via specific user gesture.2022-02-126.8CVE-2022-0101
MISC
MISC
google -- chromeUse after free in Bookmarks in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page.2022-02-126.8CVE-2022-0304
MISC
MISC
google -- chromeHeap buffer overflow in Media streams API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2022-02-126.8CVE-2022-0100
MISC
MISC
google -- chromeUse after free in Sign-in in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gesture.2022-02-126.8CVE-2022-0099
MISC
MISC
google -- chromeUse after free in Screen Capture in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gestures.2022-02-126.8CVE-2022-0098
MISC
MISC
google -- chromeUse after free in Site isolation in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.2022-02-126.8CVE-2022-0290
MISC
MISC
google -- chromeUse after free in Web packaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2022-02-126.8CVE-2022-0293
MISC
MISC
google -- chromeUse after free in SwiftShader in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2022-02-126.8CVE-2022-0103
MISC
MISC
google -- chromeUse after free in Storage in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2022-02-126.8CVE-2022-0096
MISC
MISC
google -- chromeUse after free in Omnibox in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced the user to engage is specific user interactions to potentially exploit heap corruption via a crafted HTML page.2022-02-126.8CVE-2022-0295
MISC
MISC
google -- chromeUse after free in Printing in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced the user to engage is specific user interactions to potentially exploit heap corruption via a crafted HTML page.2022-02-126.8CVE-2022-0296
MISC
MISC
google -- chromeUse after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2022-02-116.8CVE-2021-4102
MISC
MISC
google -- chromeUse after free in Vulkan in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2022-02-126.8CVE-2022-0297
MISC
MISC
google -- chromeUse after free in Scheduling in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2022-02-126.8CVE-2022-0298
MISC
MISC
google -- chromeHeap buffer overflow in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2022-02-116.8CVE-2021-4101
MISC
MISC
google -- chromeUse after free in Text Input Method Editor in Google Chrome on Android prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page.2022-02-126.8CVE-2022-0300
MISC
MISC
google -- chromeUse after free in Omnibox in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page.2022-02-126.8CVE-2022-0302
MISC
MISC
google -- chromeHeap buffer overflow in ANGLE in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2022-02-126.8CVE-2022-0104
MISC
MISC
kde -- kateThe LSP (Language Server Protocol) plugin in KDE Kate before 21.12.2 and KTextEditor before 5.91.0 tries to execute the associated LSP server binary when opening a file of a given type. If this binary is absent from the PATH, it will try running the LSP server binary in the directory of the file that was just opened (due to a misunderstanding of the QProcess API, that was never intended). This can be an untrusted directory.2022-02-116.8CVE-2022-23853
MISC
CONFIRM
libtiff -- libtiffNull source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, the fix is available with commit eecb0712.2022-02-114.3CVE-2022-0561
MISC
MISC
CONFIRM
libtiff -- libtiffNull source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, a fix is available with commit 561599c.2022-02-114.3CVE-2022-0562
MISC
MISC
CONFIRM
linux -- linux_kerneldrivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release.2022-02-114.6CVE-2022-24958
MISC
MISC
MISC
microweber -- microweberOpen Redirect in Packagist microweber/microweber prior to 1.2.11.2022-02-115.8CVE-2022-0560
CONFIRM
MISC
permalink_manager_lite_project -- permalink_manager_liteThe Permalink Manager Lite WordPress plugin before 2.2.15 and Permalink Manager Pro WordPress plugin before 2.2.15 do not sanitise and escape query parameters before outputting them back in the debug page, leading to a Reflected Cross-Site Scripting issue2022-02-144.3CVE-2022-0201
CONFIRM
MISC
qualcomm -- apq8009w_firmwareImproper validation of input when provisioning the HDCP key can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables2022-02-114.6CVE-2021-30318
CONFIRM
qualcomm -- apq8096au_firmwarePossible out of bound access of DCI resources due to lack of validation process and resource allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking2022-02-114.6CVE-2021-30325
CONFIRM
qualcomm -- apq8096au_firmwarePossible out of bound write due to lack of boundary check for the maximum size of buffer when sending a DCI packet to remote process in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking2022-02-114.6CVE-2021-30324
CONFIRM
qualcomm -- ar8035_firmwarePossible assertion due to improper size validation while processing the DownlinkPreemption IE in an RRC Reconfiguration/RRC Setup message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile2022-02-115CVE-2021-30326
CONFIRM
qualcomm -- mdm9650_firmwareImproper size validation of QXDM commands can lead to memory corruption in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile2022-02-114.6CVE-2021-30309
CONFIRM
samsung -- bixby_visionExposure of Sensitive Information vulnerability in Bixby Vision prior to version 3.7.50.6 allows attackers to access internal data of Bixby Vision via unprotected intent.2022-02-115CVE-2022-24003
MISC
samsung -- link_sharingImproper Authorization vulnerability in Link Sharing prior to version 12.4.00.3 allows attackers to open protected activity via PreconditionActivity.2022-02-115CVE-2022-24002
MISC
samsung -- reminderImproper access control vulnerability in Reminder prior to versions 12.3.01.3000 in Android S(12), 12.2.05.6000 in Android R(11) and 11.6.08.6000 in Andoid Q(10) allows attackers to register reminders or execute exporeted activities remotely.2022-02-115CVE-2022-23433
MISC
samsung -- wear_osUnprotected component vulnerability in StTheaterModeDurationAlarmReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted applications to disable theater mode without a proper permission.2022-02-114.3CVE-2022-23997
MISC
schneider-electric -- interactive_graphical_scada_system_data_collectorA CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in denial of service, due to missing length check on user-supplied data from a constructed message received on the network. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21320 and prior)2022-02-115CVE-2021-22824
MISC
schneider-electric -- interactive_graphical_scada_system_data_collectorA CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause deletion of arbitrary files in the context of the user running IGSS due to lack of validation of network messages. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21320 and prior)2022-02-115CVE-2021-22823
MISC
schneider-electric -- interactive_graphical_scada_system_data_collectorA CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause deletion of arbitrary files in the context of the user running IGSS due to lack of validation of network messages. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior)2022-02-115CVE-2021-22805
MISC
schneider-electric -- interactive_graphical_scada_system_data_collectorA CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause disclosure of arbitrary files being read in the context of the user running IGSS, due to missing validation of user supplied data in network messages. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior)2022-02-115CVE-2021-22804
MISC
schneider-electric -- modicon_m218_firmwareA CWE-20: Improper Input Validation vulnerability exists that could cause a Denial of Service when a crafted packet is sent to the controller over network port 1105/TCP. Affected Product: Modicon M218 Logic Controller (V5.1.0.6 and prior)2022-02-115CVE-2021-22800
MISC
updraftplus -- updraftplusThe UpdraftPlus WordPress plugin Free before 1.22.3 and Premium before 2.22.3 do not properly validate a user has the required privileges to access a backup's nonce identifier, which may allow any users with an account on the site (such as subscriber) to download the most recent site & database backup.2022-02-174CVE-2022-0633
CONFIRM
MISC
MISC
MISC
wpbeaveraddons -- powerpack_lite_for_beaver_builderThe PowerPack Lite for Beaver Builder WordPress plugin before 1.2.9.3 does not sanitise and escape the tab parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting2022-02-144.3CVE-2022-0176
MISC
CONFIRM
wpchill -- remove_footer_creditThe Remove Footer Credit WordPress plugin before 1.0.6 does not have CSRF check in place when saving its settings, which could allow attacker to make logged in admins change them and lead to Stored XSS issue as well due to the lack of sanitisation2022-02-146CVE-2021-24446
MISC
yzmcms -- yzmcmsYzmCMS v6.3 is affected by Cross Site Request Forgery (CSRF) in /admin.add2022-02-156.8CVE-2022-23384
MISC

Back to top

 

Low Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
drupal -- drupalCross-site Scripting (XSS) vulnerability in Drupal core's sanitization API fails to properly filter cross-site scripting under certain circumstances. This issue affects: Drupal Core 9.1.x versions prior to 9.1.7; 9.0.x versions prior to 9.0.12; 8.9.x versions prior to 8.9.14; 7.x versions prior to 7.80.2022-02-112.6CVE-2020-13672
CONFIRM
factorfx -- ocs_inventoryOCS Inventory 2.9.1 is affected by Cross Site Scripting (XSS). To exploit the vulnerability, the attacker needs to manipulate the name of some device on your computer, such as a printer, replacing the device name with some malicious code that allows the execution of Stored Cross-site Scripting (XSS).2022-02-113.5CVE-2021-46355
MISC
MISC
google -- androidPendingIntent hijacking vulnerability in KnoxPrivacyNoticeReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission via implicit Intent.2022-02-113.6CVE-2022-23427
MISC
google -- androidLogging of excessive data vulnerability in telephony prior to SMR Feb-2022 Release 1 allows privileged attackers to get Cell Location Information through log of user device.2022-02-112.1CVE-2022-22291
MISC
google -- androidIn TBD of TBD, there is a possible out of bounds read due to TBD. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-206039140References: N/A2022-02-112.1CVE-2021-39688
MISC
google -- androidIn HandleTransactionIoEvent of actuator_driver.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-204421047References: N/A2022-02-112.1CVE-2021-39687
MISC
google -- androidIn extract of MediaMetricsItem.h, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-2044452552022-02-112.1CVE-2021-39666
MISC
google -- androidIn clear_data_dlg_text of strings.xml, there is a possible situation when "Clear storage" functionality sets up the wrong security/privacy expectations due to a misleading message. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-1938908332022-02-112.1CVE-2021-39631
MISC
google -- androidIn isServiceDistractionOptimized of CarPackageManagerService.java, there is a possible disclosure of installed packages due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-1804183342022-02-112.1CVE-2021-0524
MISC
google -- androidA vulnerability using PendingIntent in DeX Home and DeX for PC prior to SMR Feb-2022 Release 1 allows attackers to access files with system privilege.2022-02-113.6CVE-2022-23426
MISC
google -- androidAn improper boundary check in audio hal service prior to SMR Feb-2022 Release 1 allows attackers to read invalid memory and it leads to application crash.2022-02-113.6CVE-2022-23429
MISC
google -- androidIn LoadedPackage::Load of LoadedArsc.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure when parsing an APK file with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-2039380292022-02-111.9CVE-2021-39664
MISC
linux -- linux_kernelAn issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c.2022-02-112.1CVE-2022-24959
MISC
MISC
najeebmedia -- ppom_for_woocommerceThe PPOM for WooCommerce WordPress plugin before 24.0 does not have authorisation and CSRF checks in the ppom_settings_panel_action AJAX action, allowing any authenticated to call it and set arbitrary settings. Furthermore, due to the lack of sanitisation and escaping, it could lead to Stored XSS issues2022-02-143.5CVE-2021-25018
MISC
projeqtor -- projeqtorA Cross Site Scripting (XSS) vulnerability exists in Projeqtor 9.3.1 via /projeqtor/tool/saveAttachment.php, which allows an attacker to upload a SVG file containing malicious JavaScript code.2022-02-113.5CVE-2021-42940
MISC
MISC
s-cart -- s-cartA Directory Traversal vulnerability exists in S-Cart 6.7 via download in sc-admin/backup.2022-02-112.1CVE-2021-44111
MISC
samsung -- bixbyA vulnerability using PendingIntent in Bixby Vision prior to versions 3.7.60.8 in Android S(12), 3.7.50.6 in Andorid R(11) and below allows attackers to execute privileged action by hijacking and modifying the intent.2022-02-112.1CVE-2022-23434
MISC
tcman -- gimThe m_txtNom y m_txtCognoms parameters in TCMAN GIM v8.01 allow an attacker to perform persistent XSS attacks. This vulnerability could be used to carry out a number of browser-based attacks including browser hijacking or theft of sensitive data.2022-02-113.5CVE-2021-4046
CONFIRM
themify -- portfolio_postThemify Portfolio Post WordPress plugin before 1.1.7 does not sanitise and escape the num_of_pages parameter before outputting it back the response of the themify_create_popup_page_pagination AJAX action (available to any authenticated user), leading to a Reflected Cross-Site Scripting2022-02-143.5CVE-2022-0200
MISC
vicidial -- vicidialVicidial 2.14-783a was discovered to contain a cross-site scripting (XSS) vulnerability via the input tabs.2022-02-153.5CVE-2021-46557
MISC
wp_photo_album_plus_project -- wp_photo_album_plusThe WP Photo Album Plus WordPress plugin before 8.0.10 was vulnerable to Stored Cross-Site Scripting (XSS). Error log content was handled improperly, therefore any user, even unauthenticated, could cause arbitrary javascript to be executed in the admin panel.2022-02-143.5CVE-2021-25115
CONFIRM
MISC
wpchill -- remove_footer_creditThe Remove Footer Credit WordPress plugin before 1.0.11 does properly sanitise its settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed.2022-02-143.5CVE-2021-25050
CONFIRM
MISC

Back to top

 

Severity Not Yet Assigned

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
389-ds-base -- 389-ds-base
 
A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly, and crash.2022-02-18not yet calculatedCVE-2021-4091
MISC
ad_invalid_click_protector -- ad_invalid_click_protector
 
The Ad Invalid Click Protector (AICP) WordPress plugin before 1.2.6 is affected by a SQL Injection in the id parameter of the delete action.2022-02-14not yet calculatedCVE-2022-0190
MISC
adobe -- after_effects
 
Adobe After Effects versions 22.1.1 (and earlier) and 18.4.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-02-16not yet calculatedCVE-2022-23200
MISC
MISC
adobe -- commerce
 
Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitrary code execution.2022-02-16not yet calculatedCVE-2022-24086
MISC
adobe -- creative_cloud_desktop
 
Adobe Creative Cloud Desktop version 2.7.0.13 (and earlier) is affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must download a malicious DLL file. The attacker has to deliver the DLL on the same folder as the installer which makes it as a high complexity attack vector.2022-02-16not yet calculatedCVE-2022-23202
MISC
adobe -- illustratorAdobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-02-16not yet calculatedCVE-2022-23199
MISC
adobe -- illustratorAdobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-02-16not yet calculatedCVE-2022-23198
MISC
adobe -- illustratorAdobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-02-16not yet calculatedCVE-2022-23197
MISC
adobe -- illustratorAdobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-02-16not yet calculatedCVE-2022-23196
MISC
adobe -- illustratorAdobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-02-16not yet calculatedCVE-2022-23195
MISC
adobe -- illustratorAdobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-02-16not yet calculatedCVE-2022-23194
MISC
adobe -- illustratorAdobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-02-16not yet calculatedCVE-2022-23193
MISC
adobe -- illustratorAdobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-02-16not yet calculatedCVE-2022-23192
MISC
adobe -- illustratorAdobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-02-16not yet calculatedCVE-2022-23191
MISC
adobe -- illustratorAdobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-02-16not yet calculatedCVE-2022-23190
MISC
adobe -- illustratorAdobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-02-16not yet calculatedCVE-2022-23189
MISC
adobe -- illustratorAdobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by a buffer overflow vulnerability due to insecure handling of a crafted malicious file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted malicious file in Illustrator.2022-02-16not yet calculatedCVE-2022-23188
MISC
adobe -- illustrator
 
Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-02-16not yet calculatedCVE-2022-23186
MISC
adobe -- photoshop
 
Adobe Photoshop versions 22.5.4 (and earlier) and 23.1 (and earlier) are affected by a buffer overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file in Photoshop.2022-02-16not yet calculatedCVE-2022-23203
MISC
adobe -- premiere_rush
 
Adobe Premiere Rush versions 2.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-02-16not yet calculatedCVE-2022-23204
MISC
airspan_networks -- mimosa_devicesThis vulnerability could allow an attacker to force the server to create and execute a web request granting access to backend APIs that are only accessible to the Mimosa MMP server, or request pages that could perform some actions themselves. The attacker could force the server into accessing routes on those cloud-hosting platforms, accessing secret keys, changing configurations, etc. Affecting MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1.2022-02-18not yet calculatedCVE-2022-21215
MISC
airspan_networks -- mimosa_devicesMMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 does not perform proper authorization and authentication checks on multiple API routes. An attacker may gain access to these API routes and achieve remote code execution, create a denial-of-service condition, and obtain sensitive information.2022-02-18not yet calculatedCVE-2022-21196
MISC
airspan_networks -- mimosa_devicesMMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 does not properly sanitize user input, which may allow an attacker to perform a SQL injection and obtain sensitive information.2022-02-18not yet calculatedCVE-2022-21176
MISC
airspan_networks -- mimosa_devicesMMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 does not properly sanitize user input on several locations, which may allow an attacker to inject arbitrary commands.2022-02-18not yet calculatedCVE-2022-21143
MISC
airspan_networks -- mimosa_devicesMMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 does not perform proper authorization checks on multiple API functions. An attacker may gain access to these functions and achieve remote code execution, create a denial-of-service condition, and obtain sensitive information.2022-02-18not yet calculatedCVE-2022-21141
MISC
airspan_networks -- mimosa_devices
 
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 uses the MD5 algorithm to hash the passwords before storing them but does not salt the hash. As a result, attackers may be able to crack the hashed passwords.2022-02-18not yet calculatedCVE-2022-21800
MISC
airspan_networks -- mimosa_products
 
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 has a deserialization function that does not validate or check the data, allowing arbitrary classes to be created.2022-02-18not yet calculatedCVE-2022-0138
MISC
antd-admin -- antd-admin
 
antd-admin 5.5.0 is affected by an incorrect access control vulnerability. Unauthorized access to some interfaces in the foreground leads to leakage of sensitive information.2022-02-14not yet calculatedCVE-2021-46371
MISC
argocd -- argocd
 
A flaw was found in argocd. Any unprivileged user is able to deploy argocd in their namespace and with the created ServiceAccount argocd-argocd-server, the unprivileged user is able to read all resources of the cluster including all secrets which might enable privilege escalations. The highest threat from this vulnerability is to data confidentiality.2022-02-16not yet calculatedCVE-2021-3557
MISC
artifex -- mujs
 
Artifex MuJS v1.1.3 was discovered to contain a heap buffer overflow which is caused by conflicting JumpList of nested try/finally statements.2022-02-14not yet calculatedCVE-2021-45005
MISC
MISC
asus -- cmax6000
 
The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from ASUS CMAX6000 v1.02.00.2022-02-17not yet calculatedCVE-2021-46247
MISC
atheme -- irc_services
 
Atheme IRC Services before 7.2.12, when used in conjunction with InspIRCd, allows authentication bypass by ending an IRC handshake at a certain point during a challenge-response login sequence.2022-02-14not yet calculatedCVE-2022-24976
MISC
MISC
MISC
atlassian -- confluence_server_and_data_center
 
Affected versions of Atlassian Confluence Server and Data Center allow authenticated local attackers to achieve elevated privileges on the local system via a DLL Hijacking vulnerability in the Confluence installer. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3.2022-02-15not yet calculatedCVE-2021-43940
MISC
atlassian -- jira_server_and_data_centerAffected versions of Atlassian Jira Server and Data Center allow remote attackers to modify several resources (including CsvFieldMappingsPage.jspa and ImporterValueMappingsPage.jspa) via a Cross-Site Request Forgery (CSRF) vulnerability in the jira-importers-plugin. The affected versions are before version 8.13.15, and from version 8.14.0 before 8.20.3.2022-02-15not yet calculatedCVE-2021-43941
MISC
atlassian -- jira_server_and_data_centerAffected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view the names of private objects via an Improper Authorization vulnerability in the "Move objects" feature. The affected versions are before version 4.21.0.2022-02-15not yet calculatedCVE-2021-43948
MISC
atlassian -- jira_server_and_data_centerAffected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to toggle the Thread Contention and CPU monitoring settings via a Cross-Site Request Forgery (CSRF) vulnerability in the /secure/admin/ViewInstrumentation.jspa endpoint. The affected versions are before version 8.21.0.2022-02-15not yet calculatedCVE-2021-43953
MISC
atlassian -- jira_server_and_data_center
 
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to restore the default configuration of fields via a Cross-Site Request Forgery (CSRF) vulnerability in the /secure/admin/RestoreDefaults.jspa endpoint. The affected versions are before version 8.21.0.2022-02-15not yet calculatedCVE-2021-43952
MISC
atlassian -- jira_server_and_data_center
 
Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view import source configuration information via a Broken Access Control vulnerability in the Insight Import Source feature. The affected versions are before version 4.21.0.2022-02-15not yet calculatedCVE-2021-43950
N/A
awful-salmonella-tar -- awful-salmonella-tar
 
A ..%2F path traversal vulnerability exists in the path handler of awful-salmonella-tar before 0.0.4. Attackers can only list directories (not read files). This occurs because the safe-path? Scheme predicate is not used for directories.2022-02-18not yet calculatedCVE-2022-25358
MISC
MISC
axis_ip_utility -- axis_ip_utility
 
AXIS IP Utility prior to 4.17.0 allows for remote code execution and local privilege escalation by the means of DLL hijacking. IPUtility.exe would attempt to load DLLs from its current working directory which could allow for remote code execution if a compromised DLL would be placed in the same folder.2022-02-14not yet calculatedCVE-2022-23410
MISC
backdropcms -- backdropcms
 
A stored cross-site scripting (XSS) vulnerability in the Add Link function of BackdropCMS v1.21.1 allows attackers to execute arbitrary web scripts or HTML.2022-02-15not yet calculatedCVE-2022-24590
MISC
MISC
baicloud-cms -- baicloud-cms
 
BaiCloud-cms v2.5.7 was discovered to contain multiple SQL injection vulnerabilities via the tongji and baidu_map parameters in /user/ztconfig.php.2022-02-19not yet calculatedCVE-2021-44302
MISC
bbs_forum -- bbs_forum
 
An issue in the getType function of BBS Forum v5.3 and below allows attackers to upload arbitrary files.2022-02-14not yet calculatedCVE-2022-23390
MISC
bd -- viper_lt_system
 
BD Viper LT system, versions 2.0 and later, contains hardcoded credentials. If exploited, threat actors may be able to access, modify or delete sensitive information, including electronic protected health information (ePHI), protected health information (PHI) and personally identifiable information (PII). BD Viper LT system versions 4.0 and later utilize Microsoft Windows 10 and have additional Operating System hardening configurations which increase the attack complexity required to exploit this vulnerability.2022-02-12not yet calculatedCVE-2022-22765
CONFIRM
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15508.2022-02-18not yet calculatedCVE-2021-46636
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15507.2022-02-18not yet calculatedCVE-2021-46635
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K images. Crafted data in a J2K image can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15408.2022-02-18not yet calculatedCVE-2021-46614
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15509.2022-02-18not yet calculatedCVE-2021-46637
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15510.2022-02-18not yet calculatedCVE-2021-46638
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K images. Crafted data in a J2K image can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15416.2022-02-18not yet calculatedCVE-2021-46622
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of JT files. The issue results from the lack of validating the existence of an object prior to performing further free operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15415.2022-02-18not yet calculatedCVE-2021-46621
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FBX files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15414.2022-02-18not yet calculatedCVE-2021-46620
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15413.2022-02-18not yet calculatedCVE-2021-46619
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15368.2022-02-18not yet calculatedCVE-2021-46574
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. Crafted data in a 3DS file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15380.2022-02-18not yet calculatedCVE-2021-46586
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15464.2022-02-18not yet calculatedCVE-2021-46634
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15463.2022-02-18not yet calculatedCVE-2021-46633
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15382.2022-02-18not yet calculatedCVE-2021-46588
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15369.2022-02-18not yet calculatedCVE-2021-46575
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15381.2022-02-18not yet calculatedCVE-2021-46587
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15532.2022-02-18not yet calculatedCVE-2021-46646
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15370.2022-02-18not yet calculatedCVE-2021-46576
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15371.2022-02-18not yet calculatedCVE-2021-46577
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15372.2022-02-18not yet calculatedCVE-2021-46578
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15373.2022-02-18not yet calculatedCVE-2021-46579
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15379.2022-02-18not yet calculatedCVE-2021-46585
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K images. Crafted data in a J2K image can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15378.2022-02-18not yet calculatedCVE-2021-46584
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15374.2022-02-18not yet calculatedCVE-2021-46580
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 images. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15376.2022-02-18not yet calculatedCVE-2021-46582
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PNG images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15412.2022-02-18not yet calculatedCVE-2021-46618
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF images. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15411.2022-02-18not yet calculatedCVE-2021-46617
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15410.2022-02-18not yet calculatedCVE-2021-46616
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15400.2022-02-18not yet calculatedCVE-2021-46606
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15394.2022-02-18not yet calculatedCVE-2021-46600
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15395.2022-02-18not yet calculatedCVE-2021-46601
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15396.2022-02-18not yet calculatedCVE-2021-46602
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15397.2022-02-18not yet calculatedCVE-2021-46603
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PNG images. Crafted data in a PNG image can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15398.2022-02-18not yet calculatedCVE-2021-46604
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15399.2022-02-18not yet calculatedCVE-2021-46605
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15401.2022-02-18not yet calculatedCVE-2021-46607
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15393.2022-02-18not yet calculatedCVE-2021-46599
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15402.2022-02-18not yet calculatedCVE-2021-46608
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15403.2022-02-18not yet calculatedCVE-2021-46609
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15404.2022-02-18not yet calculatedCVE-2021-46610
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15405.2022-02-18not yet calculatedCVE-2021-46611
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15406.2022-02-18not yet calculatedCVE-2021-46612
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15407.2022-02-18not yet calculatedCVE-2021-46613
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15533.2022-02-18not yet calculatedCVE-2021-46647
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15534.2022-02-18not yet calculatedCVE-2021-46648
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15375.2022-02-18not yet calculatedCVE-2021-46581
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15536.2022-02-18not yet calculatedCVE-2021-46650
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15385.2022-02-18not yet calculatedCVE-2021-46591
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15530.2022-02-18not yet calculatedCVE-2021-46644
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. Crafted data in a BMP image can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15531.2022-02-18not yet calculatedCVE-2021-46645
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15409.2022-02-18not yet calculatedCVE-2021-46615
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15391.2022-02-18not yet calculatedCVE-2021-46597
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15383.2022-02-18not yet calculatedCVE-2021-46589
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of OBJ files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15390.2022-02-18not yet calculatedCVE-2021-46596
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15389.2022-02-18not yet calculatedCVE-2021-46595
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15388.2022-02-18not yet calculatedCVE-2021-46594
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15535.2022-02-18not yet calculatedCVE-2021-46649
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15392.2022-02-18not yet calculatedCVE-2021-46598
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15387.2022-02-18not yet calculatedCVE-2021-46593
MISC
MISC
bentley -- microstation_connectThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15384.2022-02-18not yet calculatedCVE-2021-46590
MISC
MISC
bentley -- microstation_connect
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15511.2022-02-18not yet calculatedCVE-2021-46639
MISC
MISC
bentley -- microstation_connect
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14987.2022-02-18not yet calculatedCVE-2021-46562
MISC
MISC
bentley -- microstation_connect
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15367.2022-02-18not yet calculatedCVE-2021-46573
MISC
MISC
bentley -- microstation_connect
 
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15537.2022-02-18not yet calculatedCVE-2021-46651
MISC
MISC
bentley -- microstation_connect
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15028.2022-02-18not yet calculatedCVE-2021-46567
MISC
MISC
bentley -- microstation_connect
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15027.2022-02-18not yet calculatedCVE-2021-46566
MISC
MISC
bentley -- microstation_connect
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15024.2022-02-18not yet calculatedCVE-2021-46565
MISC
MISC
bentley -- microstation_connect
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15023.2022-02-18not yet calculatedCVE-2021-46564
MISC
MISC
bentley -- microstation_connect
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15366.2022-02-18not yet calculatedCVE-2021-46572
MISC
MISC
bentley -- microstation_connect
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14990.2022-02-18not yet calculatedCVE-2021-46563
MISC
MISC
bentley -- microstation_connect
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15030.2022-02-18not yet calculatedCVE-2021-46568
MISC
MISC
bentley -- microstation_connect
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15031.2022-02-18not yet calculatedCVE-2021-46569
MISC
MISC
bentley -- microstation_connect
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K images. Crafted data in a J2K image can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15377.2022-02-18not yet calculatedCVE-2021-46583
MISC
MISC
bentley -- microstation_connect
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15386.2022-02-18not yet calculatedCVE-2021-46592
MISC
MISC
bentley -- viewThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15630.2022-02-18not yet calculatedCVE-2021-46655
MISC
MISC
bentley -- viewThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15458.2022-02-18not yet calculatedCVE-2021-46628
MISC
MISC
bentley -- viewThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15457.2022-02-18not yet calculatedCVE-2021-46627
MISC
MISC
bentley -- viewThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K images. Crafted data in a J2K image can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15456.2022-02-18not yet calculatedCVE-2021-46626
MISC
MISC
bentley -- viewThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of JT files. The issue results from the lack of validating the existence of an object prior to performing further free operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15455.2022-02-18not yet calculatedCVE-2021-46625
MISC
MISC
bentley -- viewThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15453.2022-02-18not yet calculatedCVE-2021-46623
MISC
MISC
bentley -- viewThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15538.2022-02-18not yet calculatedCVE-2021-46652
MISC
MISC
bentley -- viewThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15539.2022-02-18not yet calculatedCVE-2021-46653
MISC
MISC
bentley -- viewThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15540.2022-02-18not yet calculatedCVE-2021-46654
MISC
MISC
bentley -- view
 
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15364.2022-02-18not yet calculatedCVE-2021-46570
MISC
MISC
bentley -- view
 
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15514.2022-02-18not yet calculatedCVE-2021-46642
MISC
MISC
bentley -- view
 
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FBX files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15460.2022-02-18not yet calculatedCVE-2021-46630
MISC
MISC
bentley -- view
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN file. Crafted data in a DNG file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15513.2022-02-18not yet calculatedCVE-2021-46641
MISC
MISC
bentley -- view
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15512.2022-02-18not yet calculatedCVE-2021-46640
MISC
MISC
bentley -- view
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15515.2022-02-18not yet calculatedCVE-2021-46643
MISC
MISC
bentley -- view
 
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15454.2022-02-18not yet calculatedCVE-2021-46624
MISC
MISC
bentley -- view
 
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15462.2022-02-18not yet calculatedCVE-2021-46632
MISC
MISC
bentley -- view
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF images. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15461.2022-02-18not yet calculatedCVE-2021-46631
MISC
MISC
bentley -- view
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15365.2022-02-18not yet calculatedCVE-2021-46571
MISC
MISC
bentley -- view
 
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15459.2022-02-18not yet calculatedCVE-2021-46629
MISC
MISC
bentley -- view
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15631.2022-02-18not yet calculatedCVE-2021-46656
MISC
MISC
bigfileagent -- bigfileagent
 
An path traversal vulnerability leading to delete arbitrary files was discovered in BigFileAgent. Remote attackers can use this vulnerability to delete arbitrary files of unspecified number of users.2022-02-18not yet calculatedCVE-2021-26619
MISC
binisoft -- windows_firewall_control
 
In Malwarebytes Binisoft Windows Firewall Control before 6.8.1.0, programs executed from the Tools tab can be used to escalate privileges.2022-02-14not yet calculatedCVE-2022-25150
MISC
MISC
bitdefender -- antivirus_plus
 
A Process Control vulnerability in ProductAgentUI.exe as used in Bitdefender Antivirus Plus allows an attacker to tamper with product settings via a specially crafted DLL file. This issue affects: Bitdefender Antivirus Plus versions prior to 24.0.26.136. Bitdefender Internet Security versions prior to 24.0.26.136. Bitdefender Total Security versions prior to 24.0.26.136.2022-02-18not yet calculatedCVE-2020-8107
MISC
bmc -- track-it!
 
This vulnerability allows remote attackers to bypass authentication on affected installations of BMC Track-It! 20.21.01.102. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authorization of HTTP requests. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-14618.2022-02-18not yet calculatedCVE-2022-24047
MISC
MISC
boltwire -- boltwire
 
A cross-site scripting (XSS) vulnerability in BoltWire v7.10 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the name and lastname parameters.2022-02-15not yet calculatedCVE-2022-24227
MISC
MISC
bookwyrm-social -- bookwyrm
 
BookWyrm is a decentralized social network for tracking reading habits and reviewing books. The functionality to load a cover via url is vulnerable to a server-side request forgery attack. Any BookWyrm instance running a version prior to v0.3.0 is susceptible to attack from a logged-in user. The problem has been patched and administrators should upgrade to version 0.3.0 As a workaround, BookWyrm instances can close registration and limit members to trusted individuals.2022-02-16not yet calculatedCVE-2022-23644
CONFIRM
burden -- burden
 
Burden v3.0 was discovered to contain a stored cross-site scripting (XSS) in the Add Category function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the task parameter.2022-02-15not yet calculatedCVE-2022-24589
MISC
MISC
centos -- stream
 
A locking protection bypass flaw was found in some versions of gnome-shell as shipped within CentOS Stream 8, when the "Application menu" or "Window list" GNOME extensions are enabled. This flaw allows a physical attacker who has access to a locked system to kill existing applications and start new ones as the locked user, even if the session is still locked.2022-02-18not yet calculatedCVE-2021-20315
MISC
cerebrate -- cerebrate
 
An issue was discovered in Cerebrate through 1.4. An incorrect sharing group ACL allowed an unprivileged user to edit and modify sharing groups.2022-02-18not yet calculatedCVE-2022-25318
MISC
cerebrate -- cerebrate
 
An issue was discovered in Cerebrate through 1.4. genericForm allows reflected XSS in form descriptions via a user-controlled description.2022-02-18not yet calculatedCVE-2022-25317
MISC
cerebrate -- cerebrate
 
An issue was discovered in Cerebrate through 1.4. XSS could occur in the bookmarks component.2022-02-18not yet calculatedCVE-2022-25321
MISC
MISC
cerebrate -- cerebrate
 
An issue was discovered in Cerebrate through 1.4. Endpoints could be open even when not enabled.2022-02-18not yet calculatedCVE-2022-25319
MISC
cerebrate -- cerebrate
 
An issue was discovered in Cerebrate through 1.4. Username enumeration could occur.2022-02-18not yet calculatedCVE-2022-25320
MISC
cesanta -- mongoose
 
This affects the package cesanta/mongoose before 7.6. The unsafe handling of file names during upload using mg_http_upload() method may enable attackers to write files to arbitrary locations outside the designated target folder.2022-02-18not yet calculatedCVE-2022-25299
CONFIRM
CONFIRM
cisco -- email_security_appliance
 
A vulnerability in the DNS-based Authentication of Named Entities (DANE) email verification component of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error handling in DNS name resolution by the affected software. An attacker could exploit this vulnerability by sending specially formatted email messages that are processed by an affected device. A successful exploit could allow the attacker to cause the device to become unreachable from management interfaces or to process additional email messages for a period of time until the device recovers, resulting in a DoS condition. Continued attacks could cause the device to become completely unavailable, resulting in a persistent DoS condition.2022-02-17not yet calculatedCVE-2022-20653
CISCO
cisco -- multiple_products
 
A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.2022-02-17not yet calculatedCVE-2022-20659
CISCO
cisco -- redundancy_configuration_manager
 
A vulnerability in the checkpoint manager implementation of Cisco Redundancy Configuration Manager (RCM) for Cisco StarOS Software could allow an unauthenticated, remote attacker to cause the checkpoint manager process to restart upon receipt of malformed TCP data. This vulnerability is due to improper input validation of an ingress TCP packet. An attacker could exploit this vulnerability by sending crafted TCP data to the affected application. A successful exploit could allow the attacker to cause a denial of service (DoS) condition due to the checkpoint manager process restarting.2022-02-17not yet calculatedCVE-2022-20750
CISCO
cmp -- cmp
 
The CMP WordPress plugin before 4.0.19 allows any user, even not logged in, to arbitrarily change the coming soon page layout.2022-02-14not yet calculatedCVE-2022-0188
CONFIRM
MISC
cobaltstrike -- cobaltstrike
 
CobaltStrike <=4.5 HTTP(S) listener does not determine whether the request URL begins with "/", and attackers can obtain relevant information by specifying the URL.2022-02-15not yet calculatedCVE-2022-23317
MISC
cobbler -- cobbler
 
An issue was discovered in Cobbler before 3.3.1. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to import Python modules via the "#from MODULE import" substring. (Only lines beginning with #import are blocked.)2022-02-19not yet calculatedCVE-2021-45082
MISC
MISC
codereview -- qt-project
 
In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.2022-02-16not yet calculatedCVE-2022-25255
MISC
MISC
MISC
MISC
MISC
commscope -- surfbooard
 
CommScope SURFboard SBG6950AC2 9.1.103AA23 devices allow Command Injection.2022-02-15not yet calculatedCVE-2021-41552
MISC
MISC
compass_plus -- tranzware_online_fimi_web_interface_transware_online
 
A Header Injection vulnerability exists in Compass Plus TranzWare Online FIMI Web Interface Tranzware Online (TWO) 5.3.33.3 F38 and FIMI 4.2.19.4 25.The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would just cause the request to be sent to a completely different Domain/IP address. This is due to that the server implicitly trusts the Host header, and fails to validate or escape it properly. An attacker can use this input to redirect target users to a malicious domain/web page. This would result in expanding the potential to further attacks and malicious actions.2022-02-14not yet calculatedCVE-2021-43106
MISC
complianz -- complianz
 
The Complianz WordPress plugin before 6.0.0 does not escape the s parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting2022-02-14not yet calculatedCVE-2022-0193
MISC
CONFIRM
corda -- corda
 
In Corda before 4.1, the meaning of serialized data can be modified via an attacker-controlled CustomSerializer.2022-02-14not yet calculatedCVE-2019-25057
MISC
core_ftp -- core_ftp
 
Core FTP / SFTP Server v2 Build 725 was discovered to allow unauthenticated attackers to cause a Denial of Service (DoS) via a crafted packet through the SSH service.2022-02-17not yet calculatedCVE-2022-22899
MISC
MISC
MISC
crossbeam-rs -- crossbeam
 
crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of `{i,u}64` was always the same as `Atomic{I,U}64`. However, the alignment of `{i,u}64` on a 32-bit target can be smaller than `Atomic{I,U}64`. This can cause unaligned memory accesses and data race. Crates using `fetch_*` methods with `AtomicCell<{i,u}64>` are affected by this issue. 32-bit targets without `Atomic{I,U}64` and 64-bit targets are not affected by this issue. This has been fixed in crossbeam-utils 0.8.7. There are currently no known workarounds.2022-02-15not yet calculatedCVE-2022-23639
MISC
CONFIRM
MISC
crypt_gpg -- crypt_gpg
 
The Crypt_GPG extension before 1.6.7 for PHP does not prevent additional options in GPG calls, which presents a risk for certain environments and GPG versions.2022-02-17not yet calculatedCVE-2022-24953
CONFIRM
MISC
cryptomator -- cryptomator
 
Cryptomator through 1.6.5 allows DYLIB injection because, although it has the flag 0x1000 for Hardened Runtime, it has the com.apple.security.cs.disable-library-validation and com.apple.security.cs.allow-dyld-environment-variables entitlements. An attacker can exploit this by creating a malicious .dylib file that can be executed via the DYLD_INSERT_LIBRARIES environment variable.2022-02-19not yet calculatedCVE-2022-25366
MISC
MISC
custom_popup_builder -- custom_popup_builder
 
The Popup | Custom Popup Builder WordPress plugin before 1.3.1 autoload data from its popup on every pages, as such data can be sent by unauthenticated user, and is not validated in length, this could cause a denial of service on the blog2022-02-14not yet calculatedCVE-2022-0214
MISC
d-link -- routersRemote Code Execution (RCE) vulnerability exists in D-Link Router DIR-846 DIR846A1_FW100A43.bin and DIR846enFW100A53DLA-Retail.bin. Malicious users can use this vulnerability to use "\ " or backticks to bypass the shell metacharacters in the ssid0 or ssid1 parameters to execute arbitrary commands.This vulnerability is due to the fact that CVE-2019-17509 is not fully patched and can be bypassed by using line breaks or backticks on its basis.2022-02-17not yet calculatedCVE-2021-46319
MISC
MISC
d-link -- routersRemote Command Execution (RCE) vulnerability exists in HNAP1/control/SetWizardConfig.php in D-Link Router DIR-846 DIR846A1_FW100A43.bin and DIR846enFW100A53DLA-Retail.bin. Malicoius users can use this vulnerability to use "\ " or backticks in the shell metacharacters in the ssid0 or ssid1 parameters to cause arbitrary command execution. Since CVE-2019-17510 vulnerability has not been patched and improved www/hnap1/control/setwizardconfig.php, can also use line breaks and backquotes to bypass.2022-02-17not yet calculatedCVE-2021-46315
MISC
MISC
d-link -- routers
 
A Remote Command Execution (RCE) vulnerability exists in HNAP1/control/SetNetworkTomographySettings.php of D-Link Router DIR-846 DIR846A1_FW100A43.bin and DIR846enFW100A53DLA-Retail.bin because backticks can be used for command injection when judging whether it is a reasonable domain name.2022-02-17not yet calculatedCVE-2021-46314
MISC
MISC
d-link -- routers
 
D-Link DSL-2730E CT-20131125 devices allow XSS via the username parameter to the password page in the maintenance configuration.2022-02-18not yet calculatedCVE-2021-46108
MISC
MISC
d-link -- routers
 
A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file. Note: DIR-810L, DIR-820L, DIR-830L, DIR-826L, DIR-836L, all hardware revisions, have reached their End of Life ("EOL") /End of Service Life ("EOS") Life-Cycle and as such this issue will not be patched.2022-02-17not yet calculatedCVE-2021-45382
MISC
MISC
dart_sdk -- dart_sdk
 
Dart SDK contains the HTTPClient in dart:io library whcih includes authorization headers when handling cross origin redirects. These headers may be explicitly set and contain sensitive information. By default, HttpClient handles redirection logic. If a request is sent to example.com with authorization header and it redirects to an attackers site, they might not expect attacker site to receive authorization header. We recommend updating the Dart SDK to version 2.16.0 or beyond.2022-02-18not yet calculatedCVE-2022-0451
MISC
MISC
debian -- debian-edu-config
 
It was discovered, that debian-edu-config, a set of configuration files used for the Debian Edu blend, before 2.12.16 configured insecure permissions for the user web shares (~/public_html), which could result in privilege escalation.2022-02-11not yet calculatedCVE-2021-20001
MISC
MLIST
MLIST
DEBIAN
dedecms -- dedecms
 
DedeCMS v5.7.87 was discovered to contain a SQL injection vulnerability in article_coonepage_rule.php via the ids parameter.2022-02-14not yet calculatedCVE-2022-23337
MISC
discourse -- discourse
 
Discourse is an open source discussion platform. In versions prior to 2.8.1 in the `stable` branch, 2.9.0.beta2 in the `beta` branch, and 2.9.0.beta2 in the `tests-passed` branch, users can trigger a Denial of Service attack by posting a streaming URL. Parsing Oneboxes in the background job trigger an infinite loop, which cause memory leaks. This issue is patched in version 2.8.1 of the `stable` branch, 2.9.0.beta2 of the `beta` branch, and 2.9.0.beta2 of the `tests-passed` branch. As a workaround, disable onebox in admin panel completely or specify allow list of domains that will be oneboxed.2022-02-15not yet calculatedCVE-2022-23641
MISC
CONFIRM
MISC
docker -- dekstop
 
Docker Desktop before 4.5.1 on Windows allows attackers to move arbitrary files. NOTE: this issue exists because of an incomplete fix for CVE-2022-23774.2022-02-19not yet calculatedCVE-2022-25365
MISC
drupal -- core
 
Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter critical or sensitive data.2022-02-16not yet calculatedCVE-2022-25271
CONFIRM
drupal -- quick_edit
 
The Quick Edit module does not properly check entity access in some circumstances. This could result in users with the "access in-place editing" permission viewing some content they are are not authorized to access. Sites are only affected if the QuickEdit module (which comes with the Standard profile) is installed.2022-02-17not yet calculatedCVE-2022-25270
CONFIRM
duck -- duck
 
duck before 0.10 did not properly handle loading of untrusted code from the current directory.2022-02-19not yet calculatedCVE-2016-1239
MISC
duxcms -- duxcms
 
DuxCMS v3.1.3 was discovered to contain a SQL injection vulnerability via the component s/tools/SendTpl/index?keyword=.2022-02-16not yet calculatedCVE-2021-3242
MISC
MISC
easycms -- easycms
 
EasyCMS v1.6 allows for SQL injection via ArticlemAction.class.php. In the background, search terms provided by the user were not sanitized and were used directly to construct a SQL statement.2022-02-16not yet calculatedCVE-2022-23358
MISC
emerson -- dixell_xweb-500_products** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by information disclosure via directory listing. A potential attacker can use this misconfiguration to access all the files in the remote directories. Note: the product has not been supported since 2018 and should be removed or replaced.2022-02-14not yet calculatedCVE-2021-45421
MISC
MISC
MISC
emerson -- dixell_xweb-500_products
 
** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by arbitrary file write vulnerability in /cgi-bin/logo_extra_upload.cgi, /cgi-bin/cal_save.cgi, and /cgi-bin/lo_utils.cgi. An attacker will be able to write any file on the target system without any kind of authentication mechanism, and this can lead to denial of service and potentially remote code execution. Note: the product has not been supported since 2018 and should be removed or replaced.2022-02-14not yet calculatedCVE-2021-45420
MISC
MISC
MISC
enterprisedt -- completeftp
 
CompleteFTPService.exe in the server in EnterpriseDT CompleteFTP before 12.1.4 allows Remote Code Execution by leveraging a Windows user account that has SSH access. The exec command is always run as SYSTEM.2022-02-14not yet calculatedCVE-2019-16864
MISC
MISC
expat -- expatxmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.2022-02-16not yet calculatedCVE-2022-25235
MISC
MLIST
expat -- expat
 
In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.2022-02-18not yet calculatedCVE-2022-25313
MISC
MLIST
expat -- expat
 
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString.2022-02-18not yet calculatedCVE-2022-25314
MISC
MLIST
expat -- expat
 
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.2022-02-18not yet calculatedCVE-2022-25315
MISC
MLIST
expat -- expat
 
xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.2022-02-16not yet calculatedCVE-2022-25236
MISC
MLIST
expressionengine -- expressionengine
 
Unsanitized user input in ExpressionEngine <= 5.4.0 control panel member creation leads to an SQL injection. The user needs member creation/admin control panel access to execute the attack.2022-02-18not yet calculatedCVE-2020-8242
MISC
fancy_product_designer -- fancy_product_designer
 
The Fancy Product Designer WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the ID parameter found in the ~/inc/api/class-view.php file which allows attackers with administrative level permissions to inject arbitrary SQL queries to obtain sensitive information, in versions up to and including 4.7.4.2022-02-16not yet calculatedCVE-2021-4134
MISC
MISC
filecloud -- filecloud
 
In FileCloud before 21.3, file upload is not protected against Cross-Site Request Forgery (CSRF).2022-02-16not yet calculatedCVE-2022-25242
MISC
MISC
filecloud -- filecloud
 
In FileCloud before 21.3, the CSV user import functionality is vulnerable to Cross-Site Request Forgery (CSRF).2022-02-16not yet calculatedCVE-2022-25241
MISC
MISC
flatpress -- flatpress
 
Flatpress v1.2.1 was discovered to contain a cross-site scripting (XSS) vulnerability in the Upload SVG File function.2022-02-15not yet calculatedCVE-2022-24588
MISC
MISC
forgerock -- forgerock_access_management
 
Missing access control in ForgeRock Access Management 7.1.0 and earlier versions on all platforms allows remote unauthenticated attackers to hijack sessions, including potentially admin-level sessions. This issue affects: ForgeRock Access Management 7.1 versions prior to 7.1.1; 6.5 versions prior to 6.5.4; all previous versions.2022-02-14not yet calculatedCVE-2021-4201
CONFIRM
form_store_to_db -- form_store_to_dbThe Form Store to DB WordPress plugin before 1.1.1 does not sanitise and escape parameter keys before outputting it back in the created entry, allowing unauthenticated attacker to perform Cross-Site Scripting attacks against admin2022-02-14not yet calculatedCVE-2021-25107
CONFIRM
MISC
foxit -- pdf_readerThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15853.2022-02-18not yet calculatedCVE-2022-24366
MISC
MISC
foxit -- pdf_readerThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15877.2022-02-18not yet calculatedCVE-2022-24367
MISC
MISC
foxit -- pdf_readerThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15851.2022-02-18not yet calculatedCVE-2022-24364
MISC
MISC
foxit -- pdf_readerThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15852.2022-02-18not yet calculatedCVE-2022-24365
MISC
MISC
foxit -- pdf_readerThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15744.2022-02-18not yet calculatedCVE-2022-24360
MISC
MISC
foxit -- pdf_readerThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15861.2022-02-18not yet calculatedCVE-2022-24363
MISC
MISC
foxit -- pdf_readerThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15987.2022-02-18not yet calculatedCVE-2022-24362
MISC
MISC
foxit -- pdf_readerThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15702.2022-02-18not yet calculatedCVE-2022-24359
MISC
MISC
foxit -- pdf_readerThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. By performing actions in JavaScript, an attacker can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15703.2022-02-18not yet calculatedCVE-2022-24358
MISC
MISC
foxit -- pdf_readerThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15743.2022-02-18not yet calculatedCVE-2022-24357
MISC
MISC
foxit -- pdf_readerThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader Foxit reader 11.0.1.0719 macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the OnMouseExit method. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14848.2022-02-18not yet calculatedCVE-2022-24356
MISC
MISC
foxit -- pdf_reader
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPEG2000 images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15812.2022-02-18not yet calculatedCVE-2022-24971
MISC
MISC
foxit -- pdf_reader
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPEG2000 images. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15811.2022-02-18not yet calculatedCVE-2022-24361
MISC
MISC
foxit -- pdf_reader
 
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader Foxit reader 11.0.1.0719 macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA forms. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14819.2022-02-18not yet calculatedCVE-2022-24370
MISC
MISC
foxit -- pdf_reader
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 images. Crafted data in a JP2 image can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16087.2022-02-18not yet calculatedCVE-2022-24369
MISC
MISC
foxit -- pdf_reader
 
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-16115.2022-02-18not yet calculatedCVE-2022-24368
MISC
MISC
fulusso -- fulusso
 
Fulusso v1.1 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability in /BindAccount/SuccessTips.js. This vulnerability allows attackers to inject malicious code into a victim user's device via open redirection.2022-02-14not yet calculatedCVE-2022-23367
MISC
futurio_extra -- futurio_extraThe Futurio Extra WordPress plugin before 1.6.3 allows any logged in user, such as subscriber, to extract any other user's email address.2022-02-14not yet calculatedCVE-2021-25110
MISC
futurio_extra -- futurio_extra
 
The Futurio Extra WordPress plugin before 1.6.3 is affected by a SQL Injection vulnerability that could be used by high privilege users to extract data from the database as well as used to perform Cross-Site Scripting (XSS) against logged in admins by making send open a malicious link.2022-02-14not yet calculatedCVE-2021-25109
MISC
galois_2p8 -- galois_2p8
 
In galois_2p8 before 0.1.2, PrimitivePolynomialField::new has an off-by-one buffer overflow for a vector.2022-02-14not yet calculatedCVE-2022-24988
MISC
ghostscript -- interpreterA trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.2022-02-16not yet calculatedCVE-2021-3781
MISC
MISC
github -- enterprise_server
 
A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.3 and was fixed in versions 3.0.21, 3.1.13, 3.2.5. This vulnerability was reported via the GitHub Bug Bounty program.2022-02-18not yet calculatedCVE-2021-41599
MISC
MISC
MISC
google -- chromeHeap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via specific user interactions.2022-02-12not yet calculatedCVE-2022-0310
MISC
MISC
google -- chromeHeap buffer overflow in PDFium in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2022-02-12not yet calculatedCVE-2022-0306
MISC
MISC
google -- chromeInappropriate implementation in Service Worker API in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.2022-02-12not yet calculatedCVE-2022-0305
MISC
MISC
google -- chromeInappropriate implementation in Push messaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.2022-02-12not yet calculatedCVE-2022-0294
MISC
MISC
google -- chromeInappropriate implementation in Fenced Frames in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.2022-02-12not yet calculatedCVE-2022-0292
MISC
MISC
google -- chromeInappropriate implementation in Storage in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.2022-02-12not yet calculatedCVE-2022-0291
MISC
MISC
google -- chromeHeap buffer overflow in DevTools in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.2022-02-12not yet calculatedCVE-2022-0301
MISC
MISC
google -- chromeInappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.2022-02-12not yet calculatedCVE-2022-0309
MISC
MISC
google -- chrome
 
Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.2022-02-12not yet calculatedCVE-2022-0311
MISC
MISC
gravitl -- netmaker
 
Use of Hard-coded Cryptographic Key in Go github.com/gravitl/netmaker prior to 0.8.5,0.9.4,0.10.0,0.10.1.2022-02-18not yet calculatedCVE-2022-0664
CONFIRM
MISC
hancom -- office
 
A heap-based buffer overflow vulnerability exists in the Hword HwordApp.dll functionality of Hancom Office 2020 11.0.0.2353. A specially-crafted malformed file can lead to memory corruption and potential arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.2022-02-16not yet calculatedCVE-2021-21958
MISC
hashicorp -- nomad_and_nomad_enterpriseHashiCorp Nomad and Nomad Enterprise before 1.0.17, 1.1.x before 1.1.12, and 1.2.x before 1.2.6 has Uncontrolled Resource Consumption.2022-02-15not yet calculatedCVE-2022-24684
MISC
MISC
hashicorp -- nomad_and_nomad_enterpriseHashiCorp Nomad and Nomad Enterprise 0.9.2 through 1.0.17, 1.1.11, and 1.2.5 allow operators with read-fs and alloc-exec (or job-submit) capabilities to read arbitrary files on the host filesystem as root.2022-02-17not yet calculatedCVE-2022-24683
MISC
MISC
hashicorp -- nomad_and_nomad_enterprise
 
HashiCorp Nomad and Nomad Enterprise 0.3.0 through 1.0.17, 1.1.11, and 1.2.5 artifact download functionality has a race condition such that the Nomad client agent could download the wrong artifact into the wrong destination. Fixed in 1.0.18, 1.1.12, and 1.2.62022-02-14not yet calculatedCVE-2022-24686
MISC
MISC
hospital_management_system -- hospital_management_system
 
Hospital Management System v4.0 was discovered to contain a blind SQL injection vulnerability via the register function in func2.php.2022-02-15not yet calculatedCVE-2022-24226
MISC
MISC
hospital_patient_record_management_system -- hospital_patient_record_management_systemAn access control issue in hprms/admin/?page=user/list of Hospital Patient Record Management System v1.0 allows attackers to escalate privileges via accessing and editing the user list.2022-02-14not yet calculatedCVE-2022-22854
MISC
hospital_patient_record_management_system -- hospital_patient_record_management_systemA stored cross-site scripting (XSS) vulnerability in Hospital Patient Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Name field.2022-02-16not yet calculatedCVE-2022-22853
MISC
MISC
MISC
hp -- support_assistant_software
 
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.2022-02-16not yet calculatedCVE-2020-6917
MISC
hp -- support_assistant_software
 
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.2022-02-16not yet calculatedCVE-2020-6922
MISC
hp -- support_assistant_software
 
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.2022-02-16not yet calculatedCVE-2020-6921
MISC
hp -- support_assistant_software
 
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.2022-02-16not yet calculatedCVE-2020-6920
MISC
hp -- support_assistant_software
 
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.2022-02-16not yet calculatedCVE-2020-6919
MISC
hp -- support_assistant_software
 
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.2022-02-16not yet calculatedCVE-2020-6918
MISC
hp -- uefi_firmware
 
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.2022-02-16not yet calculatedCVE-2021-39301
MISC
hp -- uefi_firmware
 
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.2022-02-16not yet calculatedCVE-2021-39300
MISC
hp -- uefi_firmware
 
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.2022-02-16not yet calculatedCVE-2021-39297
MISC
hp -- uefi_firmware
 
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.2022-02-16not yet calculatedCVE-2021-39298
MISC
hp -- uefi_firmware
 
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.2022-02-16not yet calculatedCVE-2021-39299
MISC
hutool -- hutool
 
Hutool v5.7.18's HttpRequest was discovered to ignore all TLS/SSL certificate validation.2022-02-16not yet calculatedCVE-2022-22885
MISC
MISC
ibm -- cognos_analytics_mobile_for_android
 
IBM Cognos Analytics Mobile for Android applications prior to version 1.1.14 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 215592.2022-02-14not yet calculatedCVE-2021-39079
CONFIRM
XF
ibm -- cognos_analytics_mobile_for_android
 
Due to weak obfuscation, IBM Cognos Analytics Mobile for Android application prior to version 1.1.14 , an attacker could be able to reverse engineer the codebase to gain knowledge about the programming technique, interface, class definitions, algorithms and functions used. IBM X-Force ID: 215593.2022-02-14not yet calculatedCVE-2021-39080
CONFIRM
XF
ibm -- guardium_data_encryption
 
IBM Guardium Data Encryption (GDE) 5.0.0.2 and 5.0.0.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 213964.2022-02-18not yet calculatedCVE-2021-39026
XF
CONFIRM
ibm -- maximo_anywhere
 
IBM Maximo Anywhere 7.6.4.0 applications could disclose sensitive information to a user with physical access to the device. IBM X-Force ID: 161493.2022-02-16not yet calculatedCVE-2019-4351
XF
CONFIRM
ibm -- maximo_anywhere
 
IBM Maximo Anywhere 7.6.4.0 applications could allow obfuscation of the application source code. IBM X-Force ID: 161494.2022-02-16not yet calculatedCVE-2019-4352
CONFIRM
XF
ibm -- maximo_anywhere
 
IBM Maximo Anywhere 7.6.4.0 could allow an attacker to reverse engineer the application due to the lack of binary protection precautions. IBM X-Force ID: 160697.2022-02-16not yet calculatedCVE-2019-4291
CONFIRM
XF
ibm -- maximo_asset_management
 
IBM Maximo Asset Management 7.6.1.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 210892.2022-02-18not yet calculatedCVE-2021-38935
XF
CONFIRM
ibm -- mq
 
IBM MQ 9.1 LTS is vulnerable to a denial of service attack caused by an issue within the channel process. IBM X-Force ID: 213964.2022-02-17not yet calculatedCVE-2021-39034
XF
CONFIRM
ibtana -- ibtana
 
The Ibtana WordPress plugin before 1.1.4.9 does not have authorisation and CSRF checks in the ive_save_general_settings AJAX action, allowing any authenticated users, such as subscriber to call it and change the plugin's settings which could lead to Stored Cross-Site Scripting issue.2022-02-14not yet calculatedCVE-2021-25014
MISC
impresscms -- impresscms
 
ImpressCMS before 1.4.2 allows unauthenticated remote code execution via ...../// directory traversal in origName or imageName, leading to unsafe interaction with the CKEditor processImage.php script. The payload may be placed in PHP_SESSION_UPLOAD_PROGRESS when the PHP installation supports upload_progress.2022-02-14not yet calculatedCVE-2022-24977
MISC
MISC
MISC
internationalscratchwiki -- scratch-confirmaccount-v3A Cross-Site Request Forgery (CSRF) in RequirementsBypassPage.php of Scratch Wiki scratch-confirmaccount-v3 allows attackers to modify account request requirement bypasses.2022-02-15not yet calculatedCVE-2021-46252
MISC
MISC
iobit_advanced_systemcare -- iobit_advanced_systemcare
 
A Use after Free vulnerability exists in IOBit Advanced SystemCare 15 pro via requests sent in sequential order using the IOCTL driver codes, which could let a malicious user execute arbitrary code or a Denial of Service (system crash). IOCTL list: iobit_ioctl = [0x8001e01c, 0x8001e020, 0x8001e024, 0x8001e040,0x8001e044, 0x8001e048, 0x8001e04c, 0x8001e000, 0x8001e004, 0x8001e008, 0x8001e00c, 0x8001e010, 0x8001e014, 0x8001e018]2022-02-18not yet calculatedCVE-2021-44968
MISC
isabel_stored_xxs -- isabel_stored_xss
 
Multiple cross-site scripting (XSS) vulnerabilities in the Add User module of Issabel PBX 20200102 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the username and password fields.2022-02-15not yet calculatedCVE-2021-46558
MISC
jeecg-boot -- jeecg-boot
 
Jeecg-boot v3.0 was discovered to contain a SQL injection vulnerability via the code parameter in /sys/user/queryUserComponentData.2022-02-16not yet calculatedCVE-2022-22881
MISC
jeecg-boot -- jeecg-boot
 
Jeecg-boot v3.0 was discovered to contain a SQL injection vulnerability via the code parameter in /jeecg-boot/sys/user/queryUserByDepId.2022-02-16not yet calculatedCVE-2022-22880
MISC
jenkin -- pipeline_multibranch
 
Jenkins Pipeline: Multibranch Plugin 706.vd43c65dec013 and earlier follows symbolic links to locations outside of the checkout directory for the configured SCM when reading files using the readTrusted step, allowing attackers able to configure Pipelines permission to read arbitrary files on the Jenkins controller file system.2022-02-15not yet calculatedCVE-2022-25179
CONFIRM
jenkins -- agent_server_parameter
 
Jenkins Agent Server Parameter Plugin 1.0 and earlier does not escape parameter names of agent server parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.2022-02-15not yet calculatedCVE-2022-25191
CONFIRM
jenkins -- autonomiqA cross-site request forgery (CSRF) vulnerability in Jenkins autonomiq Plugin 1.15 and earlier allows attackers to connect to an attacker-specified URL server using attacker-specified credentials.2022-02-15not yet calculatedCVE-2022-25194
CONFIRM
jenkins -- autonomiq
 
A missing permission check in Jenkins autonomiq Plugin 1.15 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials.2022-02-15not yet calculatedCVE-2022-25195
CONFIRM
jenkins -- checkmarx
 
A cross-site request forgery (CSRF) vulnerability in Jenkins Checkmarx Plugin 2022.1.2 and earlier allows attackers to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.2022-02-15not yet calculatedCVE-2022-25200
CONFIRM
MLIST
jenkins -- checkmarx
 
Missing permission checks in Jenkins Checkmarx Plugin 2022.1.2 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.2022-02-15not yet calculatedCVE-2022-25201
CONFIRM
jenkins -- chef_sinatraA cross-site request forgery (CSRF) vulnerability in Jenkins Chef Sinatra Plugin 1.20 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-controlled URL and have it parse an XML response.2022-02-15not yet calculatedCVE-2022-25207
CONFIRM
MLIST
jenkins -- chef_sinatra
 
Jenkins Chef Sinatra Plugin 1.20 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.2022-02-15not yet calculatedCVE-2022-25209
CONFIRM
jenkins -- chef_sinatra
 
A missing permission check in Jenkins Chef Sinatra Plugin 1.20 and earlier allows attackers with Overall/Read permission to have Jenkins send an HTTP request to an attacker-controlled URL and have it parse an XML response.2022-02-15not yet calculatedCVE-2022-25208
CONFIRM
MLIST
jenkins -- conjur_secrets
 
A missing permission check in Jenkins Conjur Secrets Plugin 1.0.11 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.2022-02-15not yet calculatedCVE-2022-25190
CONFIRM
jenkins -- convertigo_mobile_platform
 
Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier uses static fields to store job configuration information, allowing attackers with Item/Configure permission to capture passwords of the jobs that will be configured.2022-02-15not yet calculatedCVE-2022-25210
CONFIRM
jenkins -- custom_checkbox_parameter
 
Jenkins Custom Checkbox Parameter Plugin 1.1 and earlier does not escape parameter names of custom checkbox parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.2022-02-15not yet calculatedCVE-2022-25189
CONFIRM
jenkins -- dbchartsA cross-site request forgery (CSRF) vulnerability in Jenkins dbCharts Plugin 0.5.2 and earlier allows attackers to connect to an attacker-specified database via JDBC using attacker-specified credentials and to determine if a class is available in the Jenkins instance.2022-02-15not yet calculatedCVE-2022-25205
CONFIRM
jenkins -- dbcharts
 
A missing check in Jenkins dbCharts Plugin 0.5.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified database via JDBC using attacker-specified credentials.2022-02-15not yet calculatedCVE-2022-25206
CONFIRM
jenkins -- doktor
 
Jenkins Doktor Plugin 0.4.1 and earlier implements functionality that allows agent processes to render files on the controller as Markdown or Asciidoc, and error messages allow attackers able to control agent processes to determine whether a file with a given name exists.2022-02-15not yet calculatedCVE-2022-25204
CONFIRM
jenkins -- fortify
 
Jenkins Fortify Plugin 20.2.34 and earlier does not sanitize the appName and appVersion parameters of its Pipeline steps, allowing attackers with Item/Configure permission to write or overwrite .xml files on the Jenkins controller file system with content not controllable by the attacker.2022-02-15not yet calculatedCVE-2022-25188
CONFIRM
MLIST
jenkins -- generic_webhook_trigger
 
Jenkins Generic Webhook Trigger Plugin 1.81 and earlier does not escape the build cause when using the webhook, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.2022-02-15not yet calculatedCVE-2022-25185
CONFIRM
MLIST
jenkins -- gitlab_authentication
 
Jenkins GitLab Authentication Plugin 1.13 and earlier records the HTTP Referer header as part of the URL query parameters when the authentication process starts, allowing attackers with access to Jenkins to craft a URL that will redirect users to an attacker-specified URL after logging in.2022-02-15not yet calculatedCVE-2022-25196
CONFIRM
MLIST
jenkins -- hashicorp_vault
 
Jenkins HashiCorp Vault Plugin 3.8.0 and earlier implements functionality that allows agent processes to retrieve any Vault secrets for use on the agent, allowing attackers able to control agent processes to obtain Vault secrets for an attacker-specified path and key.2022-02-15not yet calculatedCVE-2022-25186
CONFIRM
jenkins -- hashicorp_vault
 
Jenkins HashiCorp Vault Plugin 336.v182c0fbaaeb7 and earlier implements functionality that allows agent processes to read arbitrary files on the Jenkins controller file system.2022-02-15not yet calculatedCVE-2022-25197
CONFIRM
jenkins -- pipeline_build_step
 
Jenkins Pipeline: Build Step Plugin 2.15 and earlier reveals password parameter default values when generating a pipeline script using the Pipeline Snippet Generator, allowing attackers with Item/Read permission to retrieve the default password parameter value from jobs.2022-02-15not yet calculatedCVE-2022-25184
CONFIRM
jenkins -- pipeline_groovyJenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier includes password parameters from the original build in replayed builds, allowing attackers with Run/Replay permission to obtain the values of password parameters passed to previous builds of a Pipeline.2022-02-15not yet calculatedCVE-2022-25180
CONFIRM
jenkins -- pipeline_groovy
 
Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier follows symbolic links to locations outside of the checkout directory for the configured SCM when reading the script file (typically Jenkinsfile) for Pipelines, allowing attackers able to configure Pipelines to read arbitrary files on the Jenkins controller file system.2022-02-15not yet calculatedCVE-2022-25176
CONFIRM
jenkins -- pipeline_groovy
 
Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier uses the same checkout directories for distinct SCMs when reading the script file (typically Jenkinsfile) for Pipelines, allowing attackers with Item/Configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents.2022-02-15not yet calculatedCVE-2022-25173
CONFIRM
MLIST
jenkins -- pipeline_multibranch
 
Jenkins Pipeline: Multibranch Plugin 706.vd43c65dec013 and earlier uses distinct checkout directories per SCM for the readTrusted step, allowing attackers with Item/Configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents.2022-02-15not yet calculatedCVE-2022-25175
CONFIRM
jenkins -- pipeline_shared_groovy
 
Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier uses the same checkout directories for distinct SCMs for Pipeline libraries, allowing attackers with Item/Configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents.2022-02-15not yet calculatedCVE-2022-25174
CONFIRM
jenkins -- pipeline_shared_groovy_librariesA sandbox bypass vulnerability in Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier allows attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM through crafted SCM contents, if a global Pipeline library already exists.2022-02-15not yet calculatedCVE-2022-25181
CONFIRM
jenkins -- pipeline_shared_groovy_libraries
 
Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier uses the names of Pipeline libraries to create cache directories without any sanitization, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM using specially crafted library names if a global Pipeline library configured to use caching already exists.2022-02-15not yet calculatedCVE-2022-25183
CONFIRM
jenkins -- pipeline_shared_groovy_libraries
 
A sandbox bypass vulnerability in Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier allows attackers with Item/Configure permission to execute arbitrary code on the Jenkins controller JVM using specially crafted library names if a global Pipeline library is already configured.2022-02-15not yet calculatedCVE-2022-25182
CONFIRM
jenkins -- pipeline_shared_groovy_libraries
 
Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier does not restrict the names of resources passed to the libraryResource step, allowing attackers able to configure Pipelines permission to read arbitrary files on the Jenkins controller file system.2022-02-15not yet calculatedCVE-2022-25178
CONFIRM
jenkins -- pipeline_shared_groovy_libraries
 
Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier follows symbolic links to locations outside of the expected Pipeline library when reading files using the libraryResource step, allowing attackers able to configure Pipelines to read arbitrary files on the Jenkins controller file system.2022-02-15not yet calculatedCVE-2022-25177
CONFIRM
jenkins -- promoted_builds
 
Jenkins Promoted Builds (Simple) Plugin 1.9 and earlier does not escape the name of custom promotion levels, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Overall/Administer permission.2022-02-15not yet calculatedCVE-2022-25202
CONFIRM
jenkins -- scp_publisherA cross-site request forgery (CSRF) vulnerability in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials.2022-02-15not yet calculatedCVE-2022-25198
CONFIRM
jenkins -- scp_publisher
 
A missing permission check in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials.2022-02-15not yet calculatedCVE-2022-25199
CONFIRM
jenkins -- snow_commanderA cross-site request forgery (CSRF) vulnerability in Jenkins Snow Commander Plugin 2.0 and earlier allows attackers to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.2022-02-15not yet calculatedCVE-2022-25192
CONFIRM
jenkins -- snow_commander
 
Missing permission checks in Jenkins Snow Commander Plugin 2.0 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.2022-02-15not yet calculatedCVE-2022-25193
CONFIRM
jenkins -- support_core
 
Jenkins Support Core Plugin 2.79 and earlier does not redact some sensitive information in the support bundle.2022-02-15not yet calculatedCVE-2022-25187
CONFIRM
jenkins -- swampA missing permission check in Jenkins SWAMP Plugin 1.2.6 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server using attacker-specified credentials.2022-02-15not yet calculatedCVE-2022-25211
CONFIRM
jenkins -- swamp
 
A cross-site request forgery (CSRF) vulnerability in Jenkins SWAMP Plugin 1.2.6 and earlier allows attackers to connect to an attacker-specified web server using attacker-specified credentials.2022-02-15not yet calculatedCVE-2022-25212
CONFIRM
jenkins -- teams_viewsJenkins Team Views Plugin 0.9.0 and earlier does not escape team names, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Overall/Read permission.2022-02-15not yet calculatedCVE-2022-25203
CONFIRM
jerryscript_project -- jerryscript
 
There is an Assertion in 'context_p->next_scanner_info_p->type == SCANNER_TYPE_FUNCTION' failed at parser_parse_function_arguments in /js/js-parser.c of JerryScript commit a6ab5e9.2022-02-17not yet calculatedCVE-2022-22901
MISC
MISC
MISC
jqueryform.com -- jqueryform.com
 
Forms generated by JQueryForm.com before 2022-02-05 (if file-upload capability is enabled) allow remote unauthenticated attackers to upload executable files and achieve remote code execution. This occurs because file-extension checks occur on the client side, and because not all executable content (e.g., .phtml or .php.bak) is blocked.2022-02-16not yet calculatedCVE-2022-24984
MISC
MISC
MISC
jqueryform.com -- jqueryform.com
 
A reflected cross-site scripting (XSS) vulnerability in forms generated by JQueryForm.com before 2022-02-05 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter to admin.php.2022-02-16not yet calculatedCVE-2022-24981
MISC
MISC
MISC
jqueryform.com -- jqueryform.com
 
Forms generated by JQueryForm.com before 2022-02-05 allows a remote authenticated attacker to access the cleartext credentials of all other form users. admin.php contains a hidden base64-encoded string with these credentials.2022-02-16not yet calculatedCVE-2022-24982
MISC
MISC
MISC
jqueryform.com -- jqueryform.com
 
Forms generated by JQueryForm.com before 2022-02-05 allow remote attackers to obtain the URI to any uploaded file by capturing the POST response. When chained with CVE-2022-24984, this could lead to unauthenticated remote code execution on the underlying web server. This occurs because the Unique ID field is contained in the POST response upon submitting a form.2022-02-16not yet calculatedCVE-2022-24983
MISC
MISC
MISC
jqueryform.com -- jqueryform.com
 
Forms generated by JQueryForm.com before 2022-02-05 allows a remote authenticated attacker to bypass authentication and access the administrative section of other forms hosted on the same web server. This is relevant only when an organization hosts more than one of these forms on their server.2022-02-16not yet calculatedCVE-2022-24985
MISC
MISC
MISC
k-box -- k-box
 
K-Box is a web-based application to manage documents, images, videos and geodata. Prior to version 0.33.1, a stored Cross-Site-Scripting (XSS) vulnerability is present in the markdown editor used by the document abstract and markdown file preview. A specifically crafted anchor link can, if clicked, execute untrusted javascript actions, like retrieving user cookies. Version 0.33.1 includes a patch that allows discarding unsafe links.2022-02-14not yet calculatedCVE-2022-23637
MISC
CONFIRM
kicad -- edaA stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon ReadXYCoord coordinate parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.2022-02-16not yet calculatedCVE-2022-23803
MISC
kicad -- eda
 
A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon ReadIJCoord coordinate parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.2022-02-16not yet calculatedCVE-2022-23804
MISC
kiteworks_mft-- kiteworks_mft
 
Kiteworks MFT 7.5 may allow an unauthorized user to reset other users' passwords. This is fixed in version 7.6 and later.2022-02-14not yet calculatedCVE-2022-24110
MISC
CONFIRM
kkfileview -- kkfileview
 
kkFileview v4.0.0 has arbitrary file read through a directory traversal vulnerability which may lead to sensitive file leak on related host.2022-02-15not yet calculatedCVE-2021-43734
MISC
kvm_amd -- kvm_amd
 
A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES). A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction (for example, outs or ins) using the exit reason SVM_EXIT_IOIO. This issue results in a crash of the entire system or a potential guest-to-host escape scenario.2022-02-18not yet calculatedCVE-2021-4093
MISC
MISC
lemminx -- lemminx
 
A flaw was found in LemMinX in versions prior to 0.19.0. Insecure redirect could allow unauthorized access to sensitive information locally if LemMinX is run under a privileged user.2022-02-18not yet calculatedCVE-2022-0672
MISC
lemminx -- lemminx
 
A flaw was found in LemMinX in versions prior to 0.19.0. Cache poisoning of external schema files due to directory traversal.2022-02-18not yet calculatedCVE-2022-0673
MISC

libexa -- dxp_exsystems/expublish-kernel

Ibexa DXP ezsystems/ezpublish-kernel 7.5.x before 7.5.26 and 1.3.x before 1.3.12 allows injection attacks via image filenames.2022-02-18not yet calculatedCVE-2022-25337
MISC
libexa -- dxp_exsystems/expublish-kernel
 
Ibexa DXP ezsystems/ezpublish-kernel 7.5.x before 7.5.26 and 1.3.x before 1.3.12 allows Insecure Direct Object Reference (IDOR) attacks against image files because the image path and filename can be correctly deduced.2022-02-18not yet calculatedCVE-2022-25336
MISC
librenms -- librenmsExposure of Sensitive Information to an Unauthorized Actor in Packagist librenms/librenms prior to 22.2.0.2022-02-15not yet calculatedCVE-2022-0588
CONFIRM
MISC
MISC
librenms -- librenmsCross-site Scripting (XSS) - Stored in Packagist librenms/librenms prior to 22.2.0.2022-02-14not yet calculatedCVE-2022-0575
MISC
CONFIRM
MISC
librenms -- librenmsImproper Authorization in Packagist librenms/librenms prior to 22.2.0.2022-02-15not yet calculatedCVE-2022-0587
CONFIRM
MISC
MISC
librenms -- librenms
 
Improper Access Control in Packagist librenms/librenms prior to 22.2.0.2022-02-14not yet calculatedCVE-2022-0580
CONFIRM
MISC
MISC
librenms -- librenms
 
Cross-site Scripting (XSS) - Generic in Packagist librenms/librenms prior to 22.1.0.2022-02-14not yet calculatedCVE-2022-0576
MISC
CONFIRM
MISC
librenms -- librenms
 
Cross-site Scripting (XSS) - Stored in Packagist librenms/librenms prior to 22.1.0.2022-02-15not yet calculatedCVE-2022-0589
MISC
CONFIRM
MISC
libsixel -- libsixel
 
In libsixel 1.8.6, sixel_encoder_output_without_macro (called from sixel_encoder_encode_frame in encoder.c) has a double free.2022-02-19not yet calculatedCVE-2021-46700
MISC
linux -- linux_kernelA flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability.2022-02-16not yet calculatedCVE-2021-3760
MISC
linux -- linux_kernel
 
A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.2022-02-16not yet calculatedCVE-2021-3752
MISC
MISC
MISC
linux -- linux_kernel
 
A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system.2022-02-18not yet calculatedCVE-2021-20321
MISC
MISC
linux -- linux_kernel
 
In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.2022-02-14not yet calculatedCVE-2021-44879
MISC
CONFIRM
MISC
MISC
linux -- linux_kernel
 
An out-of-bounds (OOB) memory write flaw was found in the NFSD in the Linux kernel. Missing sanity may lead to a write beyond bmval[bmlen-1] in nfsd4_decode_bitmap4 in fs/nfsd/nfs4xdr.c. In this flaw, a local attacker with user privilege may gain access to out-of-bounds memory, leading to a system integrity and confidentiality threat.2022-02-18not yet calculatedCVE-2021-4090
MISC
MISC
linux -- linux_kernel
 
A flaw was found in s390 eBPF JIT in bpf_jit_insn in arch/s390/net/bpf_jit_comp.c in the Linux kernel. In this flaw, a local attacker with special user privilege can circumvent the verifier and may lead to a confidentiality problem.2022-02-18not yet calculatedCVE-2021-20320
MISC
MISC
linux -- linux_kernel
 
A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.2022-02-16not yet calculatedCVE-2022-0617
MISC
MISC
MISC
linux -- linux_kernel
 
An information leak flaw was found due to uninitialized memory in the Linux kernel's TIPC protocol subsystem, in the way a user sends a TIPC datagram to one or more destinations. This flaw allows a local user to read some kernel memory. This issue is limited to no more than 7 bytes, and the user cannot control what is read. This flaw affects the Linux kernel versions prior to 5.17-rc1.2022-02-11not yet calculatedCVE-2022-0382
MISC
linux -- linux_kernel
 
A flaw use after free in the Linux kernel Management Component Transport Protocol (MCTP) subsystem was found in the way user triggers cancel_work_sync after the unregister_netdev during removing device. A local user could use this flaw to crash the system or escalate their privileges on the system. It is actual from Linux Kernel 5.17-rc1 (when mctp-serial.c introduced) till 5.17-rc5.2022-02-18not yet calculatedCVE-2022-0646
MISC
linux -- linux_kernel
 
An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruption might occur.2022-02-16not yet calculatedCVE-2022-25258
MISC
MISC
MISC
linux -- linux_kernel
 
In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20). This can cause execution of bytes located in supposedly non-executable regions of a file.2022-02-16not yet calculatedCVE-2022-25265
MISC
MISC
linux -- linux_kernel
 
A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well.2022-02-18not yet calculatedCVE-2021-20322
MISC
MISC
MISC
MISC
MISC
linux -- linux_kernel
 
A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality.2022-02-16not yet calculatedCVE-2021-3753
MISC
MISC
MISC
litespeed.js -- litespeed.js
 
This affects the package litespeed.js before 0.3.12; the package appwrite/server-ce from 0.12.0 and before 0.12.2, before 0.11.1. When parsing the query string in the getJsonFromUrl function, the key that is set in the result object is not properly sanitized leading to a Prototype Pollution vulnerability.2022-02-16not yet calculatedCVE-2021-23682
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
liveconfig -- liveconfigA Stored XSS issue exists in the admin/users user administration form in LiveConfig 2.12.2.2022-02-18not yet calculatedCVE-2021-40840
MISC
MISC
liveconfig -- liveconfigA Path Traversal vulnerability for a log file in LiveConfig 2.12.2 allows authenticated attackers to read files on the underlying server.2022-02-18not yet calculatedCVE-2021-40841
MISC
MISC
livehelperchat -- livehelperchat
 
Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.2022-02-16not yet calculatedCVE-2022-0612
CONFIRM
MISC
magnolia -- magnolia
 
A Server-Side Template Injection (SSTI) vulnerability in the Registration and Forgotten Password forms of Magnolia v6.2.3 and below allows attackers to execute arbitrary code via a crafted payload entered into the fullname parameter.2022-02-11not yet calculatedCVE-2021-46362
MISC
MISC
magnolia -- magnolia
 
An issue in the Export function of Magnolia v6.2.3 and below allows attackers to execute arbitrary code via a crafted XLF file.2022-02-11not yet calculatedCVE-2021-46365
MISC
MISC
magnolia -- magnolia
 
An issue in the Export function of Magnolia v6.2.3 and below allows attackers to execute arbitrary code via a crafted CSV/XLS file.2022-02-11not yet calculatedCVE-2021-46363
MISC
MISC
magnolia_cms -- magnolia_cms
 
An issue in the Freemark Filter of Magnolia CMS v6.2.11 and below allows attackers to bypass security restrictions and execute arbitrary code via a crafted FreeMarker payload.2022-02-11not yet calculatedCVE-2021-46361
MISC
MISC
mappress_maps -- mappress_maps
 
The MapPress Maps for WordPress plugin before 2.73.4 does not sanitise and escape the mapid parameter before outputting it back in the "Bad mapid" error message, leading to a Reflected Cross-Site Scripting2022-02-14not yet calculatedCVE-2022-0208
MISC
mariadb -- mariadbThis vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16193.2022-02-18not yet calculatedCVE-2022-24051
MISC
MISC
mariadb -- mariadbThis vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16207.2022-02-18not yet calculatedCVE-2022-24050
MISC
MISC
mariadb -- mariadb
 
This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16191.2022-02-18not yet calculatedCVE-2022-24048
MISC
MISC
mariadb -- mariadb
 
This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16190.2022-02-18not yet calculatedCVE-2022-24052
MISC
MISC
mbsync -- mbsync
 
A flaw was found in mbsync before v1.3.6 and v1.4.2, where an unchecked pointer cast allows a malicious or compromised server to write an arbitrary integer value past the end of a heap-allocated structure by issuing an unexpected APPENDUID response. This could be plausibly exploited for remote code execution on the client.2022-02-16not yet calculatedCVE-2021-3578
MISC
MISC
MLIST
FEDORA
MISC
FEDORA
MISC
mbsync -- mbsync
 
A flaw was found in mbsync versions prior to 1.4.4. Due to inadequate handling of extremely large (>=2GiB) IMAP literals, malicious or compromised IMAP servers, and hypothetically even external email senders, could cause several different buffer overflows, which could conceivably be exploited for remote code execution.2022-02-18not yet calculatedCVE-2021-3657
MISC
MISC
mediawiki -- mediawiki
 
MediaWiki before 1.23.16, 1.24.x through 1.27.x before 1.27.2, and 1.28.x before 1.28.1 allows remote attackers to discover the IP addresses of Wiki visitors via a style="background-image: attr(title url);" attack within a DIV element that has an attacker-controlled URL in the title attribute.2022-02-18not yet calculatedCVE-2017-0371
MISC
MISC
metinfo -- metinfo
 
Metinfo v7.5.0 was discovered to contain a SQL injection vulnerability in language_general.class.php via doModifyParameter.2022-02-14not yet calculatedCVE-2022-23335
MISC
metinfo -- metinfo
 
Metinfo v7.5.0 was discovered to contain a SQL injection vulnerability in parameter_admin.class.php via the table_para parameter.2022-02-14not yet calculatedCVE-2022-22295
MISC
microweber -- microweberCross-site Scripting (XSS) - Reflected in Packagist microweber/microweber prior to 1.2.11.2022-02-19not yet calculatedCVE-2022-0678
CONFIRM
MISC
microweber -- microweberBusiness Logic Errors in Packagist microweber/microweber prior to 1.2.11.2022-02-15not yet calculatedCVE-2022-0596
CONFIRM
MISC
microweber -- microweberUse multiple time the one-time coupon in Packagist microweber/microweber prior to 1.2.11.2022-02-19not yet calculatedCVE-2022-0689
MISC
CONFIRM
microweber -- microweber
 
Cross-site Scripting (XSS) - Reflected in Packagist microweber/microweber prior to 1.2.11.2022-02-19not yet calculatedCVE-2022-0690
MISC
CONFIRM
microweber -- microweber
 
Generation of Error Message Containing Sensitive Information in Packagist microweber/microweber prior to 1.2.11.2022-02-18not yet calculatedCVE-2022-0660
CONFIRM
MISC
microweber -- microweber
 
CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11.2022-02-18not yet calculatedCVE-2022-0666
MISC
CONFIRM
microweber -- microweber
 
Open Redirect in Packagist microweber/microweber prior to 1.2.11.2022-02-15not yet calculatedCVE-2022-0597
CONFIRM
MISC
microweber -- microweber
 
Cross-Site Request Forgery (CSRF) in Packagist microweber/microweber prior to 1.2.11.2022-02-17not yet calculatedCVE-2022-0638
MISC
CONFIRM
mig-controller -- mig-controller
 
An incorrect default permissions vulnerability was found in the mig-controller. Due to an incorrect cluster namespaces handling an attacker may be able to migrate a malicious workload to the target cluster, impacting confidentiality, integrity, and availability of the services located on that cluster.2022-02-18not yet calculatedCVE-2021-3948
MISC
ming-soft -- mcms
 
A problem was found in ming-soft MCMS v5.1. There is a sql injection vulnerability in /ms/cms/content/list.do2022-02-17not yet calculatedCVE-2021-44868
MISC
ming-soft -- mcms
 
MCMS v5.2.5 was discovered to contain a Server Side Template Injection (SSTI) vulnerability via the Template Management module.2022-02-18not yet calculatedCVE-2021-46063
MISC
ming-soft -- mcms
 
An arbitrary file upload vulnerability in the component /ms/file/uploadTemplate.do of MCMS v5.2.4 allows attackers to execute arbitrary code.2022-02-18not yet calculatedCVE-2021-46036
MISC
ming-soft -- mcms
 
MCMS v5.2.4 was discovered to contain an arbitrary file deletion vulnerability via the component /template/unzip.do.2022-02-18not yet calculatedCVE-2021-46037
MISC
ming-soft -- mcms
 
MCMS v5.2.5 was discovered to contain an arbitrary file deletion vulnerability via the component oldFileName.2022-02-18not yet calculatedCVE-2021-46062
MISC
mitsubishi_electric -- multiple_factory_automation_engineering_software_products
 
Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious code execution vulnerability. A malicious attacker could use this vulnerability to obtain information, modify information, and cause a denial-of-service condition.2022-02-11not yet calculatedCVE-2020-14521
MISC
MISC
mobisoft -- mobiplus
 
MobiSoft - MobiPlus User Take Over and Improper Handling of url Parameters Attacker can navigate to specific url which will expose all the users and password in clear text. http://IP/MobiPlusWeb/Handlers/MainHandler.ashx?MethodName=GridData&amp;GridName=Users2022-02-16not yet calculatedCVE-2022-22792
MISC
mortgage_calculators_wp -- mortgage_calculators_wp
 
The Mortgage Calculators WP WordPress plugin before 1.56 does not implement any sanitisation on the color setting of the background of a calculator, which could allow high privilege users to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.2022-02-14not yet calculatedCVE-2021-24904
MISC
moxa -- routers
 
Moxa TN-5900 v3.1 series routers, MGate 5109 v2.2 series protocol gateways, and MGate 5101-PBM-MN v2.1 series protocol gateways were discovered to contain a memory leak which allows attackers to cause a Denial of Service (DoS) via crafted packets.2022-02-18not yet calculatedCVE-2021-46082
MISC
MISC
mruby -- mrubyOut-of-bounds Read in Homebrew mruby prior to 3.2.2022-02-19not yet calculatedCVE-2022-0630
MISC
CONFIRM
mruby -- mrubyOut-of-bounds Read in Homebrew mruby prior to 3.2.2022-02-17not yet calculatedCVE-2022-0623
CONFIRM
MISC
mruby -- mrubyUse of Out-of-range Pointer Offset in Homebrew mruby prior to 3.2.2022-02-16not yet calculatedCVE-2022-0614
CONFIRM
MISC
mruby -- mrubyHeap-based Buffer Overflow in Homebrew mruby prior to 3.2.2022-02-18not yet calculatedCVE-2022-0631
MISC
CONFIRM
mruby -- mruby
 
Heap-based Buffer Overflow in Homebrew mruby prior to 3.2.2022-02-14not yet calculatedCVE-2022-0570
CONFIRM
MISC
mruby -- mruby
 
NULL Pointer Dereference in Homebrew mruby prior to 3.2.2022-02-19not yet calculatedCVE-2022-0632
CONFIRM
MISC
netfliter -- netfilter
 
A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks.2022-02-16not yet calculatedCVE-2021-3773
MISC
newstatpress -- newstatpress
 
The NewStatPress WordPress plugin before 1.3.6 does not properly escape the whatX parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues2022-02-14not yet calculatedCVE-2022-0206
MISC
nginx -- njsnjs through 0.7.1, used in NGINX, was discovered to contain a segmentation violation via njs_object_set_prototype in /src/njs_object.c.2022-02-14not yet calculatedCVE-2021-46462
MISC
MISC
nginx -- njsnjs through 0.7.1, used in NGINX, was discovered to contain a control flow hijack caused by a Type Confusion vulnerability in njs_promise_perform_then().2022-02-14not yet calculatedCVE-2021-46463
MISC
MISC
nginx -- njs
 
njs through 0.7.0, used in NGINX, was discovered to contain a heap use-after-free in njs_await_fulfilled.2022-02-14not yet calculatedCVE-2022-25139
MISC
MISC
nginx -- njs
 
njs through 0.7.0, used in NGINX, was discovered to contain an out-of-bounds array access via njs_vmcode_typeof in /src/njs_vmcode.c.2022-02-14not yet calculatedCVE-2021-46461
MISC
MISC
npm_urijs -- npm_urijs
 
Authorization Bypass Through User-Controlled Key in NPM urijs prior to 1.19.8.2022-02-16not yet calculatedCVE-2022-0613
CONFIRM
MISC
npm_url-parse -- npm_url-parse
 
Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.6.2022-02-14not yet calculatedCVE-2022-0512
CONFIRM
MISC
npm_url-parse -- npm_url-parse
 
Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.7.2022-02-17not yet calculatedCVE-2022-0639
MISC
CONFIRM
nvidia -- license_system
 
NVIDIA License System contains a vulnerability in the installation scripts for the DLS virtual appliance, where a user on a network after signing in to the portal can access other users’ credentials, allowing them to gain escalated privileges, resulting in limited impact to both confidentiality and integrity.2022-02-15not yet calculatedCVE-2022-21818
MISC
o2oa -- o2oa
 
O2OA v6.4.7 was discovered to contain a remote code execution (RCE) vulnerability via /x_program_center/jaxrs/invoke.2022-02-17not yet calculatedCVE-2022-22916
MISC
MISC
object-extend -- object-extend
 
The package object-extend from 0.0.0 are vulnerable to Prototype Pollution via object-extend.2022-02-18not yet calculatedCVE-2021-23702
CONFIRM
online_shopping_portal -- online_shopping_portal
 
Online Shopping Portal v3.1 was discovered to contain multiple time-based SQL injection vulnerabilities via the email and contactno parameters.2022-02-18not yet calculatedCVE-2021-46110
MISC
ovidentia_cms -- ovidentia_cms
 
An incorrect access control issue in the component FileManager of Ovidentia CMS 6.0 allows authenticated attackers to to view and download content in the upload directory via path traversal.2022-02-17not yet calculatedCVE-2022-22914
MISC
MISC
pcf2bdf -- pcf2bdfA segmentation fault during PCF file parsing in pcf2bdf versions >=1.05 allows an attacker to trigger a program crash via a specially crafted PCF font file. This crash affects the availability of the software and dependent downstream components.2022-02-17not yet calculatedCVE-2022-23319
MISC
MISC
pcf2bdf -- pcf2bdf
 
A heap-buffer-overflow in pcf2bdf, versions >= 1.05 allows an attacker to trigger unsafe memory access via a specially crafted PCF font file. This out-of-bound read may lead to an application crash, information disclosure via program memory or other context-dependent impact.2022-02-17not yet calculatedCVE-2022-23318
MISC
MISC
perfect_brands -- perfect_brands
 
The vulnerability discovered in WordPress Perfect Brands for WooCommerce plugin (versions <= 2.0.4) allows server information exposure.2022-02-18not yet calculatedCVE-2022-23982
CONFIRM
CONFIRM
perfect_brands -- perfect_brands
 
The vulnerability allows Subscriber+ level users to create brands in WordPress Perfect Brands for WooCommerce plugin (versions <= 2.0.4).2022-02-18not yet calculatedCVE-2022-23981
CONFIRM
CONFIRM
pexip -- infinity
 
Pexip Infinity before 27.0 has improper WebRTC input validation. An unauthenticated remote attacker can use excessive resources, temporarily causing denial of service.2022-02-18not yet calculatedCVE-2022-23228
MISC
pexip -- infinity_connect
 
Pexip Infinity Connect before 1.8.0 omits certain provisioning authenticity checks. Thus, untrusted code may execute.2022-02-18not yet calculatedCVE-2021-29655
MISC
pexip -- infinity_connect
 
Pexip Infinity Connect before 1.8.0 mishandles TLS certificate validation. The allow list is not properly checked.2022-02-18not yet calculatedCVE-2021-29656
MISC
phoronix-test-suite -- phoronix-test-suite
 
Cross-site Scripting (XSS) - Reflected in GitHub repository phoronix-test-suite/phoronix-test-suite prior to 10.8.2.2022-02-14not yet calculatedCVE-2022-0571
CONFIRM
MISC
php-fusion -- php-fusion
 
A reflected cross-site scripting (XSS) vulnerability in PHP-Fusion 7.02.07 allows remote attackers to inject arbitrary web script or HTML via the status parameter in the CMS admin panel.2022-02-17not yet calculatedCVE-2014-8597
MISC
php_everywhere -- php_everywhere
 
PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via a WordPress gutenberg block by any user able to edit posts.2022-02-16not yet calculatedCVE-2022-24665
MISC
php_everywhere -- php_everywhere
 
PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress metaboxes, which could be used by any user able to edit posts.2022-02-16not yet calculatedCVE-2022-24664
MISC
php_everywhere -- php_everywhere
 
PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress shortcodes, which can be used by any authenticated user.2022-02-16not yet calculatedCVE-2022-24663
MISC
pimcore -- pimcore
 
Exposure of Sensitive Information to an Unauthorized Actor in Packagist pimcore/pimcore prior to 10.3.1.2022-02-14not yet calculatedCVE-2022-0565
MISC
CONFIRM
pjsip -- pjproductBuffer overflow in PJSUA API when calling pjsua_call_dump. An attacker-controlled 'buffer' argument may cause a buffer overflow, since supplying an output buffer smaller than 128 characters may overflow the output buffer, regardless of the 'maxlen' argument supplied2022-02-16not yet calculatedCVE-2021-43303
MISC
pjsip -- pjproductRead out-of-bounds in PJSUA API when calling pjsua_recorder_create. An attacker-controlled 'filename' argument may cause an out-of-bounds read when the filename is shorter than 4 characters.2022-02-16not yet calculatedCVE-2021-43302
MISC
pjsip -- pjproductStack overflow in PJSUA API when calling pjsua_playlist_create. An attacker-controlled 'file_names' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation.2022-02-16not yet calculatedCVE-2021-43301
MISC
pjsip -- pjproductStack overflow in PJSUA API when calling pjsua_recorder_create. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation.2022-02-16not yet calculatedCVE-2021-43300
MISC
pjsip -- pjproduct
 
Stack overflow in PJSUA API when calling pjsua_player_create. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation.2022-02-16not yet calculatedCVE-2021-43299
MISC
pki-server -- pki-server
 
A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threat from this vulnerability is to confidentiality.2022-02-16not yet calculatedCVE-2021-3551
MISC
plist -- plist
 
Prototype pollution vulnerability via .parse() in Plist before v3.0.4 allows attackers to cause a Denial of Service (DoS) and may lead to remote code execution.2022-02-17not yet calculatedCVE-2022-22912
MISC
pluxml -- pluxml
 
A stored cross-site scripting (XSS) vulnerability in the component core/admin/medias.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML.2022-02-15not yet calculatedCVE-2022-24587
MISC
MISC
pluxml -- pluxml
 
A stored cross-site scripting (XSS) vulnerability in the component /core/admin/categories.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the content and thumbnail parameters.2022-02-15not yet calculatedCVE-2022-24586
MISC
MISC
pluxml -- pluxml
 
A stored cross-site scripting (XSS) vulnerability in the component /core/admin/comment.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the author parameter.2022-02-15not yet calculatedCVE-2022-24585
MISC
MISC
polkit -- polkit
 
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.2022-02-16not yet calculatedCVE-2021-3560
MISC
MISC
prismjs -- prism
 
Prism is a syntax highlighting library. Starting with version 1.14.0 and prior to version 1.27.0, Prism's command line plugin can be used by attackers to achieve a cross-site scripting attack. The command line plugin did not properly escape its output, leading to the input text being inserted into the DOM as HTML code. Server-side usage of Prism is not impacted. Websites that do not use the Command Line plugin are also not impacted. This bug has been fixed in v1.27.0. As a workaround, do not use the command line plugin on untrusted inputs, or sanitize all code blocks (remove all HTML code text) from all code blocks that use the command line plugin.2022-02-18not yet calculatedCVE-2022-23647
CONFIRM
MISC
MISC
prometheus -- client_golang
 
client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. In client_golang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and potential memory exhaustion, when handling requests with non-standard HTTP methods. In order to be affected, an instrumented software must use any of `promhttp.InstrumentHandler*` middleware except `RequestsInFlight`; not filter any specific methods (e.g GET) before middleware; pass metric with `method` label name to our middleware; and not have any firewall/LB/proxy that filters away requests with unknown `method`. client_golang version 1.11.1 contains a patch for this issue. Several workarounds are available, including removing the `method` label name from counter/gauge used in the InstrumentHandler; turning off affected promhttp handlers; adding custom middleware before promhttp handler that will sanitize the request method given by Go http.Request; and using a reverse proxy or web application firewall, configured to only allow a limited set of methods.2022-02-15not yet calculatedCVE-2022-21698
MISC
MISC
CONFIRM
MISC
publiccms -- publiccms
 
PublicCMS v4.0 was discovered to contain a remote code execution (RCE) vulnerability via the cmdarray parameter.2022-02-14not yet calculatedCVE-2022-23389
MISC
pybbs -- pybbs
 
A cross-site scripting (XSS) vulnerability in Pybbs v6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Search box.2022-02-14not yet calculatedCVE-2022-23391
MISC
qemu -- qemu
 
A stack-buffer-overflow was found in QEMU in the NVME component. The flaw lies in nvme_changed_nslist() where a malicious guest controlling certain input can read out of bounds memory. A malicious user could use this flaw leading to disclosure of sensitive information.2022-02-18not yet calculatedCVE-2021-3947
MISC
qemu -- qemu
 
An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the 'page' argument was set to MODE_PAGE_ALLS (0x3f). A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service condition.2022-02-18not yet calculatedCVE-2021-3930
MISC
red_hat -- enterprise_linux
 
Missing fixes for CVE-2021-40438 and CVE-2021-26691 in the versions of httpd, as shipped in Red Hat Enterprise Linux 8.5.0, causes a security regression compared to the versions shipped in Red Hat Enterprise Linux 8.4. A user who installs or updates to Red Hat Enterprise Linux 8.5.0 would be vulnerable to the mentioned CVEs, even if they were properly fixed in Red Hat Enterprise Linux 8.4. CVE-2021-20325 was assigned to that Red Hat specific security regression and it does not affect the upstream versions of httpd.2022-02-18not yet calculatedCVE-2021-20325
MISC
redis -- redis
 
It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.2022-02-18not yet calculatedCVE-2022-0543
MISC
DEBIAN
MISC
MLIST
ricoh -- printer_series
 
RICOH Printer series SP products 320DN, SP 325DNw, SP 320SN, SP 320SFN, SP 325SNw, SP 325SFNw, SP 330SN, Aficio SP 3500SF, SP 221S, SP 220SNw, SP 221SNw, SP 221SF, SP 220SFNw, SP 221SFNw v1.06 were discovered to contain a stack buffer overflow in the file /etc/wpa_supplicant.conf. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data.2022-02-15not yet calculatedCVE-2021-33945
MISC
rigoblock_dragos -- rigoblock_dragos
 
RigoBlock Dragos through 2022-02-17 lacks the onlyOwner modifier for setMultipleAllowances. This enables token manipulation, as exploited in the wild in February 2022. NOTE: although 2022-02-17 is the vendor's vulnerability announcement date, the vulnerability will not be remediated until a major protocol upgrade occurs.2022-02-18not yet calculatedCVE-2022-25335
MISC
MISC
MISC
MISC
MISC
s-cms -- s-cms
 
S-CMS v5.0 was discovered to contain a SQL injection vulnerability in member_pay.php via the O_id parameter.2022-02-14not yet calculatedCVE-2022-23336
MISC
samba -- samba
 
A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.2022-02-18not yet calculatedCVE-2020-25717
MISC
MISC
samba -- samba
 
A flaw was found in the way samba, as an Active Directory Domain Controller, is able to support an RODC (read-only domain controller). This would allow an RODC to print administrator tickets.2022-02-18not yet calculatedCVE-2020-25718
MISC
MISC
samba -- samba
 
A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required.2022-02-18not yet calculatedCVE-2016-2124
MISC
MISC
samba -- samba
 
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise.2022-02-18not yet calculatedCVE-2020-25719
MISC
MISC
samba -- samba
 
Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. An attacker could use this flaw to cause total domain compromise.2022-02-18not yet calculatedCVE-2020-25722
MISC
MISC
sangoma_technologies_corporation -- switchvox
 
Sangoma Technologies Corporation Switchvox Version 102409 is affected by an information disclosure vulnerability due to an improper access restriction. Users information such as first name, last name, acount id, server uuid, email address, profile image, number, timestamps, etc can be extracted by sending an unauthenticated HTTP GET request to the https://Switchvox-IP/main?cmd=invalid_browser.2022-02-14not yet calculatedCVE-2021-45310
MISC
sante -- dicom_viewer_proThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro 11.8.7.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K files. Crafted data in a J2K file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15076.2022-02-18not yet calculatedCVE-2022-24056
MISC
sante -- dicom_viewer_proThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro 13.2.0.21165. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15104.2022-02-18not yet calculatedCVE-2022-24062
MISC
sante -- dicom_viewer_proThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro 11.8.7.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K files. Crafted data in a J2K file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15095.2022-02-18not yet calculatedCVE-2022-24058
MISC
sante -- dicom_viewer_proThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro 11.8.7.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DCM files. Crafted data in a DCM file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process Was ZDI-CAN-15098.2022-02-18not yet calculatedCVE-2022-24059
MISC
sante -- dicom_viewer_proThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Sante DICOM Viewer Pro 11.8.7.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DCM files. Crafted data in a DCM file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15099.2022-02-18not yet calculatedCVE-2022-24060
MISC
sante -- dicom_viewer_proThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Sante DICOM Viewer Pro 11.8.7.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DCM files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15100.2022-02-18not yet calculatedCVE-2022-24061
MISC
sante -- dicom_viewer_proThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro 13.2.0.21165. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15105.2022-02-18not yet calculatedCVE-2022-24063
MISC
sante -- dicom_viewer_proThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro 11.8.7.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K files. Crafted data in a J2K file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15077.2022-02-18not yet calculatedCVE-2022-24057
MISC
sante -- dicom_viewer_proThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Sante DICOM Viewer Pro 11.8.7.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of GIF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14972.2022-02-18not yet calculatedCVE-2022-24055
MISC
sante -- dicom_viewer_pro
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro 11.8.8.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K images. Crafted data in a J2K file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15161.2022-02-18not yet calculatedCVE-2022-24064
MISC
sas -- web_report_studio
 
SAS Web Report Studio 4.4 allows XSS. /SASWebReportStudio/logonAndRender.do has two parameters: saspfs_request_backlabel_list and saspfs_request_backurl_list. The first one affects the content of the button placed in the top left. The second affects the page to which the user is directed after pressing the button, e.g., a malicious web page. In addition, the second parameter executes JavaScript, which means XSS is possible by adding a javascript: URL.2022-02-19not yet calculatedCVE-2022-25256
MISC
MISC
scoold -- scoold
 
Scoold 1.47.2 is a Q&A/knowledge base platform written in Java. When writing a Q&A, the markdown editor is vulnerable to a XSS attack when using uppercase letters.2022-02-18not yet calculatedCVE-2021-46372
MISC
scratchverifier -- scratchoauth2An issue in SOA2Login::commented of ScratchOAuth2 before commit a91879bd58fa83b09283c0708a1864cdf067c64a allows attackers to authenticate as other users on downstream components that rely on ScratchOAuth2.2022-02-15not yet calculatedCVE-2021-46250
MISC
scratchverifier -- scratchoauth2A reflected cross-site scripting (XSS) in ScratchOAuth2 before commit 1603f04e44ef67dde6ccffe866d2dca16defb293 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request.2022-02-15not yet calculatedCVE-2021-46251
MISC
scratchverifier -- scratchoauth2
 
An authorization bypass exploited by a user-controlled key in SpecificApps REST API in ScratchOAuth2 before commit d856dc704b2504cd3b92cf089fdd366dd40775d6 allows app owners to set flags that indicate whether an app is verified on their own apps.2022-02-15not yet calculatedCVE-2021-46249
MISC
sendinblue -- sendinblue
 
The Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue WordPress plugin before 3.1.31 does not escape the lang and pid parameter before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues2022-02-14not yet calculatedCVE-2021-24874
MISC
sha256crypt -- sha512crypt
 
sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password.2022-02-19not yet calculatedCVE-2016-20013
MISC
MISC
MISC
showdoc -- showdoc
 
Unrestricted Upload of File with Dangerous Type in Packagist showdoc/showdoc prior to 2.10.2.2022-02-19not yet calculatedCVE-2022-0409
CONFIRM
MISC
sigstore -- cosign
 
Cosign provides container signing, verification, and storage in an OCI registry for the sigstore project. Prior to version 1.5.2, Cosign can be manipulated to claim that an entry for a signature exists in the Rekor transparency log even if it doesn't. This requires the attacker to have pull and push permissions for the signature in OCI. This can happen with both standard signing with a keypair and "keyless signing" with Fulcio. If an attacker has access to the signature in OCI, they can manipulate cosign into believing the entry was stored in Rekor even though it wasn't. The vulnerability has been patched in v1.5.2 of Cosign. The `signature` in the `signedEntryTimestamp` provided by Rekor is now compared to the `signature` that is being verified. If these don't match, then an error is returned. If a valid bundle is copied to a different signature, verification should fail. Cosign output now only informs the user that certificates were verified if a certificate was in fact verified. There is currently no known workaround.2022-02-18not yet calculatedCVE-2022-23649
CONFIRM
MISC
simplelink -- simplelink_solution_nwp
 
An information disclosure vulnerability exists in the HTTP Server /ping.html functionality of Texas Instruments CC3200 SimpleLink Solution NWP 2.9.0.0. A specially-crafted HTTP request can lead to an uninitialized read. An attacker can send an HTTP request to trigger this vulnerability.2022-02-16not yet calculatedCVE-2021-21966
MISC
snapd -- snapdA race condition existed in the snapd 2.54.2 snap-confine binary when preparing a private mount namespace for a snap. This could allow a local attacker to gain root privileges by bind-mounting their own contents inside the snap's private mount namespace and causing snap-confine to execute arbitrary code and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.12022-02-17not yet calculatedCVE-2021-44731
MISC
MLIST
FEDORA
FEDORA
DEBIAN
snapd -- snapd
 
snapd 2.54.2 and earlier created ~/snap directories in user home directories without specifying owner-only permissions. This could allow a local attacker to read information that should have been private. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.12022-02-17not yet calculatedCVE-2021-3155
MISC
MISC
MISC
snapd -- snapd
 
snapd 2.54.2 did not properly validate the location of the snap-confine binary. A local attacker who can hardlink this binary to another location to cause snap-confine to execute other arbitrary binaries and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.12022-02-17not yet calculatedCVE-2021-44730
MISC
MLIST
FEDORA
FEDORA
DEBIAN
snapd -- snapd
 
snapd 2.54.2 fails to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layout declarations and hence escape strict snap confinement. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.12022-02-17not yet calculatedCVE-2021-4120
MISC
MISC
MLIST
FEDORA
FEDORA
snipe -- snipe-it
 
Exposure of Sensitive Information to an Unauthorized Actor in Packagist snipe/snipe-it prior to v5.3.9.2022-02-14not yet calculatedCVE-2022-0569
MISC
CONFIRM
snipe -- snipe-it
 
Improper Privilege Management in Packagist snipe/snipe-it prior to 5.3.11.2022-02-16not yet calculatedCVE-2022-0611
CONFIRM
MISC
snipe -- snipe-it
 
Generation of Error Message Containing Sensitive Information in Packagist snipe/snipe-it prior to 5.3.11.2022-02-17not yet calculatedCVE-2022-0622
CONFIRM
MISC
snipe -- snipe-it
 
Improper Privilege Management in Packagist snipe/snipe-it prior to 5.3.9.2022-02-14not yet calculatedCVE-2022-0579
CONFIRM
MISC
sonos -- one_speaker
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sonos One Speaker prior to 3.4.1 (S2 systems) and 11.2.13 build 57923290 (S1 systems). Authentication is not required to exploit this vulnerability. The specific flaw exists within the ALAC audio codec. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15798.2022-02-18not yet calculatedCVE-2022-24049
MISC
sonos -- one_speaker
 
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos One Speaker prior to 3.4.1 (S2 systems) and 11.2.13 build 57923290 (S1 systems). Authentication is not required to exploit this vulnerability. The specific flaw exists within the anacapd daemon. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15828.2022-02-18not yet calculatedCVE-2022-24046
MISC
sourcecodester -- attendance_management_system
 
An Arbitrary File Deletion vulnerability exists in SourceCodester Attendance Management System v1.0 via the csv parameter in admin/pageUploadCSV.php, which can cause a Denial of Service (crash).2022-02-14not yet calculatedCVE-2021-45348
MISC
sourcegraph -- sourcegraphSourcegraph is a code search and navigation engine. Sourcegraph prior to version 3.37 is vulnerable to remote code execution in the `gitserver` service. The service acts as a git exec proxy, and fails to properly restrict calling `git config`. This allows an attacker to set the git `core.sshCommand` option, which sets git to use the specified command instead of ssh when they need to connect to a remote system. Exploitation of this vulnerability depends on how Sourcegraph is deployed. An attacker able to make HTTP requests to internal services like gitserver is able to exploit it. This issue is patched in Sourcegraph version 3.37. As a workaround, ensure that requests to gitserver are properly protected.2022-02-18not yet calculatedCVE-2022-23642
CONFIRM
MISC
sourcegraph -- sourcegraph
 
Sourcegraph is a code search and navigation engine. Sourcegraph versions 3.35 and 3.36 reintroduced a previously fixed side-channel vulnerabilitity in the Code Monitoring feature where strings in private source code could be guessed by an authenticated but unauthorized actor. This issue affects only the Code Monitoring feature, whereas CVE-2021-43823 also affected saved searches. A successful attack would require an authenticated bad actor to create many Code Monitors to receive confirmation that a specific string exists. This could allow an attacker to guess formatted tokens in source code, such as API keys. This issue was patched in versions 3.35.2 and 3.36.3 of Sourcegraph. Those who are unable to upgrade may disable the Code Monitor feature in their installation.2022-02-15not yet calculatedCVE-2022-23643
CONFIRM
MISC
splashtop -- remote_client
 
Splashtop Remote Client (Business Edition) through 3.4.8.3 creates a Temporary File in a Directory with Insecure Permissions.2022-02-15not yet calculatedCVE-2021-42714
MISC
MISC
splashtop -- remote_client
 
Splashtop Remote Client (Personal Edition) through 3.4.6.1 creates a Temporary File in a Directory with Insecure Permissions.2022-02-15not yet calculatedCVE-2021-42713
MISC
MISC
splashtop -- streamer
 
Splashtop Streamer through 3.4.8.3 creates a Temporary File in a Directory with Insecure Permissions.2022-02-15not yet calculatedCVE-2021-42712
MISC
MISC
sprinfall -- webcc
 
This affects the package sprinfall/webcc before 0.3.0. It is possible to traverse directories to fetch arbitrary files from the server.2022-02-18not yet calculatedCVE-2022-25298
MISC
MISC
sqlite_project -- sqlite
 
A Memory Leak vulnerabilty exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries (made via editing the Database File), it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicous user obtain sensitive information..2022-02-14not yet calculatedCVE-2021-45346
MISC
svg-sanitizer -- svg-sanitizer
 
svg-sanitizer is a SVG/XML sanitizer written in PHP. A cross-site scripting vulnerability impacts all users of the `svg-sanitizer` library prior to version 0.15.0. This issue is fixed in version 0.15.0. There is currently no workaround available.2022-02-14not yet calculatedCVE-2022-23638
MISC
CONFIRM
svgpp_svg++_library -- svgpp_svg++_library
 
In SVGPP SVG++ library 1.3.0, the XMLDocument::getRoot function in the renderDocument function handled the XMLDocument object improperly, returning a null pointer in advance at the second if, resulting in a null pointer reference behind the renderDocument function.2022-02-15not yet calculatedCVE-2021-44960
MISC
MISC
swtpm -- swtpm
 
swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted header of swtpm's state, where the blobheader's hdrsize indicator has an invalid value, may cause an out-of-bounds access when the byte array representing the state of the TPM is accessed. This will likely crash swtpm or prevent it from starting since the state cannot be understood. Users should upgrade to swtpm v0.5.3, v0.6.2, or v0.7.1 to receive a patch. There are currently no known workarounds.2022-02-18not yet calculatedCVE-2022-23645
CONFIRM
MISC
MISC
MISC
MISC
symantec -- layer7_api_management_oauth_toolkit
 
A reflected cross-site scripting (XSS) vulnerability in the Symantec Layer7 API Management OAuth Toolkit (OTK) allows a remote attacker to craft a malicious URL for the OTK web UI and target OTK users with phishing attacks or other social engineering techniques. A successful attack allows injecting malicious code into the OTK web UI client application.2022-02-18not yet calculatedCVE-2021-30650
MISC
tenda -- routers
 
Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the wifiBasicCfg module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data.2022-02-15not yet calculatedCVE-2021-46321
MISC
tenda -- routers
 
Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the wanBasicCfg module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data.2022-02-15not yet calculatedCVE-2021-46265
MISC
tenda -- routers
 
Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the onlineList module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data.2022-02-15not yet calculatedCVE-2021-46264
MISC
tenda -- routers
 
Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the wifiTime module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data.2022-02-15not yet calculatedCVE-2021-46263
MISC
tenda -- routers
 
A vulnerability was discovered in Tenda AC9 v3.0 V15.03.06.42_multi and Tenda AC9 V1.0 V15.03.05.19(6318)_CN which allows for remote code execution via shell metacharacters in the guestuser field to the __fastcall function with a POST request.2022-02-11not yet calculatedCVE-2020-26728
MISC
MISC
MISC
tenda -- routers
 
Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the PPPoE module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data.2022-02-15not yet calculatedCVE-2021-46262
MISC
tenda -- routers
 
A Command injection vulnerability exists in Tenda AC10U AC1200 Smart Dual-band Wireless Router AC10U V1.0 Firmware V15.03.06.49_multi via the setUsbUnload functionality. The vulnerability is caused because the client controlled "deviceName" value is passed directly to the "doSystemCmd" function.2022-02-18not yet calculatedCVE-2021-45401
MISC
tenda -- routers
 
A Buffer Overflow vulnerability exists in Tenda Router AX12 V22.03.01.21_CN in the sub_422CE4 function in page /goform/setIPv6Status via the prefixDelegate parameter, which causes a Denial of Service.2022-02-14not yet calculatedCVE-2021-45392
MISC
MISC
MISC
MISC
tenda -- routers
 
A Buffer Overflow vulnerability exists in Tenda Router AX12 V22.03.01.21_CN in the sub_422CE4 function in the goform/setIPv6Status binary file /usr/sbin/httpd via the conType parameter, which causes a Denial of Service.2022-02-16not yet calculatedCVE-2021-45391
MISC
MISC
MISC
MISC
termtalk_server -- termtalk_server
 
A Directory Traversal vulnerability exists in Solari di Udine TermTalk Server (TTServer) 3.24.0.2, which lets an unauthenticated malicious user gain access to the files on the remote system by gaining access to the relative path of the file they want to download (http://url:port/file?valore).2022-02-15not yet calculatedCVE-2021-35380
MISC
MISC
tibco -- auditsafe
 
The Web Server component of TIBCO Software Inc.'s TIBCO AuditSafe contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to execute API methods on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO AuditSafe: versions 1.1.0 and below.2022-02-15not yet calculatedCVE-2022-22770
CONFIRM
tibco -- businessconnect_container_edition
 
The Database component of TIBCO Software Inc.'s TIBCO BusinessConnect Container Edition contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to obtain the usernames and passwords of users of the affected system. Affected releases are TIBCO Software Inc.'s TIBCO BusinessConnect Container Edition: versions 1.1.0 and below.2022-02-15not yet calculatedCVE-2021-43049
CONFIRM
CONFIRM
tibco -- businessconnect_container_edition
 
The Auth Server component of TIBCO Software Inc.'s TIBCO BusinessConnect Container Edition contains an easily exploitable vulnerability that allows an unauthenticated attacker with local access to obtain administrative usernames and passwords for the affected system. Affected releases are TIBCO Software Inc.'s TIBCO BusinessConnect Container Edition: versions 1.1.0 and below.2022-02-15not yet calculatedCVE-2021-43050
CONFIRM
CONFIRM
totolink -- technology_routersA command injection vulnerability in the function meshSlaveDlfw of TOTOLINK Technology router T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 allows attackers to execute arbitrary commands via a crafted MQTT packet.2022-02-19not yet calculatedCVE-2022-25132
MISC
totolink -- technology_routersA command injection vulnerability in the function recvSlaveCloudCheckStatus of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10 V2_Firmware V4.1.8cu.5207_B20210320 allows attackers to execute arbitrary commands via a crafted MQTT packet.2022-02-19not yet calculatedCVE-2022-25131
MISC
totolink -- technology_routersA command injection vulnerability in the function setUpgradeFW of TOTOLINK Technology router T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 allows attackers to execute arbitrary commands via a crafted MQTT packet.2022-02-19not yet calculatedCVE-2022-25134
MISC
totolink -- technology_routersA command injection vulnerability in the function updateWifiInfo of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10 V2_Firmware V4.1.8cu.5207_B20210320 allows attackers to execute arbitrary commands via a crafted MQTT packet.2022-02-19not yet calculatedCVE-2022-25130
MISC
totolink -- technology_routers
 
A command injection vulnerability in the function isAssocPriDevice of TOTOLINK Technology router T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 allows attackers to execute arbitrary commands via a crafted MQTT packet.2022-02-19not yet calculatedCVE-2022-25133
MISC
totolink -- technology_routers
 
A command injection vulnerability in the function meshSlaveUpdate of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10 V2_Firmware V4.1.8cu.5207_B20210320 allows attackers to execute arbitrary commands via a crafted MQTT packet.2022-02-19not yet calculatedCVE-2022-25136
MISC
totolink -- technology_routers
 
A command injection vulnerability in the function recv_mesh_info_sync of TOTOLINK Technology router T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 allows attackers to execute arbitrary commands via a crafted MQTT packet.2022-02-19not yet calculatedCVE-2022-25135
MISC
totolink -- technology_routers
 
A command injection vulnerability in the function recvSlaveUpgstatus of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10 V2_Firmware V4.1.8cu.5207_B20210320 allows attackers to execute arbitrary commands via a crafted MQTT packet.2022-02-19not yet calculatedCVE-2022-25137
MISC
toword_of_tooffice -- toword_of_tooffice
 
An improper input validation leading to arbitrary file creation was discovered in ToWord of ToOffice. Remote attackers use this vulnerability to execute arbitrary file included malicious code.2022-02-18not yet calculatedCVE-2021-26618
MISC
tp-link -- routers
 
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AC1750 prior to 1.1.4 Build 20211022 rel.59103(5553) routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB.ko module. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15835.2022-02-18not yet calculatedCVE-2022-24354
MISC
tp-link -- routers
 
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR940N 3.20.1 Build 200316 Rel.34392n (5553) routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of file name extensions. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13910.2022-02-18not yet calculatedCVE-2022-24355
MISC
tp-link -- wi-fi_range_extender
 
TP-Link TL-WA850RE Wi-Fi Range Extender before v6_200923 was discovered to use highly predictable and easily detectable session keys, allowing attackers to gain administrative privileges.2022-02-18not yet calculatedCVE-2022-22922
MISC
MISC
traefik -- traefik
 
Traefik is an HTTP reverse proxy and load balancer. Prior to version 2.6.1, Traefik skips the router transport layer security (TLS) configuration when the host header is a fully qualified domain name (FQDN). For a request, the TLS configuration choice can be different than the router choice, which implies the use of a wrong TLS configuration. When sending a request using FQDN handled by a router configured with a dedicated TLS configuration, the TLS configuration falls back to the default configuration that might not correspond to the configured one. If the CNAME flattening is enabled, the selected TLS configuration is the SNI one and the routing uses the CNAME value, so this can skip the expected TLS configuration. Version 2.6.1 contains a patch for this issue. As a workaround, one may add the FDQN to the host rule. However, there is no workaround if the CNAME flattening is enabled.2022-02-17not yet calculatedCVE-2022-23632
CONFIRM
MISC
MISC
trigone -- remote_system_monitor
 
TRIGONE Remote System Monitor 3.61 is vulnerable to an unquoted path service allowing local users to launch processes with elevated privileges.2022-02-17not yet calculatedCVE-2021-46368
MISC
MISC
twentysix -- x26-cogs
 
x26-Cogs is a repository of cogs made by Twentysix for the Red Discord bot. Among these cogs is the Defender cog, a tool for Discord server moderation. A vulnerability in the Defender cog prior to version 1.10.0 allows users with admin privileges to issue commands as other users who share the same server. If a bot owner shares the same server as the attacker, it is possible for the attacker to issue bot-owner restricted commands. The issue has been patched in version 1.10.0. One may unload the Defender cog as a workaround.2022-02-15not yet calculatedCVE-2022-23604
MISC
MISC
CONFIRM
typo3 -- typo3An issue was discovered in the Varnishcache extension before 2.0.1 for TYPO3. The Edge Site Includes (ESI) content element renderer component does not include an access check. This allows an unauthenticated user to render various content elements, resulting in insecure direct object reference (IDOR), with the potential of exposing internal content elements.2022-02-19not yet calculatedCVE-2022-24979
CONFIRM
MISC
typo3 -- typo3
 
An issue was discovered in the Kitodo.Presentation (aka dif) extension before 2.3.2, 3.x before 3.2.3, and 3.3.x before 3.3.4 for TYPO3. A missing access check in an eID script allows an unauthenticated user to submit arbitrary URLs to this component. This results in SSRF, allowing attackers to view the content of any file or webpage the webserver has access to.2022-02-19not yet calculatedCVE-2022-24980
CONFIRM
MISC
valmet -- dna
 
A remote code execution vulnerability affecting a Valmet DNA service listening on TCP port 1517, allows an attacker to execute commands with SYSTEM privileges This issue affects: Valmet DNA versions from Collection 2012 until Collection 2021.2022-02-16not yet calculatedCVE-2021-26726
CONFIRM
MISC
vercel -- next.js
 
Next.js is a React framework. Starting with version 10.0.0 and prior to version 12.1.0, Next.js is vulnerable to User Interface (UI) Misrepresentation of Critical Information. In order to be affected, the `next.config.js` file must have an `images.domains` array assigned and the image host assigned in `images.domains` must allow user-provided SVG. If the `next.config.js` file has `images.loader` assigned to something other than default, the instance is not affected. Version 12.1.0 contains a patch for this issue. As a workaround, change `next.config.js` to use a different `loader configuration` other than the default.2022-02-17not yet calculatedCVE-2022-23646
CONFIRM
MISC
MISC
vim -- vim
 
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.2022-02-14not yet calculatedCVE-2022-0572
CONFIRM
MISC
FEDORA
vim -- vim
 
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.2022-02-17not yet calculatedCVE-2022-0629
MISC
CONFIRM
vmware -- esxi
 
ESXi contains a slow HTTP POST denial-of-service vulnerability in rhttpproxy. A malicious actor with network access to ESXi may exploit this issue to create a denial-of-service condition by overwhelming rhttpproxy service with multiple requests.2022-02-16not yet calculatedCVE-2021-22050
MISC
vmware -- multiple_products
 
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.2022-02-16not yet calculatedCVE-2021-22040
MISC
vmware -- multiple_products
 
VMware ESXi contains an unauthorized access vulnerability due to VMX having access to settingsd authorization tickets. A malicious actor with privileges within the VMX process only, may be able to access settingsd service running as a high privileged user.2022-02-16not yet calculatedCVE-2021-22042
MISC
vmware -- multiple_products
 
VMware ESXi contains a TOCTOU (Time-of-check Time-of-use) vulnerability that exists in the way temporary files are handled. A malicious actor with access to settingsd, may exploit this issue to escalate their privileges by writing arbitrary files.2022-02-16not yet calculatedCVE-2021-22043
MISC
vmware -- multiple_products
 
VMware ESXi, Workstation, and Fusion contain a double-fetch vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.2022-02-16not yet calculatedCVE-2021-22041
MISC
vmware -- nsx_edge
 
VMware NSX Edge contains a CLI shell injection vulnerability. A malicious actor with SSH access to an NSX-Edge appliance can execute arbitrary commands on the operating system as root.2022-02-16not yet calculatedCVE-2022-22945
MISC
vscode-xml -- vscode-xml
 
A flaw was found in vscode-xml in versions prior to 0.19.0. Schema download could lead to blind SSRF or DoS via a large file.2022-02-18not yet calculatedCVE-2022-0671
MISC
MISC
wago -- firmware
 
WAGO 750-8212 PFC200 G2 2ETH RS Firmware version 03.05.10(17) is affected by a privilege escalation vulnerability. Improper handling of user cookies leads to escalating privileges to administrative account of the router.2022-02-16not yet calculatedCVE-2021-46388
MISC
wasmtime -- wasmtime
 
Wasmtime is an open source runtime for WebAssembly & WASI. Prior to versions 0.34.1 and 0.33.1, there exists a bug in the pooling instance allocator in Wasmtime's runtime where a failure to instantiate an instance for a module that defines an `externref` global will result in an invalid drop of a `VMExternRef` via an uninitialized pointer. A number of conditions listed in the GitHub Security Advisory must be true in order for an instance to be vulnerable to this issue. Maintainers believe that the effective impact of this bug is relatively small because the usage of `externref` is still uncommon and without a resource limiter configured on the `Store`, which is not the default configuration, it is only possible to trigger the bug from an error returned by `mprotect` or `VirtualAlloc`. Note that on Linux with the `uffd` feature enabled, it is only possible to trigger the bug from a resource limiter as the call to `mprotect` is skipped. The bug has been fixed in 0.34.1 and 0.33.1 and users are encouraged to upgrade as soon as possible. If it is not possible to upgrade to version 0.34.1 or 0.33.1 of the `wasmtime` crate, it is recommend that support for the reference types proposal be disabled by passing `false` to `Config::wasm_reference_types`. Doing so will prevent modules that use `externref` from being loaded entirely.2022-02-16not yet calculatedCVE-2022-23636
CONFIRM
MISC
wikidocs -- wikidocsWikiDocs version 0.1.18 has multiple reflected XSS vulnerabilities on different pages.2022-02-19not yet calculatedCVE-2022-23376
MISC
MISC
MISC
MISC
wikidocs -- wikidocs
 
WikiDocs version 0.1.18 has an authenticated remote code execution vulnerability. An attacker can upload a malicious file using the image upload form through index.php.2022-02-19not yet calculatedCVE-2022-23375
MISC
MISC
MISC
MISC
wireguard -- wireguard
 
Netmaker is a platform for creating and managing virtual overlay networks using WireGuard. Prior to versions 0.8.5, 0.9.4, and 010.0, there is a hard-coded cryptographic key in the code base which can be exploited to run admin commands on a remote server if the exploiter know the address and username of the admin. This effects the server (netmaker) component, and not clients. This has been patched in Netmaker v0.8.5, v0.9.4, and v0.10.0. There are currently no known workarounds.2022-02-18not yet calculatedCVE-2022-23650
MISC
MISC
MISC
CONFIRM
wireshark -- wiresharkCrash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file2022-02-14not yet calculatedCVE-2022-0583
CONFIRM
MISC
MISC
wireshark -- wiresharkUnaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file2022-02-14not yet calculatedCVE-2022-0582
MISC
MISC
CONFIRM
wireshark -- wiresharkCrash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file2022-02-14not yet calculatedCVE-2022-0581
MISC
MISC
CONFIRM
wireshark -- wiresharkLarge loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture file2022-02-18not yet calculatedCVE-2022-0585
CONFIRM
MISC
wireshark -- wireshark
 
Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file2022-02-14not yet calculatedCVE-2022-0586
MISC
MISC
CONFIRM
wordpress_newsletter  -- wordpress_newsletter
 
The WordPress Newsletter Plugin WordPress plugin before 1.6.5 does not validate the to parameter before redirecting the user to its given value, leading to an open redirect issue2022-02-14not yet calculatedCVE-2021-25033
CONFIRM
MISC
wp_statistics -- wp_statistics
 
The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the exclusion_reason parameter found in the ~/includes/class-wp-statistics-exclusion.php file which allows attackers without authentication to inject arbitrary SQL queries to obtain sensitive information, in versions up to and including 13.1.4. This requires the "Record Exclusions" option to be enabled on the vulnerable site.2022-02-16not yet calculatedCVE-2022-0513
MISC
MISC
xerox -- phaser
 
Xerox Phaser 4622 v35.013.01.000 was discovered to contain a buffer overflow in the function sub_3226AC via the TIMEZONE variable. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data.2022-02-15not yet calculatedCVE-2021-37354
MISC
zerof -- web_server
 
ZEROF Web Server 2.0 allows /HandleEvent SQL Injection.2022-02-18not yet calculatedCVE-2022-25322
MISC
MISC
zerof -- web_server
 
ZEROF Web Server 2.0 allows /admin.back XSS.2022-02-18not yet calculatedCVE-2022-25323
MISC
MISC
zsh -- zsh
 
In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This occurs because of recursive PROMPT_SUBST expansion.2022-02-14not yet calculatedCVE-2021-45444
MISC
MISC
FEDORA
DEBIAN
MLIST
zzcms -- zzcms
 
An Incorrect Access Control vulnerability exists in zzcms 8.2, which lets a malicious user bypass authentication by changing the user name in the cookie to use any password.2022-02-14not yet calculatedCVE-2021-45347
MISC

Back to top

Please share your thoughts

We recently updated our anonymous product survey; we’d welcome your feedback.