Search
Total
399 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-25237 | 1 Bonitasoft | 1 Bonita Web | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| Bonita Web 2021.2 is affected by a authentication/authorization bypass vulnerability due to an overly broad exclude pattern used in the RestAPIAuthorizationFilter. By appending ;i18ntranslation or /../i18ntranslation/ to the end of a URL, users with no privileges can access privileged API endpoints. This can lead to remote code execution by abusing the privileged API actions. | |||||
| CVE-2022-21129 | 1 Paypal | 1 Nemo-appium | 2023-08-08 | N/A | 9.8 CRITICAL |
| Versions of the package nemo-appium before 0.0.9 are vulnerable to Command Injection due to improper input sanitization in the 'module.exports.setup' function. **Note:** In order to exploit this vulnerability appium-running 0.1.3 has to be installed as one of nemo-appium dependencies. | |||||
| CVE-2022-42042 | 1 Democritus | 1 D8s-networking | 2023-08-08 | N/A | 9.8 CRITICAL |
| The d8s-networking package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hashes package. The affected version is 0.1.0. | |||||
| CVE-2022-4390 | 1 Netgear | 2 Ax2400, Ax2400 Firmware | 2023-08-08 | N/A | 10.0 CRITICAL |
| A network misconfiguration is present in versions prior to 1.0.9.90 of the NETGEAR RAX30 AX2400 series of routers. IPv6 is enabled for the WAN interface by default on these devices. While there are firewall restrictions in place that define access restrictions for IPv4 traffic, these restrictions do not appear to be applied to the WAN interface for IPv6. This allows arbitrary access to any services running on the device that may be inadvertently listening via IPv6, such as the SSH and Telnet servers spawned on ports 22 and 23 by default. This misconfiguration could allow an attacker to interact with services only intended to be accessible by clients on the local network. | |||||
| CVE-2022-21191 | 1 Global-modules-path Project | 1 Global-modules-path | 2023-08-08 | N/A | 9.8 CRITICAL |
| Versions of the package global-modules-path before 3.0.0 are vulnerable to Command Injection due to missing input sanitization or other checks and sandboxes being employed to the getPath function. | |||||
| CVE-2022-29514 | 1 Intel | 1 System Usage Report | 2023-08-08 | N/A | 9.8 CRITICAL |
| Improper access control in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | |||||
| CVE-2021-41844 | 1 Crocoblock | 1 Jetengine | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| Crocoblock JetEngine before 2.9.1 does not properly validate and sanitize form data. | |||||
| CVE-2022-26843 | 1 Intel | 2 Oneapi Dpc\+\+\/c\+\+ Compiler, Oneapi Toolkits | 2023-08-08 | N/A | 9.8 CRITICAL |
| Insufficient visual distinction of homoglyphs presented to user in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.1 for Intel(R) oneAPI Toolkits before version 2022.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | |||||
| CVE-2022-47003 | 1 Murasoftware | 1 Mura Cms | 2023-08-08 | N/A | 9.8 CRITICAL |
| A vulnerability in the Remember Me function of Mura CMS before v10.0.580 allows attackers to bypass authentication via a crafted web request. | |||||
| CVE-2021-35587 | 1 Oracle | 1 Access Manager | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: OpenSSO Agent). Supported versions that are affected are 11.1.2.3.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager. Successful attacks of this vulnerability can result in takeover of Oracle Access Manager. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). | |||||
| CVE-2022-21186 | 1 Acrontum | 1 Filesystem-template | 2023-08-08 | N/A | 9.8 CRITICAL |
| The package @acrontum/filesystem-template before 0.0.2 are vulnerable to Arbitrary Command Injection due to the fetchRepo API missing sanitization of the href field of external input. | |||||
| CVE-2022-27128 | 1 Zbzcms | 1 Zbzcms | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| An incorrect access control issue at /admin/run_ajax.php in zbzcms v1.0 allows attackers to arbitrarily add administrator accounts. | |||||
| CVE-2021-39409 | 1 Online Student Rate System Project | 1 Online Student Rate System | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability exists in Online Student Rate System v1.0 that allows any user to register as an administrator without needing to be authenticated. | |||||
| CVE-2021-25648 | 1 Testes-codigo | 1 Testes De Codigo | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| Mobile application "Testes de Codigo" 11.4 and prior allows an attacker to gain access to the administrative interface and premium features by tampering the boolean value of parameters "isAdmin" and "isPremium" located on device storage. | |||||
| CVE-2022-24595 | 1 Automotivelinux | 1 Kooky Koi | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| Automotive Grade Linux Kooky Koi 11.0.0, 11.0.1, 11.0.2, 11.0.3, 11.0.4, and 11.0.5 is affected by Incorrect Access Control in usr/bin/afb-daemon. To exploit the vulnerability, an attacker should send a well-crafted HTTP (or WebSocket) request to the socket listened by the afb-daemon process. No credentials nor user interactions are required. | |||||
| CVE-2022-36436 | 1 Osuosl | 1 Twisted Vnc Authentication Proxy | 2023-08-08 | N/A | 9.8 CRITICAL |
| OSU Open Source Lab VNCAuthProxy through 1.1.1 is affected by an vncap/vnc/protocol.py VNCServerAuthenticator authentication-bypass vulnerability that could allow a malicious actor to gain unauthorized access to a VNC session or to disconnect a legitimate user from a VNC session. A remote attacker with network access to the proxy server could leverage this vulnerability to connect to VNC servers protected by the proxy server without providing any authentication credentials. Exploitation of this issue requires that the proxy server is currently accepting connections for the target VNC server. | |||||
| CVE-2022-38768 | 1 Transtek | 1 Mojodat Fixed Asset Management | 2023-08-08 | N/A | 9.8 CRITICAL |
| The mobile application in Transtek Mojodat FAM (Fixed Asset Management) 2.4.6 allows remote attackers to bypass authorization. | |||||
| CVE-2022-2778 | 3 Linux, Microsoft, Octopus | 3 Linux Kernel, Windows, Octopus Server | 2023-08-08 | N/A | 9.8 CRITICAL |
| In affected versions of Octopus Deploy it is possible to bypass rate limiting on login using null bytes. | |||||
| CVE-2022-27411 | 1 Totolink | 2 N600r, N600r Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLINK N600R v5.3c.5507_B20171031 was discovered to contain a command injection vulnerability via the QUERY_STRING parameter in the "Main" function. | |||||
| CVE-2022-35522 | 1 Wavlink | 10 Wn530h4, Wn530h4 Firmware, Wn531p3 and 7 more | 2023-08-08 | N/A | 9.8 CRITICAL |
| WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: ppp_username, ppp_passwd, rwan_gateway, rwan_mask and rwan_ip, which leads to command injection in page /wan.shtml. | |||||
| CVE-2022-35523 | 1 Wavlink | 10 Wn530h4, Wn530h4 Firmware, Wn531p3 and 7 more | 2023-08-08 | N/A | 9.8 CRITICAL |
| WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameter del_mac and parameter flag, which leads to command injection in page /cli_black_list.shtml. | |||||
| CVE-2022-35537 | 1 Wavlink | 10 Wn530h4, Wn530h4 Firmware, Wn531p3 and 7 more | 2023-08-08 | N/A | 9.8 CRITICAL |
| WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameters: mac_5g and Newname, which leads to command injection in page /wifi_mesh.shtml. | |||||
| CVE-2021-35395 | 1 Realtek | 1 Realtek Jungle Sdk | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Realtek Jungle SDK version v2.x up to v3.4.14B provides an HTTP web server exposing a management interface that can be used to configure the access point. Two versions of this management interface exists: one based on Go-Ahead named webs and another based on Boa named boa. Both of them are affected by these vulnerabilities. Specifically, these binaries are vulnerable to the following issues: - stack buffer overflow in formRebootCheck due to unsafe copy of submit-url parameter - stack buffer overflow in formWsc due to unsafe copy of submit-url parameter - stack buffer overflow in formWlanMultipleAP due to unsafe copy of submit-url parameter - stack buffer overflow in formWlSiteSurvey due to unsafe copy of ifname parameter - stack buffer overflow in formStaticDHCP due to unsafe copy of hostname parameter - stack buffer overflow in formWsc due to unsafe copy of 'peerPin' parameter - arbitrary command execution in formSysCmd via the sysCmd parameter - arbitrary command injection in formWsc via the 'peerPin' parameter Exploitability of identified issues will differ based on what the end vendor/manufacturer did with the Realtek SDK webserver. Some vendors use it as-is, others add their own authentication implementation, some kept all the features from the server, some remove some of them, some inserted their own set of features. However, given that Realtek SDK implementation is full of insecure calls and that developers tends to re-use those examples in their custom code, any binary based on Realtek SDK webserver will probably contains its own set of issues on top of the Realtek ones (if kept). Successful exploitation of these issues allows remote attackers to gain arbitrary code execution on the device. | |||||
| CVE-2022-26198 | 1 Notable | 1 Notable | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| Notable v1.8.4 does not filter text editing, allowing attackers to execute arbitrary code via a crafted payload injected into the Title text field. | |||||
| CVE-2022-25987 | 1 Intel | 2 C\+\+ Compiler Classic, Oneapi Toolkits | 2023-08-08 | N/A | 9.8 CRITICAL |
| Improper handling of Unicode encoding in source code to be compiled by the Intel(R) C++ Compiler Classic before version 2021.6 for Intel(R) oneAPI Toolkits before version 2022.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | |||||
| CVE-2021-27101 | 1 Accellion | 1 Fta | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| Accellion FTA 9_12_370 and earlier is affected by SQL injection via a crafted Host header in a request to document_root.html. The fixed version is FTA_9_12_380 and later. | |||||
| CVE-2022-36267 | 1 Airspan | 2 Airspot 5410, Airspot 5410 Firmware | 2023-08-08 | N/A | 9.8 CRITICAL |
| In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Unauthenticated remote command injection vulnerability. The ping functionality can be called without user authentication when crafting a malicious http request by injecting code in one of the parameters allowing for remote code execution. This vulnerability is exploited via the binary file /home/www/cgi-bin/diagnostics.cgi that accepts unauthenticated requests and unsanitized data. As a result, a malicious actor can craft a specific request and interact remotely with the device. | |||||
| CVE-2022-26352 | 1 Dotcms | 1 Dotcms | 2023-08-08 | 6.8 MEDIUM | 9.8 CRITICAL |
| An issue was discovered in the ContentResource API in dotCMS 3.0 through 22.02. Attackers can craft a multipart form request to post a file whose filename is not initially sanitized. This allows directory traversal, in which the file is saved outside of the intended storage location. If anonymous content creation is enabled, this allows an unauthenticated attacker to upload an executable file, such as a .jsp file, that can lead to remote code execution. | |||||
| CVE-2022-41326 | 1 Mitel | 1 Micollab | 2023-08-08 | N/A | 9.8 CRITICAL |
| The web conferencing component of Mitel MiCollab through 9.6.0.13 could allow an unauthenticated attacker to upload arbitrary scripts due to improper authorization controls. A successful exploit could allow remote code execution within the context of the application. | |||||
| CVE-2022-35521 | 1 Wavlink | 10 Wn530h4, Wn530h4 Firmware, Wn531p3 and 7 more | 2023-08-08 | N/A | 9.8 CRITICAL |
| WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameters: remoteManagementEnabled, blockPortScanEnabled, pingFrmWANFilterEnabled and blockSynFloodEnabled, which leads to command injection in page /man_security.shtml. | |||||
| CVE-2022-25923 | 1 Exec-local-bin Project | 1 Exec-local-bin | 2023-08-08 | N/A | 9.8 CRITICAL |
| Versions of the package exec-local-bin before 1.2.0 are vulnerable to Command Injection via the theProcess() functionality due to improper user-input sanitization. | |||||
| CVE-2022-25765 | 2 Fedoraproject, Pdfkit Project | 2 Fedora, Pdfkit | 2023-08-08 | N/A | 9.8 CRITICAL |
| The package pdfkit from 0.0.0 are vulnerable to Command Injection where the URL is not properly sanitized. | |||||
| CVE-2022-23144 | 1 Zte | 30 Zxa10 B700v7, Zxa10 B700v7 Firmware, Zxa10 B710c-a12 and 27 more | 2023-08-08 | N/A | 9.1 CRITICAL |
| There is a broken access control vulnerability in ZTE ZXvSTB product. Due to improper permission control, attackers could use this vulnerability to delete the default application type, which affects normal use of system. | |||||
| CVE-2022-35520 | 1 Wavlink | 10 Wn530h4, Wn530h4 Firmware, Wn531p3 and 7 more | 2023-08-08 | N/A | 9.8 CRITICAL |
| WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 api.cgi has no filtering on parameter ufconf, and this is a hidden parameter which doesn't appear in POST body, but exist in cgi binary. This leads to command injection in page /ledonoff.shtml. | |||||
| CVE-2022-25226 | 1 Cybelsoft | 1 Thinvnc | 2023-08-08 | 7.5 HIGH | 10.0 CRITICAL |
| ThinVNC version 1.0b1 allows an unauthenticated user to bypass the authentication process via 'http://thin-vnc:8080/cmd?cmd=connect' by obtaining a valid SID without any kind of authentication. It is possible to achieve code execution on the server by sending keyboard or mouse events to the server. | |||||
| CVE-2022-35519 | 1 Wavlink | 10 Wn530h4, Wn530h4 Firmware, Wn531p3 and 7 more | 2023-08-08 | N/A | 9.8 CRITICAL |
| WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameter add_mac, which leads to command injection in page /cli_black_list.shtml. | |||||
| CVE-2021-43996 | 1 Facade | 1 Ignition | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| The Ignition component before 1.16.15, and 2.0.x before 2.0.6, for Laravel has a "fix variable names" feature that can lead to incorrect access control. | |||||
| CVE-2022-24331 | 1 Jetbrains | 1 Teamcity | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| In JetBrains TeamCity before 2021.1.4, GitLab authentication impersonation was possible. | |||||
| CVE-2022-35518 | 1 Wavlink | 10 Wn530h4, Wn530h4 Firmware, Wn531p3 and 7 more | 2023-08-08 | N/A | 9.8 CRITICAL |
| WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 nas.cgi has no filtering on parameters: User1Passwd and User1, which leads to command injection in page /nas_disk.shtml. | |||||
| CVE-2022-35535 | 1 Wavlink | 10 Wn530h4, Wn530h4 Firmware, Wn531p3 and 7 more | 2023-08-08 | N/A | 9.8 CRITICAL |
| WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameter macAddr, which leads to command injection in page /wifi_mesh.shtml. | |||||
| CVE-2021-35394 | 1 Realtek | 1 Realtek Jungle Sdk | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that is usually compiled as 'UDPServer' binary. The binary is affected by multiple memory corruption vulnerabilities and an arbitrary command injection vulnerability that can be exploited by remote unauthenticated attackers. | |||||
| CVE-2022-25644 | 1 Get-process-by-name Project | 1 Get-process-by-name | 2023-08-08 | N/A | 9.8 CRITICAL |
| All versions of package @pendo324/get-process-by-name are vulnerable to Arbitrary Code Execution due to improper sanitization of getProcessByName function. | |||||
| CVE-2022-26318 | 1 Watchguard | 1 Fireware | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2. | |||||
| CVE-2022-25962 | 1 Vagrant.js Project | 1 Vagrant.js | 2023-08-08 | N/A | 9.8 CRITICAL |
| All versions of the package vagrant.js are vulnerable to Command Injection via the boxAdd function due to improper input sanitization. | |||||
| CVE-2022-25890 | 1 Wifey Project | 1 Wifey | 2023-08-08 | N/A | 9.8 CRITICAL |
| All versions of the package wifey are vulnerable to Command Injection via the connect() function due to improper input sanitization. | |||||
| CVE-2022-34827 | 1 Carel | 2 Boss Mini, Boss Mini Firmware | 2023-08-08 | N/A | 9.9 CRITICAL |
| Carel Boss Mini 1.5.0 has Improper Access Control. | |||||
| CVE-2022-35536 | 1 Wavlink | 10 Wn530h4, Wn530h4 Firmware, Wn531p3 and 7 more | 2023-08-08 | N/A | 9.8 CRITICAL |
| WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 qos.cgi has no filtering on parameters: qos_bandwith and qos_dat, which leads to command injection in page /qos.shtml. | |||||
| CVE-2022-30877 | 1 Keep Project | 1 Keep | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| The keep for python, as distributed on PyPI, included a code-execution backdoor inserted by a third party. The current version, without this backdoor, is 1.2. | |||||
| CVE-2022-35524 | 1 Wavlink | 10 Wn530h4, Wn530h4 Firmware, Wn531p3 and 7 more | 2023-08-08 | N/A | 9.8 CRITICAL |
| WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: wlan_signal, web_pskValue, sel_EncrypTyp, sel_Automode, wlan_bssid, wlan_ssid and wlan_channel, which leads to command injection in page /wizard_rep.shtml. | |||||
| CVE-2022-35538 | 1 Wavlink | 10 Wn530h4, Wn530h4 Firmware, Wn531p3 and 7 more | 2023-08-08 | N/A | 9.8 CRITICAL |
| WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameters: delete_list, delete_al_mac, b_delete_list and b_delete_al_mac, which leads to command injection in page /wifi_mesh.shtml. | |||||