Search
Total
17685 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-34584 | 1 Codesys | 1 Codesys | 2022-07-28 | 6.4 MEDIUM | 9.1 CRITICAL |
| Crafted web server requests can be utilised to read partial stack or heap memory or may trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22. | |||||
| CVE-2022-34756 | 1 Schneider-electric | 2 Easergy P5, Easergy P5 Firmware | 2022-07-27 | N/A | 9.8 CRITICAL |
| A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in remote code execution or the crash of HTTPs stack which is used for the device Web HMI. Affected Products: Easergy P5 (V01.401.102 and prior) | |||||
| CVE-2022-35628 | 1 In2code | 1 Living User Experience | 2022-07-27 | 7.5 HIGH | 9.8 CRITICAL |
| A SQL injection issue was discovered in the lux extension before 17.6.1, and 18.x through 24.x before 24.0.2, for TYPO3. | |||||
| CVE-2022-24082 | 1 Pega | 1 Infinity | 2022-07-27 | N/A | 9.8 CRITICAL |
| If an on-premise installation of the Pega Platform is configured with the port for the JMX interface exposed to the Internet and port filtering is not properly configured, then it may be possible to upload serialized payloads to attack the underlying system. This does not affect systems running on PegaCloud due to its design and architecture. | |||||
| CVE-2022-35912 | 1 Grails | 1 Grails | 2022-07-27 | N/A | 9.8 CRITICAL |
| In grails-databinding in Grails before 3.3.15, 4.x before 4.1.1, 5.x before 5.1.9, and 5.2.x before 5.2.1 (at least when certain Java 8 configurations are used), data binding allows a remote attacker to execute code by gaining access to the class loader. | |||||
| CVE-2022-24657 | 1 Goldshell | 1 Goldshell Miner Firmware | 2022-07-27 | N/A | 9.8 CRITICAL |
| Goldshell ASIC Miners v2.1.x was discovered to contain hardcoded credentials which allow attackers to remotely connect via the SSH protocol (port 22). | |||||
| CVE-2022-2141 | 1 Micodus | 2 Mv720, Mv720 Firmware | 2022-07-27 | N/A | 9.8 CRITICAL |
| SMS-based GPS commands can be executed by MiCODUS MV720 GPS tracker without authentication. | |||||
| CVE-2022-2107 | 1 Micodus | 2 Mv720, Mv720 Firmware | 2022-07-27 | N/A | 9.8 CRITICAL |
| The MiCODUS MV720 GPS tracker API server has an authentication mechanism that allows devices to use a hard-coded master password. This may allow an attacker to send SMS commands directly to the GPS tracker as if they were coming from the GPS owner’s mobile number. | |||||
| CVE-2022-34045 | 1 Wavlink | 2 Wl-wn530hg4, Wl-wn530hg4 Firmware | 2022-07-27 | N/A | 9.8 CRITICAL |
| Wavlink WN530HG4 M30HG4.V5030.191116 was discovered to contain a hardcoded encryption/decryption key for its configuration files at /etc_ro/lighttpd/www/cgi-bin/ExportAllSettings.sh. | |||||
| CVE-2022-20857 | 1 Cisco | 1 Nexus Dashboard | 2022-07-27 | N/A | 9.8 CRITICAL |
| Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2022-20858 | 1 Cisco | 1 Nexus Dashboard | 2022-07-27 | N/A | 9.8 CRITICAL |
| Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2022-33318 | 2 Iconics, Mitsubishielectric | 2 Genesis64, Mc Works64 | 2022-07-27 | N/A | 9.8 CRITICAL |
| Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows a remote unauthenticated attacker to execute an arbitrary malicious code by sending specially crafted packets to the GENESIS64 server. | |||||
| CVE-2022-33319 | 2 Iconics, Mitsubishielectric | 2 Genesis64, Mc Works64 | 2022-07-27 | N/A | 9.1 CRITICAL |
| Out-of-bounds Read vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows a remote unauthenticated attacker to disclose information on memory or cause a Denial of Service (DoS) condition by sending specially crafted packets to the GENESIS64 server. | |||||
| CVE-2022-28711 | 1 Ardupilot | 1 Apweb | 2022-07-27 | 7.5 HIGH | 9.8 CRITICAL |
| A memory corruption vulnerability exists in the cgi.c unescape functionality of ArduPilot APWeb master branch 50b6b7ac - master branch 46177cb9. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability. | |||||
| CVE-2015-8031 | 1 Eclipse | 1 Hudson | 2022-07-27 | N/A | 9.8 CRITICAL |
| Hudson (aka org.jvnet.hudson.main:hudson-core) before 3.3.2 allows XXE attacks. | |||||
| CVE-2022-1312 | 1 Google | 1 Chrome | 2022-07-27 | N/A | 9.6 CRITICAL |
| Use after free in storage in Google Chrome prior to 100.0.4896.88 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. | |||||
| CVE-2022-1309 | 1 Google | 1 Chrome | 2022-07-27 | N/A | 9.6 CRITICAL |
| Insufficient policy enforcement in developer tools in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | |||||
| CVE-2022-32213 | 2 Llhttp, Nodejs | 2 Llhttp, Node.js | 2022-07-27 | N/A | 9.1 CRITICAL |
| The llhttp parser in the http module in Node.js v17.x does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling (HRS). | |||||
| CVE-2022-32215 | 2 Llhttp, Nodejs | 2 Llhttp, Node.js | 2022-07-27 | N/A | 9.1 CRITICAL |
| The llhttp parser in the http module in Node v17.6.0 does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS). | |||||
| CVE-2022-32214 | 2 Llhttp, Nodejs | 2 Llhttp, Node.js | 2022-07-27 | N/A | 9.1 CRITICAL |
| The llhttp parser in the http module in Node.js does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS). | |||||
| CVE-2018-11320 | 1 Octopus | 1 Octopus Server | 2022-07-27 | 5.0 MEDIUM | 9.8 CRITICAL |
| In Octopus Deploy 2018.4.4 through 2018.5.1, Octopus variables that are sourced from the target do not have sensitive values obfuscated in the deployment logs. | |||||
| CVE-2022-27404 | 2 Fedoraproject, Freetype | 2 Fedora, Freetype | 2022-07-27 | 7.5 HIGH | 9.8 CRITICAL |
| FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face. | |||||
| CVE-2022-35409 | 1 Arm | 1 Mbed Tls | 2022-07-27 | N/A | 9.1 CRITICAL |
| An issue was discovered in Mbed TLS before 2.28.1 and 3.x before 3.2.0. In some configurations, an unauthenticated attacker can send an invalid ClientHello message to a DTLS server that causes a heap-based buffer over-read of up to 255 bytes. This can cause a server crash or possibly information disclosure based on error responses. Affected configurations have MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE enabled and MBEDTLS_SSL_IN_CONTENT_LEN less than a threshold that depends on the configuration: 258 bytes if using mbedtls_ssl_cookie_check, and possibly up to 571 bytes with a custom cookie check function. | |||||
| CVE-2022-2467 | 1 Garage Management System Project | 1 Garage Management System | 2022-07-27 | N/A | 9.8 CRITICAL |
| A vulnerability has been found in SourceCodester Garage Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument username with the input 1@a.com' AND (SELECT 6427 FROM (SELECT(SLEEP(5)))LwLu) AND 'hsvT'='hsvT leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2022-31137 | 1 Roxy-wi | 1 Roxy-wi | 2022-07-26 | 10.0 HIGH | 9.8 CRITICAL |
| Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Versions prior to 6.1.1.0 are subject to a remote code execution vulnerability. System commands can be run remotely via the subprocess_execute function without processing the inputs received from the user in the /app/options.py file. Attackers need not be authenticated to exploit this vulnerability. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2022-28805 | 1 Lua | 1 Lua | 2022-07-26 | 6.4 MEDIUM | 9.1 CRITICAL |
| singlevar in lparser.c in Lua from (including) 5.4.0 up to (excluding) 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code. | |||||
| CVE-2022-34632 | 1 Linuxfoundation | 1 Rocket Chip Generator | 2022-07-26 | N/A | 9.1 CRITICAL |
| Rocket-Chip commit 4f8114374d8824dfdec03f576a8cd68bebce4e56 was discovered to contain insufficient cryptography via the component /rocket/RocketCore.scala. | |||||
| CVE-2022-34635 | 1 Openhwgroup | 1 Cva6 | 2022-07-26 | N/A | 9.8 CRITICAL |
| The mstatus.sd field in CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a does not update when the mstatus.fs field is set to Dirty. | |||||
| CVE-2022-34599 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2022-07-26 | N/A | 9.8 CRITICAL |
| H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the EdittriggerList interface at /goform/aspForm. | |||||
| CVE-2022-34601 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2022-07-26 | N/A | 9.8 CRITICAL |
| H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the Delstlist interface at /goform/aspForm. | |||||
| CVE-2022-34600 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2022-07-26 | N/A | 9.8 CRITICAL |
| H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the EditSTList interface at /goform/aspForm. | |||||
| CVE-2022-34603 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2022-07-26 | N/A | 9.8 CRITICAL |
| H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the DelDNSHnList interface at /goform/aspForm. | |||||
| CVE-2022-34602 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2022-07-26 | N/A | 9.8 CRITICAL |
| H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the ipqos_lanip_editlist interface at /goform/aspForm. | |||||
| CVE-2022-34605 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2022-07-26 | N/A | 9.8 CRITICAL |
| H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the HOST parameter at /dotrace.asp. | |||||
| CVE-2022-34604 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2022-07-26 | N/A | 9.8 CRITICAL |
| H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the INTF parameter at /dotrace.asp. | |||||
| CVE-2022-2486 | 1 Wavlink | 4 Wl-wn535k2, Wl-wn535k2 Firmware, Wl-wn535k3 and 1 more | 2022-07-26 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, was found in WAVLINK WN535K2 and WN535K3. This affects an unknown part of the file /cgi-bin/mesh.cgi?page=upgrade. The manipulation of the argument key leads to os command injection. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2022-2487 | 1 Wavlink | 4 Wl-wn535k2, Wl-wn535k2 Firmware, Wl-wn535k3 and 1 more | 2022-07-26 | N/A | 9.8 CRITICAL |
| A vulnerability has been found in WAVLINK WN535K2 and WN535K3 and classified as critical. This vulnerability affects unknown code of the file /cgi-bin/nightled.cgi. The manipulation of the argument start_hour leads to os command injection. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2022-2488 | 1 Wavlink | 4 Wl-wn535k2, Wl-wn535k2 Firmware, Wl-wn535k3 and 1 more | 2022-07-26 | N/A | 9.8 CRITICAL |
| A vulnerability was found in WAVLINK WN535K2 and WN535K3 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/touchlist_sync.cgi. The manipulation of the argument IP leads to os command injection. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2022-0977 | 1 Google | 2 Chrome, Chrome Os | 2022-07-26 | N/A | 9.6 CRITICAL |
| Use after free in Browser UI in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-34606 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2022-07-26 | N/A | 9.8 CRITICAL |
| H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the EditvsList parameter at /dotrace.asp. | |||||
| CVE-2022-34608 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2022-07-26 | N/A | 9.8 CRITICAL |
| H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the ajaxmsg parameter at /AJAX/ajaxget. | |||||
| CVE-2022-34607 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2022-07-26 | N/A | 9.8 CRITICAL |
| H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the HOST parameter at /doping.asp. | |||||
| CVE-2022-34610 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2022-07-26 | N/A | 9.8 CRITICAL |
| H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the URL /ihomers/app. | |||||
| CVE-2022-34609 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2022-07-26 | N/A | 9.8 CRITICAL |
| H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the INTF parameter at /doping.asp. | |||||
| CVE-2022-28888 | 1 Spryker | 1 Cloud Commerce | 2022-07-26 | 7.5 HIGH | 9.8 CRITICAL |
| Spryker Commerce OS 1.4.2 allows Remote Command Execution. | |||||
| CVE-2022-20229 | 1 Google | 1 Android | 2022-07-26 | 10.0 HIGH | 9.8 CRITICAL |
| In bta_hf_client_handle_cind_list_item of bta_hf_client_at.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-224536184 | |||||
| CVE-2022-20238 | 1 Google | 1 Android | 2022-07-26 | 10.0 HIGH | 9.8 CRITICAL |
| 'remap_pfn_range' here may map out of size kernel memory (for example, may map the kernel area), and because the 'vma->vm_page_prot' can also be controlled by userspace, so userspace may map the kernel area to be writable, which is easy to be exploitedProduct: AndroidVersions: Android SoCAndroid ID: A-233154555 | |||||
| CVE-2022-32073 | 1 Wolfssh | 1 Wolfssh | 2022-07-26 | 7.5 HIGH | 9.8 CRITICAL |
| WolfSSH v1.4.7 was discovered to contain an integer overflow via the function wolfSSH_SFTP_RecvRMDIR. | |||||
| CVE-2022-32985 | 1 Nexans | 26 Gigaswitch 641 Desk V5 Sfp-vi, Gigaswitch 641 Desk V5 Sfp-vi Firmware, Gigaswitch 642 Desk V5 Sfp-2vi and 23 more | 2022-07-25 | N/A | 9.8 CRITICAL |
| libnx_apl.so on Nexans FTTO GigaSwitch before 6.02N and 7.x before 7.02 implements a Backdoor Account for SSH logins on port 50200 or 50201. | |||||
| CVE-2021-40874 | 2 Debian, Lemonldap-ng | 2 Debian Linux, Lemonldap\ | 2022-07-25 | N/A | 9.8 CRITICAL |
| An issue was discovered in LemonLDAP::NG (aka lemonldap-ng) 2.0.13. When using the RESTServer plug-in to operate a REST password validation service (for another LemonLDAP::NG instance, for example) and using the Kerberos authentication method combined with another method with the Combination authentication plug-in, any password will be recognized as valid for an existing user. | |||||