Search
Total
17685 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-31393 | 1 Jizhicms | 1 Jizhicms | 2022-06-15 | 6.4 MEDIUM | 9.1 CRITICAL |
| Jizhicms v2.2.5 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via the Index function in app/admin/c/PluginsController.php. | |||||
| CVE-2022-31313 | 1 Api-res-py Project | 1 Api-res-py | 2022-06-15 | 7.5 HIGH | 9.8 CRITICAL |
| api-res-py package in PyPI 0.1 is vulnerable to a code execution backdoor in the request package. | |||||
| CVE-2022-30882 | 1 Pyanxdns Project | 1 Pyanxdns | 2022-06-15 | 7.5 HIGH | 9.8 CRITICAL |
| pyanxdns package in PyPI version 0.2 is vulnerable to code execution backdoor. The impact is: execute arbitrary code (remote). When installing the pyanxdns package of version 0.2, the request package will be installed. | |||||
| CVE-2021-40589 | 1 Zangband-data Project | 1 Zangband-data | 2022-06-15 | 7.5 HIGH | 9.8 CRITICAL |
| ZAngband zangband-data 2.7.5 is affected by an integer underflow vulnerability in src/tk/plat.c through the variable fileheader.bfOffBits. | |||||
| CVE-2020-3992 | 1 Vmware | 2 Cloud Foundation, Esxi | 2022-06-15 | 10.0 HIGH | 9.8 CRITICAL |
| OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG) has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free in the OpenSLP service resulting in remote code execution. | |||||
| CVE-2020-36533 | 1 Klapp | 1 App | 2022-06-15 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability was found in Klapp App and classified as problematic. This issue affects some unknown processing of the JSON Web Token Handler. The manipulation leads to weak authentication. The attack may be initiated remotely. | |||||
| CVE-2022-31013 | 1 Chat Server Project | 1 Chat Server | 2022-06-14 | 7.5 HIGH | 9.8 CRITICAL |
| Chat Server is the chat server for Vartalap, an open-source messaging application. Versions 2.3.2 until 2.6.0 suffer from a bug in validating the access token, resulting in authentication bypass. The function `this.authProvider.verifyAccessKey` is an async function, as the code is not using `await` to wait for the verification result. Every time the function responds back with success, along with an unhandled exception if the token is invalid. A patch is available in version 2.6.0. | |||||
| CVE-2022-30909 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the CMD parameter at /goform/aspForm. | |||||
| CVE-2022-30912 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the UpdateWanParams parameter at /goform/aspForm. | |||||
| CVE-2022-30910 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the GO parameter at /goform/aspForm. | |||||
| CVE-2022-30914 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the UpdateMacClone parameter at /goform/aspForm. | |||||
| CVE-2022-30913 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the ipqos_set_bandwidth parameter at /goform/aspForm. | |||||
| CVE-2022-30919 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Edit_BasicSSID_5G parameter at /goform/aspForm. | |||||
| CVE-2022-30918 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Asp_SetTelnet parameter at /goform/aspForm. | |||||
| CVE-2022-30917 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the AddWlanMacList parameter at /goform/aspForm. | |||||
| CVE-2022-30916 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Asp_SetTelnetDebug parameter at /goform/aspForm. | |||||
| CVE-2022-30915 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the UpdateSnat parameter at /goform/aspForm. | |||||
| CVE-2022-30920 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Edit_BasicSSID parameter at /goform/aspForm. | |||||
| CVE-2022-30921 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the SetMobileAPInfoById parameter at /goform/aspForm. | |||||
| CVE-2022-30923 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Asp_SetTimingtimeWifiAndLed parameter at /goform/aspForm. | |||||
| CVE-2022-30922 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the EditWlanMacList parameter at /goform/aspForm. | |||||
| CVE-2022-30924 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the SetAPWifiorLedInfoById parameter at /goform/aspForm. | |||||
| CVE-2022-30925 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the AddMacList parameter at /goform/aspForm. | |||||
| CVE-2022-30926 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the EditMacList parameter at /goform/aspForm. | |||||
| CVE-2022-25361 | 1 Watchguard | 47 Firebox M200, Firebox M270, Firebox M290 and 44 more | 2022-06-14 | 6.4 MEDIUM | 9.1 CRITICAL |
| WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to delete arbitrary files from a limited set of directories on the system. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2. | |||||
| CVE-2022-30927 | 1 Simple Task Scheduling System Project | 1 Simple Task Scheduling System | 2022-06-14 | 7.5 HIGH | 9.8 CRITICAL |
| A SQL injection vulnerability exists in Simple Task Scheduling System 1.0 when MySQL is being used as the application database. An attacker can issue SQL commands to the MySQL database through the vulnerable "id" parameter. | |||||
| CVE-2022-31768 | 1 Ibm | 1 Infosphere Information Server | 2022-06-14 | 7.5 HIGH | 9.8 CRITICAL |
| IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. | |||||
| CVE-2022-31279 | 1 Laravel | 1 Laravel | 2022-06-14 | 7.5 HIGH | 9.8 CRITICAL |
| Laravel 9.1.8, when processing attacker-controlled data for deserialization, allows Remote Code Execution (RCE) via an unserialized pop chain in __destruct in Illuminate\Broadcasting\PendingBroadcast.php and __call in Faker\Generator.php. | |||||
| CVE-2022-25315 | 4 Debian, Fedoraproject, Libexpat Project and 1 more | 5 Debian Linux, Fedora, Libexpat and 2 more | 2022-06-14 | 7.5 HIGH | 9.8 CRITICAL |
| In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. | |||||
| CVE-2022-25236 | 3 Debian, Libexpat Project, Oracle | 4 Debian Linux, Libexpat, Http Server and 1 more | 2022-06-14 | 7.5 HIGH | 9.8 CRITICAL |
| xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. | |||||
| CVE-2022-25235 | 4 Debian, Fedoraproject, Libexpat Project and 1 more | 5 Debian Linux, Fedora, Libexpat and 2 more | 2022-06-14 | 7.5 HIGH | 9.8 CRITICAL |
| xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. | |||||
| CVE-2022-23990 | 5 Debian, Fedoraproject, Libexpat Project and 2 more | 5 Debian Linux, Fedora, Libexpat and 2 more | 2022-06-14 | 7.5 HIGH | 9.8 CRITICAL |
| Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. | |||||
| CVE-2022-23852 | 5 Debian, Libexpat Project, Netapp and 2 more | 6 Debian Linux, Libexpat, Clustered Data Ontap and 3 more | 2022-06-14 | 7.5 HIGH | 9.8 CRITICAL |
| Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES. | |||||
| CVE-2022-22824 | 2 Libexpat Project, Tenable | 2 Libexpat, Nessus | 2022-06-14 | 7.5 HIGH | 9.8 CRITICAL |
| defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | |||||
| CVE-2022-22823 | 2 Libexpat Project, Tenable | 2 Libexpat, Nessus | 2022-06-14 | 7.5 HIGH | 9.8 CRITICAL |
| build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | |||||
| CVE-2022-22822 | 2 Libexpat Project, Tenable | 2 Libexpat, Nessus | 2022-06-14 | 7.5 HIGH | 9.8 CRITICAL |
| addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | |||||
| CVE-2020-27304 | 2 Civetweb Project, Siemens | 2 Civetweb, Sinec Infrastructure Network Services | 2022-06-14 | 7.5 HIGH | 9.8 CRITICAL |
| The CivetWeb web library does not validate uploaded filepaths when running on an OS other than Windows, when using the built-in HTTP form-based file upload mechanism, via the mg_handle_form_request API. Web applications that use the file upload form handler, and use parts of the user-controlled filename in the output path, are susceptible to directory traversal | |||||
| CVE-2021-40438 | 6 Apache, Debian, F5 and 3 more | 9 Http Server, Debian Linux, F5os and 6 more | 2022-06-14 | 6.8 MEDIUM | 9.0 CRITICAL |
| A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier. | |||||
| CVE-2021-39275 | 5 Apache, Debian, Fedoraproject and 2 more | 7 Http Server, Debian Linux, Fedora and 4 more | 2022-06-14 | 7.5 HIGH | 9.8 CRITICAL |
| ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier. | |||||
| CVE-2019-5138 | 1 Moxa | 2 Awk-3131a, Awk-3131a Firmware | 2022-06-13 | 9.0 HIGH | 9.9 CRITICAL |
| An exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted diagnostic script file can cause arbitrary busybox commands to be executed, resulting in remote control over the device. An attacker can send diagnostic while authenticated as a low privilege user to trigger this vulnerability. | |||||
| CVE-2017-2922 | 1 Cesanta | 1 Mongoose | 2022-06-13 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause a buffer to be allocated while leaving stale pointers which leads to a use-after-free vulnerability which can be exploited to achieve remote code execution. An attacker needs to send a specially crafted websocket packet over the network to trigger this vulnerability. | |||||
| CVE-2017-2921 | 1 Cesanta | 1 Mongoose | 2022-06-13 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause an integer overflow, leading to a heap buffer overflow and resulting in denial of service and potential remote code execution. An attacker needs to send a specially crafted websocket packet over network to trigger this vulnerability. | |||||
| CVE-2018-1000007 | 5 Canonical, Debian, Fujitsu and 2 more | 20 Ubuntu Linux, Debian Linux, M10-1 and 17 more | 2022-06-13 | 5.0 MEDIUM | 9.8 CRITICAL |
| libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the `Location:` response header value. Sending the same set of headers to subsequent hosts is in particular a problem for applications that pass on custom `Authorization:` headers, as this header often contains privacy sensitive information or data that could allow others to impersonate the libcurl-using client's request. | |||||
| CVE-2017-1000353 | 2 Jenkins, Oracle | 2 Jenkins, Communications Cloud Native Core Automated Test Suite | 2022-06-13 | 7.5 HIGH | 9.8 CRITICAL |
| Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an unauthenticated remote code execution. An unauthenticated remote code execution vulnerability allowed attackers to transfer a serialized Java `SignedObject` object to the Jenkins CLI, that would be deserialized using a new `ObjectInputStream`, bypassing the existing blacklist-based protection mechanism. We're fixing this issue by adding `SignedObject` to the blacklist. We're also backporting the new HTTP CLI protocol from Jenkins 2.54 to LTS 2.46.2, and deprecating the remoting-based (i.e. Java serialization) CLI protocol, disabling it by default. | |||||
| CVE-2018-1000861 | 2 Jenkins, Redhat | 2 Jenkins, Openshift Container Platform | 2022-06-13 | 10.0 HIGH | 9.8 CRITICAL |
| A code execution vulnerability exists in the Stapler web framework used by Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in stapler/core/src/main/java/org/kohsuke/stapler/MetaClass.java that allows attackers to invoke some methods on Java objects by accessing crafted URLs that were not intended to be invoked this way. | |||||
| CVE-2019-9169 | 4 Canonical, Gnu, Mcafee and 1 more | 6 Ubuntu Linux, Glibc, Web Gateway and 3 more | 2022-06-13 | 7.5 HIGH | 9.8 CRITICAL |
| In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match. | |||||
| CVE-2019-5019 | 1 Rainbowpdf | 1 Office Server Document Converter | 2022-06-13 | 7.5 HIGH | 9.8 CRITICAL |
| A heap-based overflow vulnerability exists in the PowerPoint document conversion function of Rainbow PDF Office Server Document Converter V7.0 Pro R1 (7,0,2018,1113). While parsing Document Summary Property Set stream, the getSummaryInformation function is incorrectly checking the correlation between size and the number of properties in PropertySet packets, causing an out-of-bounds write that leads to heap corruption and consequent code execution. | |||||
| CVE-2019-1003029 | 2 Jenkins, Redhat | 2 Script Security, Openshift Container Platform | 2022-06-13 | 6.5 MEDIUM | 9.9 CRITICAL |
| A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.53 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java, src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to execute arbitrary code on the Jenkins master JVM. | |||||
| CVE-2019-5021 | 4 Alpinelinux, F5, Gliderlabs and 1 more | 4 Alpine Linux, Big-ip Controller, Docker-alpine and 1 more | 2022-06-13 | 10.0 HIGH | 9.8 CRITICAL |
| Versions of the Official Alpine Linux Docker images (since v3.3) contain a NULL password for the `root` user. This vulnerability appears to be the result of a regression introduced in December of 2015. Due to the nature of this issue, systems deployed using affected versions of the Alpine Linux container which utilize Linux PAM, or some other mechanism which uses the system shadow file as an authentication database, may accept a NULL password for the `root` user. | |||||
| CVE-2019-5016 | 2 Kcodes, Netgear | 5 Netusb.ko, R7900, R7900 Firmware and 2 more | 2022-06-13 | 6.4 MEDIUM | 9.1 CRITICAL |
| An exploitable arbitrary memory read vulnerability exists in the KCodes NetUSB.ko kernel module which enables the ReadySHARE Printer functionality of at least two NETGEAR Nighthawk Routers and potentially several other vendors/products. A specially crafted index value can cause an invalid memory read, resulting in a denial of service or remote information disclosure. An unauthenticated attacker can send a crafted packet on the local network to trigger this vulnerability. | |||||