Search
Total
17685 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-1367 | 1 Deltaww | 1 Diaenergie | 2022-05-10 | 10.0 HIGH | 9.8 CRITICAL |
| Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in Handler_TCV.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands. | |||||
| CVE-2022-1366 | 1 Deltaww | 1 Diaenergie | 2022-05-10 | 10.0 HIGH | 9.8 CRITICAL |
| Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in HandlerChart.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands. | |||||
| CVE-2022-27982 | 1 Ruijienetworks | 2 Rg-nbr2100g-e, Rg-nbr2100g-e Firmware | 2022-05-10 | 7.5 HIGH | 9.8 CRITICAL |
| RG-NBR-E Enterprise Gateway RG-NBR2100G-E was discovered to contain a remote code execution (RCE) vulnerability via the fileName parameter at /guest_auth/cfg/upLoadCfg.php. | |||||
| CVE-2022-28994 | 1 Smallsrv | 1 Small Http Server | 2022-05-10 | 7.5 HIGH | 9.8 CRITICAL |
| Small HTTP Server version 3.06 suffers from a remote buffer overflow vulnerability via long GET request. | |||||
| CVE-2022-28480 | 1 Allmediaserver | 1 Allmediaserver | 2022-05-10 | 7.5 HIGH | 9.8 CRITICAL |
| ALLMediaServer 1.6 is vulnerable to Buffer Overflow via MediaServer.exe. | |||||
| CVE-2021-3711 | 5 Debian, Netapp, Openssl and 2 more | 31 Debian Linux, Active Iq Unified Manager, Clustered Data Ontap and 28 more | 2022-05-10 | 7.5 HIGH | 9.8 CRITICAL |
| In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the "out" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). | |||||
| CVE-2022-29904 | 1 Mediawiki | 1 Mediawiki | 2022-05-10 | 7.5 HIGH | 9.8 CRITICAL |
| The SemanticDrilldown extension for MediaWiki through 1.37.2 (before e688bdba6434591b5dff689a45e4d53459954773) allows SQL injection with certain '-' and '_' constraints. | |||||
| CVE-2022-25089 | 1 Kofax | 1 Printix | 2022-05-10 | 7.5 HIGH | 9.8 CRITICAL |
| Printix Secure Cloud Print Management through 1.3.1106.0 incorrectly uses Privileged APIs to modify values in HKEY_LOCAL_MACHINE via UITasks.PersistentRegistryData. | |||||
| CVE-2022-1020 | 1 Codeastrology | 1 Woo Product Table | 2022-05-10 | 7.5 HIGH | 9.8 CRITICAL |
| The Product Table for WooCommerce (wooproducttable) WordPress plugin before 3.1.2 does not have authorisation and CSRF checks in the wpt_admin_update_notice_option AJAX action (available to both unauthenticated and authenticated users), as well as does not validate the callback parameter, allowing unauthenticated attackers to call arbitrary functions with either none or one user controlled argument | |||||
| CVE-2021-3643 | 1 Sox Project | 1 Sox | 2022-05-10 | 6.4 MEDIUM | 9.1 CRITICAL |
| A flaw was found in sox 14.4.1. The lsx_adpcm_init function within libsox leads to a global-buffer-overflow. This flaw allows an attacker to input a malicious file, leading to the disclosure of sensitive information. | |||||
| CVE-2022-27466 | 1 Mingsoft | 1 Mcms | 2022-05-10 | 7.5 HIGH | 9.8 CRITICAL |
| MCMS v5.2.27 was discovered to contain a SQL injection vulnerability in the orderBy parameter at /dict/list.do. | |||||
| CVE-2021-42001 | 1 Pingidentity | 1 Pingid Desktop | 2022-05-10 | 5.0 MEDIUM | 9.8 CRITICAL |
| PingID Desktop prior to 1.7.3 has a misconfiguration in the encryption libraries which can lead to sensitive data exposure. An attacker capable of exploiting this vulnerability may be able to successfully complete an MFA challenge via OTP. | |||||
| CVE-2021-41992 | 1 Pingidentity | 1 Pingid Integration For Windows Login | 2022-05-10 | 5.0 MEDIUM | 9.8 CRITICAL |
| A misconfiguration of RSA in PingID Windows Login prior to 2.7 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass. | |||||
| CVE-2022-29556 | 1 Northern.tech | 1 Mender | 2022-05-10 | 7.5 HIGH | 9.8 CRITICAL |
| The iot-manager microservice 1.0.0 in Northern.tech Mender Enterprise before 3.2.2 allows SSRF because the Azure IoT Hub integration provides several SSRF primitives that can execute cross-tenant actions via internal API endpoints. | |||||
| CVE-2022-23723 | 1 Pingidentity | 1 Pingone Mfa Integration Kit | 2022-05-10 | 7.5 HIGH | 9.8 CRITICAL |
| An MFA bypass vulnerability exists in the PingFederate PingOne MFA Integration Kit when adapter HTML templates are used as part of an authentication flow. | |||||
| CVE-2022-28585 | 1 Phome | 1 Empirecms | 2022-05-09 | 7.5 HIGH | 9.8 CRITICAL |
| EmpireCMS 7.5 has a SQL injection vulnerability in AdClass.php | |||||
| CVE-2022-28561 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2022-05-09 | 10.0 HIGH | 9.8 CRITICAL |
| There is a stack overflow vulnerability in the /goform/setMacFilterCfg function in the httpd service of Tenda ax12 22.03.01.21_cn router. An attacker can obtain a stable shell through a carefully constructed payload | |||||
| CVE-2022-1300 | 1 Trumpf | 3 Trutops Boost, Trutops Fab, Trutops Monitor | 2022-05-09 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple Version of TRUMPF TruTops products expose a service function without necessary authentication. Execution of this function may result in unauthorized access to change of data or disruption of the whole service. | |||||
| CVE-2022-28481 | 1 Csv-safe Project | 1 Csv-safe | 2022-05-09 | 7.5 HIGH | 9.8 CRITICAL |
| CSV-Safe gem < 3.0.0 doesn't filter out special characters which could trigger CSV Injection. | |||||
| CVE-2022-27962 | 1 Bluecms Project | 1 Bluecms | 2022-05-09 | 7.5 HIGH | 9.8 CRITICAL |
| Bluecms 1.6 has a SQL injection vulnerability at cooike. | |||||
| CVE-2022-0771 | 1 Marketingheroes | 1 Sitesupercharger | 2022-05-09 | 7.5 HIGH | 9.8 CRITICAL |
| The SiteSuperCharger WordPress plugin before 5.2.0 does not validate, sanitise and escape various user inputs before using them in SQL statements via AJAX actions (available to both unauthenticated and authenticated users), leading to Unauthenticated SQL Injections | |||||
| CVE-2021-43934 | 1 Smartptt | 1 Smartptt Scada | 2022-05-09 | 7.5 HIGH | 9.8 CRITICAL |
| Elcomplus SmartPTT is vulnerable as the backup and restore system does not adequately validate upload requests, enabling a malicious user to potentially upload arbitrary files. | |||||
| CVE-2022-0773 | 1 Documentor Project | 1 Documentor | 2022-05-09 | 7.5 HIGH | 9.8 CRITICAL |
| The Documentor WordPress plugin through 1.5.3 fails to sanitize and escape user input before it is being interpolated in an SQL statement and then executed, leading to an SQL Injection exploitable by unauthenticated users. | |||||
| CVE-2022-1281 | 1 10web | 1 Photo Gallery | 2022-05-09 | 7.5 HIGH | 9.8 CRITICAL |
| The Photo Gallery WordPress plugin through 1.6.3 does not properly escape the $_POST['filter_tag'] parameter, which is appended to an SQL query, making SQL Injection attacks possible. | |||||
| CVE-2021-3897 | 2 Ibm, Lenovo | 10 Nextscale Fan Power Controller, Nextscale Fan Power Controller Firmware, Nextscale N1200 Enclosure and 7 more | 2022-05-09 | 7.5 HIGH | 9.8 CRITICAL |
| An authentication bypass vulnerability was discovered in an internal service of the Lenovo Fan Power Controller2 (FPC2) and Lenovo System Management Module (SMM) firmware during an that could allow an unauthenticated attacker to execute commands on the SMM and FPC2. SMM2 is not affected. | |||||
| CVE-2021-3849 | 2 Ibm, Lenovo | 10 Nextscale Fan Power Controller, Nextscale Fan Power Controller Firmware, Nextscale N1200 Enclosure and 7 more | 2022-05-09 | 7.5 HIGH | 9.8 CRITICAL |
| An authentication bypass vulnerability was discovered in the web interface of the Lenovo Fan Power Controller2 (FPC2) and Lenovo System Management Module (SMM) firmware that could allow an unauthenticated attacker to execute commands on the SMM and FPC2. SMM2 is not affected. | |||||
| CVE-2022-28719 | 1 Hammock | 1 Assetview | 2022-05-09 | 9.3 HIGH | 9.8 CRITICAL |
| Missing authentication for critical function in AssetView prior to Ver.13.2.0 allows a remote unauthenticated attacker with some knowledge on the system configuration to upload a crafted configuration file to the managing server, which may result in the managed clients to execute arbitrary code with the administrative privilege. | |||||
| CVE-2021-41816 | 1 Ruby-lang | 2 Cgi, Ruby | 2022-05-08 | 7.5 HIGH | 9.8 CRITICAL |
| CGI.escape_html in Ruby before 2.7.5 and 3.x before 3.0.3 has an integer overflow and resultant buffer overflow via a long string on platforms (such as Windows) where size_t and long have different numbers of bytes. This also affects the CGI gem before 0.3.1 for Ruby. | |||||
| CVE-2021-46442 | 1 Dlink | 2 Dir-825, Dir-825 Firmware | 2022-05-07 | 7.5 HIGH | 9.8 CRITICAL |
| In the "webupg" binary of D-Link DIR-825 G1, attackers can bypass authentication through parameters "autoupgrade.asp", and perform functions such as downloading configuration files and updating firmware without authorization. | |||||
| CVE-2022-28114 | 1 Dscms Project | 1 Dscms | 2022-05-07 | 6.4 MEDIUM | 9.1 CRITICAL |
| DSCMS v3.0 was discovered to contain an arbitrary file deletion vulnerability via /controller/Adv.php. | |||||
| CVE-2021-26937 | 3 Debian, Fedoraproject, Gnu | 3 Debian Linux, Fedora, Screen | 2022-05-06 | 7.5 HIGH | 9.8 CRITICAL |
| encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write access and application crash) or possibly have unspecified other impact via a crafted UTF-8 character sequence. | |||||
| CVE-2021-41921 | 1 Novel-plus Project | 1 Novel-plus | 2022-05-06 | 7.5 HIGH | 9.8 CRITICAL |
| novel-plus V3.6.1 allows unrestricted file uploads. Unrestricted file suffixes and contents can lead to server attacks and arbitrary code execution. | |||||
| CVE-2022-28101 | 1 Lyonbros | 1 Turtl | 2022-05-06 | 6.0 MEDIUM | 9.0 CRITICAL |
| Turtlapp Turtle Note v0.7.2.6 does not filter the <meta> tag during markdown parsing, allowing attackers to execute HTML injection. | |||||
| CVE-2022-24881 | 1 Ballcat | 1 Codegen | 2022-05-06 | 7.5 HIGH | 9.8 CRITICAL |
| Ballcat Codegen provides the function of online editing code to generate templates. In versions prior to 1.0.0.beta.2, attackers can implement remote code execution through malicious code injection of the template engine. This happens because Velocity and freemarker templates are introduced but input verification is not done. The fault is rectified in version 1.0.0.beta.2. | |||||
| CVE-2022-29806 | 1 Zoneminder | 1 Zoneminder | 2022-05-06 | 7.5 HIGH | 9.8 CRITICAL |
| ZoneMinder before 1.36.13 allows remote code execution via an invalid language. Ability to create a debug log file at an arbitrary pathname contributes to exploitability. | |||||
| CVE-2022-28464 | 1 Apifox | 1 Apifox | 2022-05-05 | 6.0 MEDIUM | 9.0 CRITICAL |
| Apifox through 2.1.6 is vulnerable to Cross Site Scripting (XSS) which can lead to remote code execution. | |||||
| CVE-2022-27299 | 1 Hospital Management System Project | 1 Hospital Management System | 2022-05-05 | 7.5 HIGH | 9.8 CRITICAL |
| Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the component room.php. | |||||
| CVE-2022-27469 | 1 Monstaftp | 1 Monsta Ftp | 2022-05-05 | 7.5 HIGH | 9.8 CRITICAL |
| Monstaftp v2.10.3 was discovered to allow attackers to execute Server-Side Request Forgery (SSRF). | |||||
| CVE-2022-27468 | 1 Monstaftp | 1 Monsta Ftp | 2022-05-05 | 7.5 HIGH | 9.8 CRITICAL |
| Monstaftp v2.10.3 was discovered to contain an arbitrary file upload which allows attackers to execute arbitrary code via a crafted file uploaded to the web server. | |||||
| CVE-2022-29499 | 1 Mitel | 1 Mivoice Connect | 2022-05-05 | 10.0 HIGH | 9.8 CRITICAL |
| The Service Appliance component in Mitel MiVoice Connect through 19.2 SP3 allows remote code execution because of incorrect data validation. The Service Appliances are SA 100, SA 400, and Virtual SA. | |||||
| CVE-2022-27985 | 1 Cuppacms | 1 Cuppacms | 2022-05-05 | 7.5 HIGH | 9.8 CRITICAL |
| CuppaCMS v1.0 was discovered to contain a SQL injection vulnerability via /administrator/alerts/alertLightbox.php. | |||||
| CVE-2022-27984 | 1 Cuppacms | 1 Cuppacms | 2022-05-05 | 7.5 HIGH | 9.8 CRITICAL |
| CuppaCMS v1.0 was discovered to contain a SQL injection vulnerability via the menu_filter parameter at /administrator/templates/default/html/windows/right.php. | |||||
| CVE-2021-45837 | 1 Terra-master | 3 F2-210, F4-210, Tos | 2022-05-05 | 10.0 HIGH | 9.8 CRITICAL |
| It is possible to execute arbitrary commands as root in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) by sending a specifically crafted input to /tos/index.php?app/del. | |||||
| CVE-2021-45840 | 1 Terra-master | 3 F2-210, F4-210, Tos | 2022-05-05 | 10.0 HIGH | 9.8 CRITICAL |
| It is possible to execute arbitrary commands as root in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) by sending specifically crafted input to /tos/index.php?app/app_start_stop. | |||||
| CVE-2022-27311 | 1 Gibbon Project | 1 Gibbon | 2022-05-05 | 7.5 HIGH | 9.8 CRITICAL |
| Gibbon v3.4.4 and below allows attackers to execute a Server-Side Request Forgery (SSRF) via a crafted URL. | |||||
| CVE-2022-27429 | 1 Jizhicms | 1 Jizhicms | 2022-05-05 | 7.5 HIGH | 9.8 CRITICAL |
| Jizhicms v1.9.5 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via /admin.php/Plugins/update.html. | |||||
| CVE-2022-1391 | 1 Kanev | 1 Cab Fare Calculator | 2022-05-05 | 7.5 HIGH | 9.8 CRITICAL |
| The Cab fare calculator WordPress plugin through 1.0.3 does not validate the controller parameter before using it in require statements, which could lead to Local File Inclusion issues. | |||||
| CVE-2022-28093 | 1 Online Sports Complex Booking System Project | 1 Online Sports Complex Booking System | 2022-05-05 | 7.5 HIGH | 9.8 CRITICAL |
| SCBS Online Sports Venue Reservation System v1.0 was discovered to contain a local file inclusion vulnerability which allow attackers to execute arbitrary code via a crafted PHP file. | |||||
| CVE-2021-38162 | 1 Sap | 1 Web Dispatcher | 2022-05-05 | 7.5 HIGH | 9.4 CRITICAL |
| SAP Web Dispatcher versions - 7.49, 7.53, 7.77, 7.81, KRNL64NUC - 7.22, 7.22EXT, 7.49, KRNL64UC -7.22, 7.22EXT, 7.49, 7.53, KERNEL - 7.22, 7.49, 7.53, 7.77, 7.81, 7.83 processes allow an unauthenticated attacker to submit a malicious crafted request over a network to a front-end server which may, over several attempts, result in a back-end server confusing the boundaries of malicious and legitimate messages. This can result in the back-end server executing a malicious payload which can be used to read or modify any information on the server or consume server resources making it temporarily unavailable. | |||||
| CVE-2022-28524 | 1 Ed01-cms Project | 1 Ed01-cms | 2022-05-04 | 7.5 HIGH | 9.8 CRITICAL |
| ED01-CMS v20180505 was discovered to contain a SQL injection vulnerability via the component post.php. | |||||