Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-28501 | 1 Arista | 1 Terminattr | 2022-07-14 | 6.9 MEDIUM | 7.8 HIGH |
| An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration. | |||||
| CVE-2022-23714 | 2 Elastic, Microsoft | 2 Endpoint Security, Windows | 2022-07-14 | 7.2 HIGH | 7.8 HIGH |
| A local privilege escalation (LPE) issue was discovered in the ransomware canaries features of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account. | |||||
| CVE-2022-30929 | 1 Mini Tmall Project | 1 Mini Tmall | 2022-07-14 | 6.5 MEDIUM | 8.8 HIGH |
| Mini-Tmall v1.0 is vulnerable to Insecure Permissions via tomcat-embed-jasper. | |||||
| CVE-2022-30619 | 1 Agilepoint | 1 Agilepoint Nx | 2022-07-14 | 6.5 MEDIUM | 8.8 HIGH |
| Editable SQL Queries behind Base64 encoding sending from the Client-Side to The Server-Side for a particular API used in legacy Work Center module. He attack is available for any authenticated user, in any kind of rule. under the function : /AgilePointServer/Extension/FetchUsingEncodedData in the parameter: EncodedData | |||||
| CVE-2015-1784 | 1 Imagely | 1 Nextgen Gallery | 2022-07-14 | 6.5 MEDIUM | 8.8 HIGH |
| In nextgen-galery wordpress plugin before 2.0.77.3 there are two vulnerabilities which can allow an attacker to gain full access over the web application. The vulnerabilities lie in how the application validates user uploaded files and lack of security measures preventing unwanted HTTP requests. | |||||
| CVE-2022-33996 | 1 Devolutions | 1 Devolutions Server | 2022-07-14 | 6.5 MEDIUM | 8.8 HIGH |
| Incorrect permission management in Devolutions Server before 2022.2 allows a new user with a preexisting username to inherit the permissions of that previous user. | |||||
| CVE-2022-25048 | 1 Control-webpanel | 1 Webpanel | 2022-07-14 | 9.0 HIGH | 8.8 HIGH |
| Command injection vulnerability in CWP v0.9.8.1126 that allows normal users to run commands as the root user. | |||||
| CVE-2022-2339 | 1 Xgenecloud | 1 Nocodb | 2022-07-14 | 5.0 MEDIUM | 7.5 HIGH |
| With this SSRF vulnerability, an attacker can reach internal addresses to make a request as the server and read it's contents. This attack can lead to leak of sensitive information. | |||||
| CVE-2022-20859 | 1 Cisco | 3 Unified Communications Manager, Unified Communications Manager Im And Presence Service, Unity Connection | 2022-07-14 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability in the Disaster Recovery framework of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), and Cisco Unity Connection could allow an authenticated, remote attacker to perform certain administrative actions they should not be able to. This vulnerability is due to insufficient access control checks on the affected device. An attacker with read-only privileges could exploit this vulnerability by executing a specific vulnerable command on an affected device. A successful exploit could allow the attacker to perform a set of administrative actions they should not be able to. | |||||
| CVE-2021-25417 | 1 Google | 1 Android | 2022-07-14 | 5.0 MEDIUM | 7.5 HIGH |
| Improper authorization in SDP SDK prior to SMR JUN-2021 Release 1 allows access to internal storage. | |||||
| CVE-2021-25412 | 1 Google | 1 Android | 2022-07-14 | 7.2 HIGH | 7.8 HIGH |
| An improper access control vulnerability in genericssoservice prior to SMR JUN-2021 Release 1 allows local attackers to execute protected activity with system privilege via untrusted applications. | |||||
| CVE-2021-25374 | 2 Google, Samsung | 2 Android, Members | 2022-07-14 | 5.0 MEDIUM | 7.5 HIGH |
| An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2.4.83.9 in Android O(8.1) and below, and 3.9.00.9 in Android P(9.0) and above allows remote attackers to access a user data related with Samsung Account. | |||||
| CVE-2021-21551 | 1 Dell | 1 Dbutil 2 3.sys | 2022-07-14 | 4.6 MEDIUM | 7.8 HIGH |
| Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required. | |||||
| CVE-2021-25337 | 1 Google | 1 Android | 2022-07-14 | 5.8 MEDIUM | 7.1 HIGH |
| Improper access control in clipboard service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to read or write certain local files. | |||||
| CVE-2022-31883 | 1 Marvalglobal | 1 Marval Msm | 2022-07-14 | 4.0 MEDIUM | 8.8 HIGH |
| Marval MSM v14.19.0.12476 is has an Insecure Direct Object Reference (IDOR) vulnerability. A low privilege user is able to see other users API Keys including the Admins API Keys. | |||||
| CVE-2022-26078 | 1 Gallagher | 2 Controller 6000, Controller 6000 Firmware | 2022-07-14 | 7.8 HIGH | 7.5 HIGH |
| Gallagher Controller 6000 is vulnerable to a Denial of Service attack via conflicting ARP packets with a duplicate IP address. This issue affects: Gallagher Gallagher Controller 6000 vCR8.60 versions prior to 220303a; vCR8.50 versions prior to 220303a; vCR8.40 versions prior to 220303a; vCR8.30 versions prior to 220303a. | |||||
| CVE-2015-3173 | 1 Custom Content Type Manager Project | 1 Custom Content Type Manager | 2022-07-14 | 6.5 MEDIUM | 7.2 HIGH |
| custom-content-type-manager Wordpress plugin can be used by an administrator to achieve arbitrary PHP remote code execution. | |||||
| CVE-2021-4234 | 1 Openvpn | 1 Openvpn Access Server | 2022-07-14 | 5.0 MEDIUM | 7.5 HIGH |
| OpenVPN Access Server 2.10 and prior versions are susceptible to resending multiple packets in a response to a reset packet sent from the client which the client again does not respond to, resulting in a limited amplification attack. | |||||
| CVE-2022-21767 | 2 Google, Mediatek | 7 Android, Mt8167, Mt8175 and 4 more | 2022-07-14 | 8.3 HIGH | 8.8 HIGH |
| In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784430; Issue ID: ALPS06784430. | |||||
| CVE-2022-21768 | 2 Google, Mediatek | 7 Android, Mt8167s, Mt8175 and 4 more | 2022-07-14 | 8.3 HIGH | 8.8 HIGH |
| In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784351; Issue ID: ALPS06784351. | |||||
| CVE-2021-3697 | 2 Gnu, Redhat | 12 Grub, Codeready Linux Builder, Developer Tools and 9 more | 2022-07-14 | 4.4 MEDIUM | 7.0 HIGH |
| A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to be performed the attacker needs to perform some triage over the heap layout and craft an image with a malicious format and payload. This vulnerability can lead to data corruption and eventual code execution or secure boot circumvention. This flaw affects grub2 versions prior grub-2.12. | |||||
| CVE-2022-28935 | 1 Totolink | 12 A3000ru, A3000ru Firmware, A3100r and 9 more | 2022-07-14 | 6.5 MEDIUM | 7.2 HIGH |
| Totolink A830R V5.9c.4729_B20191112, Totolink A3100R V4.1.2cu.5050_B20200504, Totolink A950RG V4.1.2cu.5161_B20200903, Totolink A800R V4.1.2cu.5137_B20200730, Totolink A3000RU V5.9c.5185_B20201128, Totolink A810R V4.1.2cu.5182_B20201026 were discovered to contain a command injection vulnerability. | |||||
| CVE-2022-20082 | 2 Google, Mediatek | 19 Android, Mt6768, Mt6769 and 16 more | 2022-07-14 | 6.9 MEDIUM | 7.0 HIGH |
| In GPU, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07044730; Issue ID: ALPS07044730. | |||||
| CVE-2022-24138 | 1 Iobit | 1 Advanced Systemcare | 2022-07-14 | 7.2 HIGH | 7.8 HIGH |
| IOBit Advanced System Care (Asc.exe) 15 and Action Download Center both download components of IOBit suite into ProgramData folder, ProgramData folder has "rwx" permissions for unprivileged users. Low privilege users can use SetOpLock to wait for CreateProcess and switch the genuine component with a malicious executable thus gaining code execution as a high privilege user (Low Privilege -> high integrity ADMIN). | |||||
| CVE-2022-23642 | 1 Sourcegraph | 1 Sourcegraph | 2022-07-13 | 6.0 MEDIUM | 8.8 HIGH |
| Sourcegraph is a code search and navigation engine. Sourcegraph prior to version 3.37 is vulnerable to remote code execution in the `gitserver` service. The service acts as a git exec proxy, and fails to properly restrict calling `git config`. This allows an attacker to set the git `core.sshCommand` option, which sets git to use the specified command instead of ssh when they need to connect to a remote system. Exploitation of this vulnerability depends on how Sourcegraph is deployed. An attacker able to make HTTP requests to internal services like gitserver is able to exploit it. This issue is patched in Sourcegraph version 3.37. As a workaround, ensure that requests to gitserver are properly protected. | |||||
| CVE-2021-0981 | 1 Google | 1 Android | 2022-07-13 | 4.6 MEDIUM | 7.8 HIGH |
| In enqueueNotificationInternal of NotificationManagerService.java, there is a possible way to run a foreground service without showing a notification due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11Android ID: A-191981182 | |||||
| CVE-2022-32384 | 1 Tendacn | 2 Ac23 Ac2100, Ac23 Ac2100 Firmware | 2022-07-13 | 5.8 MEDIUM | 8.8 HIGH |
| Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the security_5g parameter in the function formWifiBasicSet. | |||||
| CVE-2022-31110 | 1 Rsshub | 1 Rsshub | 2022-07-13 | 5.0 MEDIUM | 7.5 HIGH |
| RSSHub is an open source, extensible RSS feed generator. In commits prior to 5c4177441417 passing some special values to the `filter` and `filterout` parameters can cause an abnormally high CPU. This results in an impact on the performance of the servers and RSSHub services which may lead to a denial of service. This issue has been fixed in commit 5c4177441417 and all users are advised to upgrade. There are no known workarounds for this issue. | |||||
| CVE-2022-34877 | 1 Vicidial | 1 Vicidial | 2022-07-13 | 9.0 HIGH | 8.8 HIGH |
| SQL Injection vulnerability in AST Agent Time Sheet interface ((/vicidial/AST_agent_time_sheet.php) of VICIdial via the agent parameter allows attacker to spoof identity, tamper with existing data, allow the complete disclosure of all data on the system, destroy the data or make it otherwise unavailable, and become administrators of the database server. This issue affects: VICIdial 2.14b0.5 versions prior to 3555. | |||||
| CVE-2022-28799 | 1 Tiktok | 1 Tiktok | 2022-07-13 | 6.8 MEDIUM | 8.8 HIGH |
| The TikTok application before 27.7.3 for Android allows account takeover. A crafted URL (unvalidated deeplink) can force the com.zhiliaoapp.musically WebView to load an arbitrary website. This may allow an attacker to leverage an attached JavaScript interface for the takeover with one click. | |||||
| CVE-2022-34878 | 1 Vicidial | 1 Vicidial | 2022-07-13 | 9.0 HIGH | 8.8 HIGH |
| SQL Injection vulnerability in User Stats interface (/vicidial/user_stats.php) of VICIdial via the file_download parameter allows attacker to spoof identity, tamper with existing data, allow the complete disclosure of all data on the system, destroy the data or make it otherwise unavailable, and become administrators of the database server. | |||||
| CVE-2014-3648 | 1 Redhat | 1 Jboss Aerogear | 2022-07-13 | 5.0 MEDIUM | 7.5 HIGH |
| The simplepush server iterates through the application installations and pushes a notification to the server provided by deviceToken. But this is user controlled. If a bogus applications is registered with bad deviceTokens, one can generate endless exceptions when those endpoints can't be reached or can slow the server down by purposefully wasting it's time with slow endpoints. Similarly, one can provide whatever HTTP end point they want. This turns the server into a DDOS vector or an anonymizer for the posting of malware and so on. | |||||
| CVE-2022-30563 | 1 Dahuasecurity | 80 Asi7213x, Asi7213x-t1, Asi7213x-t1 Firmware and 77 more | 2022-07-13 | 5.8 MEDIUM | 7.4 HIGH |
| When an attacker uses a man-in-the-middle attack to sniff the request packets with success logging in through ONVIF, he can log in to the device by replaying the user's login packet. | |||||
| CVE-2022-30560 | 1 Dahuasecurity | 80 Asi7213x, Asi7213x-t1, Asi7213x-t1 Firmware and 77 more | 2022-07-13 | 5.8 MEDIUM | 7.4 HIGH |
| When an attacker obtaining the administrative account and password, or through a man-in-the-middle attack, the attacker could send a specified crafted packet to the vulnerable interface then lead the device to crash. | |||||
| CVE-2022-34876 | 1 Vicidial | 1 Vicidial | 2022-07-13 | 8.5 HIGH | 8.8 HIGH |
| SQL Injection vulnerability in admin interface (/vicidial/admin.php) of VICIdial via modify_email_accounts, access_recordings, and agentcall_email parameters allows attacker to spoof identity, tamper with existing data, allow the complete disclosure of all data on the system, destroy the data or make it otherwise unavailable, and become administrators of the database server. This issue affects: VICIdial 2.14b0.5 versions prior to 3555. | |||||
| CVE-2022-32411 | 1 Hongcms Project | 1 Hongcms | 2022-07-13 | 6.5 MEDIUM | 7.2 HIGH |
| An issue in the languages config file of HongCMS v3.0 allows attackers to getshell. | |||||
| CVE-2022-32412 | 1 Hongcms Project | 1 Hongcms | 2022-07-13 | 6.5 MEDIUM | 7.2 HIGH |
| An issue in the /template/edit component of HongCMS v3.0 allows attackers to getshell. | |||||
| CVE-2022-23720 | 1 Pingidentity | 1 Pingid Integration For Windows Login | 2022-07-13 | 4.4 MEDIUM | 8.2 HIGH |
| PingID Windows Login prior to 2.8 does not alert or halt operation if it has been provisioned with the full permissions PingID properties file. An IT administrator could mistakenly deploy administrator privileged PingID API credentials, such as those typically used by PingFederate, into PingID Windows Login user endpoints. Using sensitive full permissions properties file outside of a privileged trust boundary leads to an increased risk of exposure or discovery, and an attacker could leverage these credentials to perform administrative actions against PingID APIs or endpoints. | |||||
| CVE-2022-21777 | 2 Google, Mediatek | 42 Android, Mt6580, Mt6735 and 39 more | 2022-07-13 | 4.6 MEDIUM | 7.8 HIGH |
| In Autoboot, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06713894; Issue ID: ALPS06713894. | |||||
| CVE-2022-25192 | 1 Jenkins | 1 Snow Commander | 2022-07-13 | 6.8 MEDIUM | 8.8 HIGH |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Snow Commander Plugin 1.10 and earlier allows attackers to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | |||||
| CVE-2022-30591 | 1 Quic-go Project | 1 Quic-go | 2022-07-13 | 5.0 MEDIUM | 7.5 HIGH |
| ** DISPUTED ** quic-go through 0.27.0 allows remote attackers to cause a denial of service (CPU consumption) via a Slowloris variant in which incomplete QUIC or HTTP/3 requests are sent. This occurs because mtu_discoverer.go misparses the MTU Discovery service and consequently overflows the probe timer. NOTE: the vendor's position is that this behavior should not be listed as a vulnerability on the CVE List. | |||||
| CVE-2022-31599 | 1 Nvidia | 2 Dgx A100, Dgx A100 Firmware | 2022-07-13 | 4.6 MEDIUM | 8.2 HIGH |
| NVIDIA DGX A100 contains a vulnerability in SBIOS in the Ofbd, where a local user with elevated privileges can cause access to an uninitialized pointer, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. The scope of impact can extend to other components. | |||||
| CVE-2022-31600 | 1 Nvidia | 2 Dgx A100, Dgx A100 Firmware | 2022-07-13 | 4.6 MEDIUM | 8.2 HIGH |
| NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmmCore, where a user with high privileges can chain another vulnerability to this vulnerability, causing an integer overflow, possibly leading to code execution, escalation of privileges, denial of service, compromised integrity, and information disclosure. The scope of impact can extend to other components. | |||||
| CVE-2022-34829 | 1 Zohocorp | 1 Manageengine Adselfservice Plus | 2022-07-13 | 5.0 MEDIUM | 7.5 HIGH |
| Zoho ManageEngine ADSelfService Plus before 6203 allows a denial of service (application restart) via a crafted payload to the Mobile App Deployment API. | |||||
| CVE-2021-23163 | 1 Jfrog | 1 Artifactory | 2022-07-13 | 6.8 MEDIUM | 8.8 HIGH |
| JFrog Artifactory prior to version 7.33.6 and 6.23.38, is vulnerable to CSRF ( Cross-Site Request Forgery) for specific endpoints. This issue affects: JFrog JFrog Artifactory JFrog Artifactory versions before 7.33.6 versions prior to 7.x; JFrog Artifactory versions before 6.23.38 versions prior to 6.x. | |||||
| CVE-2022-28327 | 1 Golang | 1 Go | 2022-07-13 | 5.0 MEDIUM | 7.5 HIGH |
| The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input. | |||||
| CVE-2021-44915 | 1 Taogogo | 1 Taocms | 2022-07-13 | 6.5 MEDIUM | 7.2 HIGH |
| Taocms 3.0.2 was discovered to contain a blind SQL injection vulnerability via the function Edit category. | |||||
| CVE-2021-43116 | 1 Alibaba | 1 Nacos | 2022-07-13 | 6.5 MEDIUM | 8.8 HIGH |
| An Access Control vulnerability exists in Nacos 2.0.3 in the access prompt page; enter username and password, click on login to capture packets and then change the returned package, which lets a malicious user login. | |||||
| CVE-2022-2309 | 2 Lxml, Xmlsoft | 2 Lxml, Libxml2 | 2022-07-13 | 5.0 MEDIUM | 7.5 HIGH |
| NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code sequence in the application. The vulnerability is caused by the iterwalk function (also used by the canonicalize function). Such code shouldn't be in wide-spread use, given that parsing + iterwalk would usually be replaced with the more efficient iterparse function. However, an XML converter that serialises to C14N would also be vulnerable, for example, and there are legitimate use cases for this code sequence. If untrusted input is received (also remotely) and processed via iterwalk function, a crash can be triggered. | |||||
| CVE-2022-28200 | 1 Nvidia | 2 Dgx A100, Dgx A100 Firmware | 2022-07-12 | 4.6 MEDIUM | 8.2 HIGH |
| NVIDIA DGX A100 contains a vulnerability in SBIOS in the BiosCfgTool, where a local user with elevated privileges can read and write beyond intended bounds in SMRAM, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. The scope of impact can extend to other components. | |||||