Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-5041 | 1 Aspose | 1 Aspose.words | 2022-06-27 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable Stack Based Buffer Overflow vulnerability exists in the EnumMetaInfo function of Aspose Aspose.Words library, version 18.11.0.0. A specially crafted doc file can cause a stack-based buffer overflow, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger this vulnerability. | |||||
| CVE-2019-5033 | 1 Aspose | 1 Aspose.cells | 2022-06-27 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable out-of-bounds read vulnerability exists in the Number record parser of Aspose Aspose.Cells 19.1.0 library. A specially crafted XLS file can cause an out-of-bounds read, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. | |||||
| CVE-2019-5036 | 1 Google | 2 Nest Cam Iq Indoor, Nest Cam Iq Indoor Firmware | 2022-06-27 | 7.8 HIGH | 7.5 HIGH |
| An exploitable denial-of-service vulnerability exists in the Weave error reporting functionality of the Nest Cam IQ Indoor, version 4620002. A specially crafted weave packets can cause an arbitrary Weave Exchange Session to close, resulting in a denial of service. An attacker can send a specially crafted packet to trigger this vulnerability. | |||||
| CVE-2019-5055 | 1 Netgear | 2 Wnr2000, Wnr2000 Firmware | 2022-06-27 | 5.0 MEDIUM | 7.5 HIGH |
| An exploitable denial-of-service vulnerability exists in the Host Access Point Daemon (hostapd) on the NETGEAR N300 (WNR2000v5 with Firmware Version V1.0.0.70) wireless router. A SOAP request sent in an invalid sequence to the <WFAWLANConfig:1#PutMessage> service can cause a null pointer dereference, resulting in the hostapd service crashing. An unauthenticated attacker can send a specially-crafted SOAP request to trigger this vulnerability. | |||||
| CVE-2019-5054 | 1 Netgear | 2 Wnr2000, Wnr2000 Firmware | 2022-06-27 | 5.0 MEDIUM | 7.5 HIGH |
| An exploitable denial-of-service vulnerability exists in the session handling functionality of the NETGEAR N300 (WNR2000v5 with Firmware Version V1.0.0.70) HTTP server. An HTTP request with an empty User-Agent string sent to a page requiring authentication can cause a null pointer dereference, resulting in the HTTP service crashing. An unauthenticated attacker can send a specially crafted HTTP request to trigger this vulnerability. | |||||
| CVE-2019-5042 | 1 Aspose | 1 Aspose.pdf For C\+\+ | 2022-06-27 | 6.5 MEDIUM | 8.8 HIGH |
| An exploitable Use-After-Free vulnerability exists in the way FunctionType 0 PDF elements are processed in Aspose.PDF 19.2 for C++. A specially crafted PDF can cause a dangling heap pointer, resulting in a use-after-free. An attacker can send a malicious PDF to trigger this vulnerability. | |||||
| CVE-2019-5053 | 1 Gonitro | 1 Nitropdf | 2022-06-27 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable use-after-free vulnerability exists in the Length parsing function of NitroPDF. A specially crafted PDF can cause a type confusion, resulting in a use-after-free condition. An attacker can craft a malicious PDF to trigger this vulnerability. | |||||
| CVE-2019-5048 | 1 Gonitro | 1 Nitropdf | 2022-06-27 | 6.8 MEDIUM | 7.8 HIGH |
| A specifically crafted PDF file can lead to a heap corruption when opened in NitroPDF 12.12.1.522. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim would need to open the malicious file. | |||||
| CVE-2019-5047 | 1 Gonitro | 1 Nitropdf | 2022-06-27 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable Use After Free vulnerability exists in the CharProcs parsing functionality of NitroPDF. A specially crafted PDF can cause a type confusion, resulting in a Use After Free. An attacker can craft a malicious PDF to trigger this vulnerability. | |||||
| CVE-2019-5046 | 1 Gonitro | 1 Nitropdf | 2022-06-27 | 6.8 MEDIUM | 7.8 HIGH |
| A specifically crafted jpeg2000 file embedded in a PDF file can lead to a heap corruption when opening a PDF document in NitroPDF 12.12.1.522. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim would need to open the malicious file. | |||||
| CVE-2019-5045 | 1 Gonitro | 1 Nitropdf | 2022-06-27 | 6.8 MEDIUM | 7.8 HIGH |
| A specifically crafted jpeg2000 file embedded in a PDF file can lead to a heap corruption when opening a PDF document in NitroPDF 12.12.1.522. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim would need to open the malicious file. | |||||
| CVE-2019-5150 | 1 Youphptube | 1 Youphptube | 2022-06-27 | 6.8 MEDIUM | 8.1 HIGH |
| An exploitable SQL injection vulnerability exist in YouPHPTube 7.7. When the "VideoTags" plugin is enabled, a specially crafted unauthenticated HTTP request can cause a SQL injection, possibly leading to denial of service, exfiltration of the database and local file inclusion, which could potentially further lead to code execution. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2019-5123 | 1 Youphptube | 1 Youphptube | 2022-06-27 | 6.5 MEDIUM | 8.8 HIGH |
| Specially crafted web requests can cause SQL injections in YouPHPTube 7.6. An attacker can send a web request with Parameter dir in /objects/pluginSwitch.json.php. | |||||
| CVE-2019-5122 | 1 Youphptube | 1 Youphptube | 2022-06-27 | 6.5 MEDIUM | 8.8 HIGH |
| SQL injection vulnerabilities exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with Parameter name in /objects/pluginSwitch.json.php. | |||||
| CVE-2019-5050 | 1 Gonitro | 1 Nitropdf | 2022-06-27 | 6.8 MEDIUM | 7.8 HIGH |
| A specifically crafted PDF file can lead to a heap corruption when opened in NitroPDF 12.12.1.522. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim would need to open the malicious file. | |||||
| CVE-2021-39402 | 1 Maianmedia | 1 Maianaffiliate | 2022-06-27 | 6.5 MEDIUM | 7.2 HIGH |
| MaianAffiliate v.1.0 is suffers from code injection by adding a new product via the admin panel. The injected payload is reflected on the affiliate main page for all authenticated and unauthenticated visitors. | |||||
| CVE-2019-5088 | 1 Investintech | 1 Able2extract | 2022-06-27 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable memory corruption vulnerability exists in Investintech Able2Extract Professional 14.0.7 x64. A specially crafted BMP file can cause an out-of-bounds memory write, allowing a potential attacker to execute arbitrary code on the victim machine. Can trigger this vulnerability by sending the user a specially crafted BMP file. | |||||
| CVE-2019-5043 | 1 Google | 2 Nest Cam Iq Indoor, Nest Cam Iq Indoor Firmware | 2022-06-27 | 7.8 HIGH | 7.5 HIGH |
| An exploitable denial-of-service vulnerability exists in the Weave daemon of the Nest Cam IQ Indoor, version 4620002. A set of TCP connections can cause unrestricted resource allocation, resulting in a denial of service. An attacker can connect multiple times to trigger this vulnerability. | |||||
| CVE-2019-5089 | 1 Investintech | 1 Able2extract | 2022-06-27 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable memory corruption vulnerability exists in Investintech Able2Extract Professional 4.0.7 x64. A specially crafted JPEG file can cause an out-of-bounds memory write, allowing an attacker to execute arbitrary code on the victim machine. An attacker could exploit a vulnerability by providing the user with a specially crafted JPEG file. | |||||
| CVE-2022-29509 | 1 Tandd | 3 T\&d Server, Thermo Recorder Data Server, Thermo Recorder Data Server Firmware | 2022-06-27 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in T&D Data Server (Japanese Edition) Ver.2.22 and earlier, T&D Data Server (English Edition) Ver.2.30 and earlier, THERMO RECORDER DATA SERVER (Japanese Edition) Ver.2.13 and earlier, and THERMO RECORDER DATA SERVER (English Edition) Ver.2.13 and earlier allows a remote attacker to view an arbitrary file on the server via unspecified vectors. | |||||
| CVE-2022-27176 | 1 Jscom | 3 Revoworks Browser, Revoworks Desktop, Revoworks Scvx | 2022-06-27 | 6.8 MEDIUM | 7.8 HIGH |
| Incomplete filtering of special elements vulnerability exists in RevoWorks SCVX using 'File Sanitization Library' 1.043 and prior versions, RevoWorks Browser 2.2.67 and prior versions (when using 'File Sanitization Option'), and RevoWorks Desktop 2.1.84 and prior versions (when using 'File Sanitization Option'), which may allow an attacker to execute a malicious macro by having a user to download, import, and open a specially crafted file in the local environment. | |||||
| CVE-2022-26302 | 1 Fujielectric | 1 V-sft | 2022-06-27 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based buffer overflow exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. | |||||
| CVE-2022-29257 | 1 Electronjs | 1 Electron | 2022-06-27 | 6.5 MEDIUM | 7.2 HIGH |
| Electron is a framework for writing cross-platform desktop applications using JavaScript (JS), HTML, and CSS. A vulnerability in versions prior to 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 allows attackers who have control over a given apps update server / update storage to serve maliciously crafted update packages that pass the code signing validation check but contain malicious code in some components. This kind of attack would require significant privileges in a potential victim's own auto updating infrastructure and the ease of that attack entirely depends on the potential victim's infrastructure security. Electron versions 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 contain a fix for this issue. There are no known workarounds. | |||||
| CVE-2022-30549 | 1 Fujielectric | 1 V-server | 2022-06-27 | 6.8 MEDIUM | 7.8 HIGH |
| Out-of-bounds read vulnerability exists in V-Server v4.0.11.0 and earlier and V-Server Lite v4.0.13.0 and earlier, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. | |||||
| CVE-2022-30546 | 1 Fujielectric | 1 Monitouch V-sft | 2022-06-27 | 6.8 MEDIUM | 7.8 HIGH |
| Out-of-bounds read vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. | |||||
| CVE-2022-30538 | 1 Fujielectric | 1 Monitouch V-sft | 2022-06-27 | 6.8 MEDIUM | 7.8 HIGH |
| Out-of-bounds write vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. | |||||
| CVE-2022-31054 | 1 Argoproj | 1 Argo Events | 2022-06-27 | 5.0 MEDIUM | 7.5 HIGH |
| Argo Events is an event-driven workflow automation framework for Kubernetes. Prior to version 1.7.1, several `HandleRoute` endpoints make use of the deprecated `ioutil.ReadAll()`. `ioutil.ReadAll()` reads all the data into memory. As such, an attacker who sends a large request to the Argo Events server will be able to crash it and cause denial of service. A patch for this vulnerability has been released in Argo Events version 1.7.1. | |||||
| CVE-2022-33174 | 1 Powertekpdus | 14 Basic Pdu, Basic Pdu Firmware, Piml Pdu and 11 more | 2022-06-27 | 5.0 MEDIUM | 7.5 HIGH |
| Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 allows remote authorization bypass in the web interface. To exploit the vulnerability, an attacker must send an HTTP packet to the data retrieval interface (/cgi/get_param.cgi) with the tmpToken cookie set to an empty string followed by a semicolon. This bypasses an active session authorization check. This can be then used to fetch the values of protected sys.passwd and sys.su.name fields that contain the username and password in cleartext. | |||||
| CVE-2022-29506 | 1 Fujielectric | 2 V-server, V-sft | 2022-06-27 | 6.8 MEDIUM | 7.8 HIGH |
| Out-of-bounds read vulnerability exist in the simulator module contained in the graphic editor 'V-SFT' v6.1.3.0 and earlier, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. | |||||
| CVE-2022-31447 | 1 Magicpin | 1 Magicpin | 2022-06-27 | 5.0 MEDIUM | 7.5 HIGH |
| An XML external entity (XXE) injection vulnerability in Magicpin v3.4 allows attackers to access sensitive database information via a crafted SVG file. | |||||
| CVE-2022-23169 | 1 Amodat | 1 Mobile Application Gateway | 2022-06-27 | 6.5 MEDIUM | 7.2 HIGH |
| attacker needs to craft a SQL payload. the vulnerable parameter is "agentid" must be authenticated to the admin panel. | |||||
| CVE-2022-31757 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-06-27 | 5.0 MEDIUM | 7.5 HIGH |
| The setting module has a vulnerability of improper use of APIs. Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2022-31753 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-06-27 | 5.0 MEDIUM | 7.5 HIGH |
| The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability. | |||||
| CVE-2022-31055 | 1 Google | 1 Kctf | 2022-06-27 | 5.0 MEDIUM | 7.5 HIGH |
| kCTF is a Kubernetes-based infrastructure for capture the flag (CTF) competitions. Prior to version 1.6.0, the kctf cluster set-src-ip-ranges was broken and allowed traffic from any IP. The problem has been patched in v1.6.0. As a workaround, those who want to test challenges privately can mark them as `public: false` and use `kctf chal debug port-forward` to connect. | |||||
| CVE-2021-46813 | 1 Huawei | 2 Emui, Magic Ui | 2022-06-27 | 5.0 MEDIUM | 7.5 HIGH |
| Vulnerability of residual files not being deleted after an update in the ChinaDRM module. Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2022-32981 | 1 Linux | 1 Linux Kernel | 2022-06-27 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered in the Linux kernel through 5.18.3 on powerpc 32-bit platforms. There is a buffer overflow in ptrace PEEKUSER and POKEUSER (aka PEEKUSR and POKEUSR) when accessing floating point registers. | |||||
| CVE-2022-31908 | 1 Student Registration And Fee Payment System Project | 1 Student Registration And Fee Payment System | 2022-06-27 | 6.5 MEDIUM | 7.2 HIGH |
| Student Registration and Fee Payment System v1.0 is vulnerable to SQL Injection via /scms/student.php. | |||||
| CVE-2022-31911 | 1 Online Discussion Forum Site Project | 1 Online Discussion Forum Site | 2022-06-27 | 6.5 MEDIUM | 7.2 HIGH |
| Online Discussion Forum Site v1.0 is vulnerable to SQL Injection via /odfs/classes/Master.php?f=delete_team. | |||||
| CVE-2022-31912 | 1 Online Tutor Portal Site Project | 1 Online Tutor Portal Site | 2022-06-27 | 6.5 MEDIUM | 7.2 HIGH |
| Online Tutor Portal Site v1.0 is vulnerable to SQL Injection via /otps/classes/Master.php?f=delete_team. | |||||
| CVE-2022-20664 | 1 Cisco | 2 Email Security Appliance, Secure Email And Web Manager | 2022-06-27 | 3.5 LOW | 7.7 HIGH |
| A vulnerability in the web management interface of Cisco Secure Email and Web Manager, formerly Cisco Security Management Appliance (SMA), and Cisco Email Security Appliance (ESA) could allow an authenticated, remote attacker to retrieve sensitive information from a Lightweight Directory Access Protocol (LDAP) external authentication server connected to an affected device. This vulnerability is due to a lack of proper input sanitization while querying the external authentication server. An attacker could exploit this vulnerability by sending a crafted query through an external authentication web page. A successful exploit could allow the attacker to gain access to sensitive information, including user credentials from the external authentication server. To exploit this vulnerability, an attacker would need valid operator-level (or higher) credentials. | |||||
| CVE-2021-30281 | 1 Qualcomm | 294 Aqt1000, Aqt1000 Firmware, Ar8031 and 291 more | 2022-06-27 | 7.2 HIGH | 7.8 HIGH |
| Possible unauthorized access to secure space due to improper check of data allowed while flashing the no access control device configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2022-31649 | 1 Owncloud | 1 Owncloud | 2022-06-27 | 5.0 MEDIUM | 7.5 HIGH |
| ownCloud owncloud/core before 10.10.0 Improperly Removes Sensitive Information Before Storage or Transfer. | |||||
| CVE-2022-25293 | 1 Watchguard | 1 Fireware | 2022-06-27 | 6.5 MEDIUM | 8.8 HIGH |
| A systemd stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2. | |||||
| CVE-2022-25292 | 1 Watchguard | 1 Fireware | 2022-06-27 | 6.5 MEDIUM | 8.8 HIGH |
| A wgagent stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2. | |||||
| CVE-2022-23850 | 1 Epub2txt Project | 1 Epub2txt | 2022-06-26 | 6.8 MEDIUM | 7.8 HIGH |
| xhtml_translate_entity in xhtml.c in epub2txt (aka epub2txt2) through 2.02 allows a stack-based buffer overflow via a crafted EPUB document. | |||||
| CVE-2022-28844 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2022-06-25 | 9.3 HIGH | 7.8 HIGH |
| Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-28843 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2022-06-25 | 9.3 HIGH | 7.8 HIGH |
| Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-28842 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2022-06-25 | 9.3 HIGH | 7.8 HIGH |
| Adobe Bridge version 12.0.1 (and earlier versions) is affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-28841 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2022-06-25 | 9.3 HIGH | 7.8 HIGH |
| Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-28840 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2022-06-25 | 9.3 HIGH | 7.8 HIGH |
| Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||