Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-5024 | 1 Capsuletech | 2 Smartlinx Neuron 2, Smartlinx Neuron 2 Firmware | 2022-06-13 | 7.2 HIGH | 7.6 HIGH |
| A restricted environment escape vulnerability exists in the “kiosk mode” function of Capsule Technologies SmartLinx Neuron 2 medical information collection devices running versions 9.0.3 or lower. A specific series of keyboard inputs can escape the restricted environment, resulting in full administrator access to the underlying operating system. An attacker can connect to the device via USB port with a keyboard or other HID device to trigger this vulnerability. | |||||
| CVE-2019-5018 | 2 Canonical, Sqlite | 2 Ubuntu Linux, Sqlite | 2022-06-13 | 6.8 MEDIUM | 8.1 HIGH |
| An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this vulnerability. | |||||
| CVE-2022-27781 | 1 Haxx | 1 Curl | 2022-06-13 | 5.0 MEDIUM | 7.5 HIGH |
| libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation. | |||||
| CVE-2019-13565 | 7 Apple, Canonical, Debian and 4 more | 9 Mac Os X, Ubuntu Linux, Debian Linux and 6 more | 2022-06-13 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in those ACLs. After the first SASL bind is completed, the sasl_ssf value is retained for all new non-SASL connections. Depending on the ACL configuration, this can affect different types of operations (searches, modifications, etc.). In other words, a successful authorization step completed by one user affects the authorization requirement for a different user. | |||||
| CVE-2022-1944 | 1 Gitlab | 1 Gitlab | 2022-06-13 | 4.9 MEDIUM | 7.1 HIGH |
| When the feature is configured, improper authorization in the Interactive Web Terminal in GitLab CE/EE affecting all versions from 11.3 prior to 14.9.5, 14.10 prior to 14.10.4, and 15.0 prior to 15.0.1 allows users with the Developer role to open terminals on other Developers' running jobs | |||||
| CVE-2022-27775 | 1 Haxx | 1 Curl | 2022-06-13 | 5.0 MEDIUM | 7.5 HIGH |
| An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead. | |||||
| CVE-2019-10384 | 3 Jenkins, Oracle, Redhat | 3 Jenkins, Communications Cloud Native Core Automated Test Suite, Openshift Container Platform | 2022-06-13 | 6.8 MEDIUM | 8.8 HIGH |
| Jenkins 2.191 and earlier, LTS 2.176.2 and earlier allowed users to obtain CSRF tokens without an associated web session ID, resulting in CSRF tokens that did not expire and could be used to bypass CSRF protection for the anonymous user. | |||||
| CVE-2019-5032 | 1 Aspose | 1 Aspose.cells | 2022-06-13 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable out-of-bounds read vulnerability exists in the LabelSst record parser of Aspose Aspose.Cells 19.1.0 library. A specially crafted XLS file can cause an out-of-bounds read, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. | |||||
| CVE-2019-1003049 | 3 Jenkins, Oracle, Redhat | 3 Jenkins, Communications Cloud Native Core Automated Test Suite, Openshift Container Platform | 2022-06-13 | 6.8 MEDIUM | 8.1 HIGH |
| Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based CLI authentication caches. | |||||
| CVE-2021-42886 | 1 Totolink | 2 Ex1200t, Ex1200t Firmware | 2022-06-13 | 5.0 MEDIUM | 7.5 HIGH |
| TOTOLINK EX1200T V4.1.2cu.5215 contains an information disclosure vulnerability where an attacker can get the apmib configuration file without authorization, and usernames and passwords can be found in the decoded file. | |||||
| CVE-2021-41932 | 1 Wolterskluwer | 1 Teammate\+ Audit | 2022-06-13 | 6.5 MEDIUM | 8.8 HIGH |
| A blind SQL injection vulnerability in search form in TeamMate+ Audit version 28.0.19.0 allows any authenticated user to create malicious SQL injections, which can result in complete database compromise, gaining information about other users, unauthorized access to audit data etc. | |||||
| CVE-2021-42192 | 1 Konga Project | 1 Konga | 2022-06-13 | 9.0 HIGH | 8.8 HIGH |
| Konga v0.14.9 is affected by an incorrect access control vulnerability where a specially crafted request can lead to privilege escalation. | |||||
| CVE-2022-26868 | 1 Dell | 3 Powerstore T, Powerstore X, Powerstoreos | 2022-06-13 | 7.2 HIGH | 7.8 HIGH |
| Dell EMC PowerStore versions 2.0.0.x, 2.0.1.x, and 2.1.0.x are vulnerable to a command injection flaw. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system takeover by an attacker. | |||||
| CVE-2022-26867 | 1 Dell | 3 Powerstore T, Powerstore X, Powerstoreos | 2022-06-13 | 6.0 MEDIUM | 8.0 HIGH |
| PowerStore SW v2.1.1.0 supports the option to export data to either a CSV or an XLSX file. The data is taken as is, without any validation or sanitization. It allows a malicious, authenticated user to inject payloads that might get interpreted as formulas by the corresponding spreadsheet application that is being used to open the CSV/XLSX file. | |||||
| CVE-2022-30238 | 1 Schneider-electric | 4 Wiser Smart Eer21000, Wiser Smart Eer21000 Firmware, Wiser Smart Eer21001 and 1 more | 2022-06-13 | 7.5 HIGH | 8.8 HIGH |
| A CWE-287: Improper Authentication vulnerability exists that could allow an attacker to take over the admin account when an attacker hijacks a session. Affected Products: Wiser Smart, EER21000 & EER21001 (V4.5 and prior) | |||||
| CVE-2022-22557 | 1 Dell | 3 Powerstore T, Powerstore X, Powerstoreos | 2022-06-13 | 7.2 HIGH | 7.8 HIGH |
| PowerStore contains Plain-Text Password Storage Vulnerability in PowerStore X & T environments running versions 2.0.0.x and 2.0.1.x A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account. | |||||
| CVE-2021-43944 | 1 Atlassian | 2 Jira Data Center, Jira Server | 2022-06-13 | 6.5 MEDIUM | 7.2 HIGH |
| This issue exists to document that a security improvement in the way that Jira Server and Data Center use templates has been implemented. Affected versions of Atlassian Jira Server and Data Center allowed remote attackers with system administrator permissions to execute arbitrary code via Template Injection leading to Remote Code Execution (RCE) in the Email Templates feature. The affected versions are before version 8.13.15, and from version 8.14.0 before 8.20.3. | |||||
| CVE-2022-30237 | 1 Schneider-electric | 4 Wiser Smart Eer21000, Wiser Smart Eer21000 Firmware, Wiser Smart Eer21001 and 1 more | 2022-06-13 | 5.0 MEDIUM | 7.5 HIGH |
| A CWE-311: Missing Encryption of Sensitive Data vulnerability exists that could allow authentication credentials to be recovered when an attacker breaks the encoding. Affected Products: Wiser Smart, EER21000 & EER21001 (V4.5 and prior) | |||||
| CVE-2022-30236 | 1 Schneider-electric | 4 Wiser Smart Eer21000, Wiser Smart Eer21000 Firmware, Wiser Smart Eer21001 and 1 more | 2022-06-13 | 6.4 MEDIUM | 8.2 HIGH |
| A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could allow unauthorized access when an attacker uses cross-domain attacks. Affected Products: Wiser Smart, EER21000 & EER21001 (V4.5 and prior) | |||||
| CVE-2022-29793 | 1 Huawei | 2 Emui, Harmonyos | 2022-06-13 | 5.0 MEDIUM | 7.5 HIGH |
| There is a configuration defect in the activation lock of mobile phones.Successful exploitation of this vulnerability may affect application availability. | |||||
| CVE-2020-11579 | 2 Chadhaajay, Php | 2 Phpkb, Php | 2022-06-13 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled. | |||||
| CVE-2021-42697 | 1 Akka | 1 Http Server | 2022-06-13 | 5.0 MEDIUM | 7.5 HIGH |
| Akka HTTP 10.1.x before 10.1.15 and 10.2.x before 10.2.7 can encounter stack exhaustion while parsing HTTP headers, which allows a remote attacker to conduct a Denial of Service attack by sending a User-Agent header with deeply nested comments. | |||||
| CVE-2022-30232 | 1 Schneider-electric | 2 Powerlogic Ion Setup, Powerlogic Ion Setup Firmware | 2022-06-13 | 6.5 MEDIUM | 8.8 HIGH |
| A CWE-20: Improper Input Validation vulnerability exists that could cause potential remote code execution when an attacker is able to intercept and modify a request on the same network or has configuration access to an ION device on the network. Affected Products: Wiser Smart, EER21000 & EER21001 (V4.5 and prior) | |||||
| CVE-2022-29594 | 2 Eginnovations, Microsoft | 5 Eg Agent, Eg Manager, Eg Rum Collectors and 2 more | 2022-06-13 | 7.2 HIGH | 7.8 HIGH |
| eG Agent before 7.2 has weak file permissions that enable escalation of privileges to SYSTEM. | |||||
| CVE-2022-29694 | 1 Unicorn-engine | 1 Unicorn Engine | 2022-06-13 | 5.0 MEDIUM | 7.5 HIGH |
| Unicorn Engine v2.0.0-rc7 and below was discovered to contain a NULL pointer dereference via qemu_ram_free. | |||||
| CVE-2022-0141 | 1 Vfbpro | 1 Visual Form Builder | 2022-06-13 | 5.8 MEDIUM | 8.1 HIGH |
| The Visual Form Builder WordPress plugin before 3.0.8 does not enforce nonce checks which could allow attackers to make a logged in admin or editor delete and restore arbitrary form entries via CSRF attacks | |||||
| CVE-2022-31018 | 1 Lightbend | 1 Play Framework | 2022-06-13 | 5.0 MEDIUM | 7.5 HIGH |
| Play Framework is a web framework for Java and Scala. A denial of service vulnerability has been discovered in verions 2.8.3 through 2.8.15 of Play's forms library, in both the Scala and Java APIs. This can occur when using either the `Form#bindFromRequest` method on a JSON request body or the `Form#bind` method directly on a JSON value. If the JSON data being bound to the form contains a deeply-nested JSON object or array, the form binding implementation may consume all available heap space and cause an `OutOfMemoryError`. If executing on the default dispatcher and `akka.jvm-exit-on-fatal-error` is enabled—as it is by default—then this can crash the application process. `Form.bindFromRequest` is vulnerable when using any body parser that produces a type of `AnyContent` or `JsValue` in Scala, or one that can produce a `JsonNode` in Java. This includes Play's default body parser. This vulnerability been patched in version 2.8.16. There is now a global limit on the depth of a JSON object that can be parsed, which can be configured by the user if necessary. As a workaround, applications that do not need to parse a request body of type `application/json` can switch from the default body parser to another body parser that supports only the specific type of body they expect. | |||||
| CVE-2022-28893 | 1 Linux | 1 Linux Kernel | 2022-06-13 | 7.2 HIGH | 7.8 HIGH |
| The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state. | |||||
| CVE-2022-32268 | 1 Starwindsoftware | 1 Starwind San \& Nas | 2022-06-12 | 9.0 HIGH | 7.2 HIGH |
| StarWind SAN and NAS v0.2 build 1914 allow remote code execution. | |||||
| CVE-2022-1987 | 1 Libmobi Project | 1 Libmobi | 2022-06-12 | 5.8 MEDIUM | 8.1 HIGH |
| Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11. | |||||
| CVE-2022-30735 | 1 Samsung | 1 Account | 2022-06-11 | 5.0 MEDIUM | 7.5 HIGH |
| Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the access_token without permission. | |||||
| CVE-2022-30732 | 1 Samsung | 1 Account | 2022-06-11 | 5.0 MEDIUM | 7.5 HIGH |
| Exposure of Sensitive Information vulnerability in Samsung Account prior to version 13.2.00.6 allows attacker to access sensitive information via onActivityResult. | |||||
| CVE-2022-30726 | 1 Google | 1 Android | 2022-06-11 | 4.6 MEDIUM | 7.8 HIGH |
| Unprotected component vulnerability in DeviceSearchTrampoline in SecSettingsIntelligence prior to SMR Jun-2022 Release 1 allows local attackers to launch activities of SecSettingsIntelligence. | |||||
| CVE-2022-30717 | 1 Google | 1 Android | 2022-06-11 | 5.0 MEDIUM | 7.5 HIGH |
| Improper caller check in AR Emoji prior to SMR Jun-2022 Release 1 allows untrusted applications to use some camera functions via deeplink. | |||||
| CVE-2022-22556 | 1 Dell | 3 Powerstore T, Powerstore X, Powerstoreos | 2022-06-11 | 7.8 HIGH | 7.5 HIGH |
| Dell PowerStore contains an Uncontrolled Resource Consumption Vulnerability in PowerStore User Interface. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the Denial of Service. | |||||
| CVE-2021-42877 | 1 Totolink | 2 Ex1200t, Ex1200t Firmware | 2022-06-11 | 7.8 HIGH | 7.5 HIGH |
| TOTOLINK EX1200T V4.1.2cu.5215 contains a denial of service vulnerability in function RebootSystem of the file lib/cste_modules/system which can reboot the system. | |||||
| CVE-2022-31023 | 1 Lightbend | 1 Play Framework | 2022-06-11 | 5.0 MEDIUM | 7.5 HIGH |
| Play Framework is a web framework for Java and Scala. Verions prior to 2.8.16 are vulnerable to generation of error messages containing sensitive information. Play Framework, when run in dev mode, shows verbose errors for easy debugging, including an exception stack trace. Play does this by configuring its `DefaultHttpErrorHandler` to do so based on the application mode. In its Scala API Play also provides a static object `DefaultHttpErrorHandler` that is configured to always show verbose errors. This is used as a default value in some Play APIs, so it is possible to inadvertently use this version in production. It is also possible to improperly configure the `DefaultHttpErrorHandler` object instance as the injected error handler. Both of these situations could result in verbose errors displaying to users in a production application, which could expose sensitive information from the application. In particular, the constructor for `CORSFilter` and `apply` method for `CORSActionBuilder` use the static object `DefaultHttpErrorHandler` as a default value. This is patched in Play Framework 2.8.16. The `DefaultHttpErrorHandler` object has been changed to use the prod-mode behavior, and `DevHttpErrorHandler` has been introduced for the dev-mode behavior. A workaround is available. When constructing a `CORSFilter` or `CORSActionBuilder`, ensure that a properly-configured error handler is passed. Generally this should be done by using the `HttpErrorHandler` instance provided through dependency injection or through Play's `BuiltInComponents`. Ensure that the application is not using the `DefaultHttpErrorHandler` static object in any code that may be run in production. | |||||
| CVE-2022-29695 | 1 Unicorn-engine | 1 Unicorn Engine | 2022-06-10 | 5.0 MEDIUM | 7.5 HIGH |
| Unicorn Engine v2.0.0-rc7 contains memory leaks caused by an incomplete unicorn engine initialization. | |||||
| CVE-2022-30799 | 1 Online Ordering System Project | 1 Online Ordering System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Online Ordering System v1.0 by oretnom23 has SQL injection via store/orderpage.php. | |||||
| CVE-2022-1669 | 1 Circutor | 2 Compact Dc-s Basic, Compact Dc-s Basic Firmware | 2022-06-10 | 5.5 MEDIUM | 8.1 HIGH |
| A buffer overflow vulnerability has been detected in the firewall function of the device management web portal. The device runs a CGI binary (index.cgi) to offer a management web application. Once authenticated with valid credentials in this web portal, a potential attacker could submit any "Address" value and it would be copied to a second variable with a "strcpy" vulnerable function without checking its length. Because of this, it is possible to send a long address value to overflow the process stack, controlling the function return address. | |||||
| CVE-2022-30798 | 1 Online Ordering System Project | 1 Online Ordering System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/viewreport.php. | |||||
| CVE-2022-30795 | 1 Online Ordering System Project | 1 Online Ordering System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/editproductimage.php. | |||||
| CVE-2022-30794 | 1 Online Ordering System Project | 1 Online Ordering System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/editproductetails.php. | |||||
| CVE-2022-30496 | 1 Mv | 1 Idce | 2022-06-10 | 5.0 MEDIUM | 7.5 HIGH |
| SQL injection in Logon Page of IDCE MV's application, version 1.0, allows an attacker to inject SQL payloads in the user field, connecting to a database to access enterprise's private and sensitive information. | |||||
| CVE-2020-26664 | 2 Debian, Videolan | 2 Debian Linux, Vlc Media Player | 2022-06-10 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability in EbmlTypeDispatcher::send in VideoLAN VLC media player 3.0.11 allows attackers to trigger a heap-based buffer overflow via a crafted .mkv file. | |||||
| CVE-2022-32026 | 1 Car Rental Management System Project | 1 Car Rental Management System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/manage_booking.php?id=. | |||||
| CVE-2022-32021 | 1 Car Rental Management System Project | 1 Car Rental Management System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/manage_movement.php?id=. | |||||
| CVE-2022-32024 | 1 Car Rental Management System Project | 1 Car Rental Management System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Car Rental Management System v1.0 is vulnerable to SQL Injection via car-rental-management-system/booking.php?car_id=. | |||||
| CVE-2022-32022 | 1 Car Rental Management System Project | 1 Car Rental Management System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Car Rental Management System v1.0 is vulnerable to SQL Injection via /ip/car-rental-management-system/admin/ajax.php?action=login. | |||||
| CVE-2022-32025 | 1 Car Rental Management System Project | 1 Car Rental Management System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/view_car.php?id=. | |||||