Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-29701 | 1 Zammad | 1 Zammad | 2022-05-05 | 5.0 MEDIUM | 7.5 HIGH |
| A lack of rate limiting in the 'forgot password' feature of Zammad v5.1.0 allows attackers to send an excessive amount of reset requests for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of generated e-mail messages. | |||||
| CVE-2022-29700 | 1 Zammad | 1 Zammad | 2022-05-05 | 5.0 MEDIUM | 7.5 HIGH |
| A lack of password length restriction in Zammad v5.1.0 allows for the creation of extremely long passwords which can cause a Denial of Service (DoS) during password verification. | |||||
| CVE-2022-28085 | 1 Htmldoc Project | 1 Htmldoc | 2022-05-05 | 6.8 MEDIUM | 7.8 HIGH |
| A flaw was found in htmldoc commit 31f7804. A heap buffer overflow in the function pdf_write_names in ps-pdf.cxx may lead to arbitrary code execution and Denial of Service (DoS). | |||||
| CVE-2021-35250 | 1 Solarwinds | 1 Serv-u | 2022-05-05 | 5.0 MEDIUM | 7.5 HIGH |
| A researcher reported a Directory Transversal Vulnerability in Serv-U 15.3. This may allow access to files relating to the Serv-U installation and server files. This issue has been resolved in Serv-U 15.3 Hotfix 1. | |||||
| CVE-2022-29419 | 1 3xsocializer Project | 1 3xsocializer | 2022-05-05 | 6.5 MEDIUM | 8.8 HIGH |
| SQL Injection (SQLi) vulnerability in Don Crowther's 3xSocializer plugin <= 0.98.22 at WordPress possible for users with a low role like a subscriber or higher. | |||||
| CVE-2022-28528 | 1 Bloofox | 1 Bloofoxcms | 2022-05-05 | 6.5 MEDIUM | 8.8 HIGH |
| bloofoxCMS v0.5.2.1 was discovered to contain an arbitrary file upload vulnerability via /admin/index.php?mode=content&page=media&action=edit. | |||||
| CVE-2022-28053 | 1 Typemill | 1 Typemill | 2022-05-05 | 6.5 MEDIUM | 8.8 HIGH |
| Typemill v1.5.3 was discovered to contain an arbitrary file upload vulnerability via the upload function. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file. | |||||
| CVE-2022-28527 | 1 Dhcms Project | 1 Dhcms | 2022-05-05 | 5.5 MEDIUM | 8.1 HIGH |
| dhcms v20170919 was discovered to contain an arbitrary folder deletion vulnerability via /admin.php?r=admin/AdminBackup/del. | |||||
| CVE-2022-28523 | 1 Hongcms Project | 1 Hongcms | 2022-05-05 | 5.5 MEDIUM | 8.1 HIGH |
| HongCMS 3.0.0 allows arbitrary file deletion via the component /admin/index.php/template/ajax?action=delete. | |||||
| CVE-2022-22392 | 1 Ibm | 1 Planning Analytics Workspace | 2022-05-05 | 6.8 MEDIUM | 7.8 HIGH |
| IBM Planning Analytics Local 2.0 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. IBM X-Force ID: 222066. | |||||
| CVE-2022-29814 | 1 Jetbrains | 1 Intellij Idea | 2022-05-05 | 4.4 MEDIUM | 7.7 HIGH |
| In JetBrains IntelliJ IDEA before 2022.1 local code execution via HTML descriptions in custom JSON schemas was possible | |||||
| CVE-2021-45842 | 1 Terra-master | 3 F2-210, F4-210, Tos | 2022-05-05 | 5.0 MEDIUM | 7.5 HIGH |
| It is possible to obtain the first administrator's hash set up in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) on the system as well as other information such as MAC address, internal IP address etc. by performing a request to the /module/api.php?mobile/wapNasIPS endpoint. | |||||
| CVE-2022-29819 | 1 Jetbrains | 1 Intellij Idea | 2022-05-05 | 4.4 MEDIUM | 7.7 HIGH |
| In JetBrains IntelliJ IDEA before 2022.1 local code execution via links in Quick Documentation was possible | |||||
| CVE-2022-29818 | 1 Jetbrains | 1 Intellij Idea | 2022-05-05 | 3.6 LOW | 7.1 HIGH |
| In JetBrains IntelliJ IDEA before 2022.1 origin checks in the internal web server were flawed | |||||
| CVE-2022-29821 | 1 Jetbrains | 1 Pycharm | 2022-05-05 | 4.4 MEDIUM | 7.7 HIGH |
| In JetBrains Rider before 2022.1 local code execution via links in ReSharper Quick Documentation was possible | |||||
| CVE-2021-45836 | 1 Terra-master | 3 F2-210, F4-210, Tos | 2022-05-05 | 9.0 HIGH | 8.8 HIGH |
| An authenticated attacker can execute arbitrary commands as root in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) by injecting a maliciously crafted input in the request through /tos/index.php?app/hand_app. | |||||
| CVE-2022-28525 | 1 Ed01-cms Project | 1 Ed01-cms | 2022-05-04 | 6.5 MEDIUM | 8.8 HIGH |
| ED01-CMS v20180505 was discovered to contain an arbitrary file upload vulnerability via /admin/users.php?source=edit_user&id=1. | |||||
| CVE-2022-28918 | 1 Njtech | 1 Greencms | 2022-05-04 | 5.5 MEDIUM | 8.1 HIGH |
| GreenCMS v2.3.0603 was discovered to contain an arbitrary file deletion vulnerability via /index.php?m=admin&c=custom&a=plugindelhandle&plugin_name=. | |||||
| CVE-2022-28892 | 1 Mahara | 1 Mahara | 2022-05-04 | 6.8 MEDIUM | 8.8 HIGH |
| Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0 is vulnerable to Cross Site Request Forgery (CSRF) because randomly generated tokens are too easily guessable. | |||||
| CVE-2022-28058 | 1 Verydows | 1 Verydows | 2022-05-04 | 5.5 MEDIUM | 8.1 HIGH |
| Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend\file_controller.php. | |||||
| CVE-2022-28059 | 1 Verydows | 1 Verydows | 2022-05-04 | 5.5 MEDIUM | 8.1 HIGH |
| Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend\database_controller.php. | |||||
| CVE-2022-1459 | 1 Open-emr | 1 Openemr | 2022-05-04 | 5.5 MEDIUM | 8.3 HIGH |
| Non-Privilege User Can View Patient’s Disclosures in GitHub repository openemr/openemr prior to 6.1.0.1. | |||||
| CVE-2022-20773 | 1 Cisco | 1 Umbrella | 2022-05-04 | 6.8 MEDIUM | 8.1 HIGH |
| A vulnerability in the key-based SSH authentication mechanism of Cisco Umbrella Virtual Appliance (VA) could allow an unauthenticated, remote attacker to impersonate a VA. This vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vulnerability by performing a man-in-the-middle attack on an SSH connection to the Umbrella VA. A successful exploit could allow the attacker to learn the administrator credentials, change configurations, or reload the VA. Note: SSH is not enabled by default on the Umbrella VA. | |||||
| CVE-2022-20783 | 1 Cisco | 2 Roomos, Telepresence Collaboration Endpoint | 2022-05-04 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability in the packet processing functionality of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted H.323 traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to either reboot normally or reboot into maintenance mode, which could result in a DoS condition on the device. | |||||
| CVE-2021-40680 | 1 Articatech | 1 Web Proxy | 2022-05-04 | 5.5 MEDIUM | 8.1 HIGH |
| There is a Directory Traversal vulnerability in Artica Proxy (4.30.000000 SP206 through SP255, and VMware appliance 4.30.000000 through SP273) via the filename parameter to /cgi-bin/main.cgi. | |||||
| CVE-2022-20786 | 1 Cisco | 1 Unified Communications Manager Im And Presence Service | 2022-05-04 | 5.5 MEDIUM | 8.1 HIGH |
| A vulnerability in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to improper validation of user-submitted parameters. An attacker could exploit this vulnerability by authenticating to the application and sending malicious requests to an affected system. A successful exploit could allow the attacker to obtain data or modify data that is stored in the underlying database of the affected system. | |||||
| CVE-2022-29603 | 1 Universis | 1 Universis-api | 2022-05-04 | 5.5 MEDIUM | 8.1 HIGH |
| A SQL Injection vulnerability exists in UniverSIS UniverSIS-API through 1.2.1 via the $select parameter to multiple API endpoints. A remote authenticated attacker could send crafted SQL statements to a vulnerable endpoint (such as /api/students/me/messages/) to, for example, retrieve personal information or change grades. | |||||
| CVE-2019-25059 | 2 Artifex, Debian | 2 Ghostscript, Debian Linux | 2022-05-04 | 6.8 MEDIUM | 7.8 HIGH |
| Artifex Ghostscript through 9.26 mishandles .completefont. NOTE: this issue exists because of an incomplete fix for CVE-2019-3839. | |||||
| CVE-2022-1427 | 1 Brew | 1 Mruby | 2022-05-04 | 4.6 MEDIUM | 7.8 HIGH |
| Out-of-bounds Read in mrb_obj_is_kind_of in in GitHub repository mruby/mruby prior to 3.2. # Impact: Possible arbitrary code execution if being exploited. | |||||
| CVE-2022-1392 | 1 Commoninja | 1 Videos Sync Pdf | 2022-05-04 | 5.0 MEDIUM | 7.5 HIGH |
| The Videos sync PDF WordPress plugin through 1.7.4 does not validate the p parameter before using it in an include statement, which could lead to Local File Inclusion issues | |||||
| CVE-2022-0192 | 1 Lenovo | 1 Pcmanager | 2022-05-04 | 4.4 MEDIUM | 7.8 HIGH |
| A DLL search path vulnerability was reported in Lenovo PCManager prior to version 4.0.40.2175 that could allow privilege escalation. | |||||
| CVE-2020-14123 | 1 Mi | 1 Miui | 2022-05-03 | 5.0 MEDIUM | 7.5 HIGH |
| There is a pointer double free vulnerability in Some MIUI Services. When a function is called, the memory pointer is copied to two function modules, and an attacker can cause the pointer to be repeatedly released through malicious operations, resulting in the affected module crashing and affecting normal functionality, and if successfully exploited the vulnerability can cause elevation of privileges. | |||||
| CVE-2021-32929 | 1 Uffizio | 1 Gps Tracker | 2022-05-03 | 6.8 MEDIUM | 8.8 HIGH |
| All versions of Uffizio GPS Tracker may allow an attacker to perform unintended actions on behalf of a user. | |||||
| CVE-2022-1437 | 1 Radare | 1 Radare2 | 2022-05-03 | 5.8 MEDIUM | 7.1 HIGH |
| Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash. | |||||
| CVE-2022-29583 | 2 Microsoft, Service Project | 2 Windows, Service | 2022-05-03 | 4.6 MEDIUM | 7.8 HIGH |
| service_windows.go in the kardianos service package for Go omits quoting that is sometimes needed for execution of a Windows service executable from the intended directory. | |||||
| CVE-2021-39040 | 1 Ibm | 1 Planning Analytics Workspace | 2022-05-03 | 6.0 MEDIUM | 8.0 HIGH |
| IBM Planning Analytics Workspace 2.0 could be vulnerable to malicious file upload by not validating the file types or sizes. Attackers can make use of this weakness and upload malicious executable files into the system and it can be sent to victim for performing further attacks. IBM X-Force ID: 214025. | |||||
| CVE-2021-4225 | 2 Microsoft, Smartypantsplugins | 2 Windows, Sp Project \& Document Manager | 2022-05-03 | 6.5 MEDIUM | 8.8 HIGH |
| The SP Project & Document Manager WordPress plugin before 4.24 allows any authenticated users, such as subscribers, to upload files. The plugin attempts to prevent PHP and other similar files that could be executed on the server from being uploaded by checking the file extension. It was discovered that on Windows servers, the security checks in place were insufficient, enabling bad actors to potentially upload backdoors on vulnerable sites. | |||||
| CVE-2022-26856 | 1 Dell | 1 Emc Repository Manager | 2022-05-03 | 2.1 LOW | 7.8 HIGH |
| Dell EMC Repository Manager version 3.4.0 contains a plain-text password storage vulnerability. A local attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application's database with privileges of the compromised account. | |||||
| CVE-2021-37740 | 1 Mdt | 4 Scn-ip000.03, Scn-ip000.03 Firmware, Scn-ip100.03 and 1 more | 2022-05-03 | 7.8 HIGH | 7.5 HIGH |
| A denial of service vulnerability exists in MDT's firmware for the KNXnet/IP Secure router SCN-IP100.03 and KNX IP interface SCN-IP000.03 before v3.0.4, that allows a remote attacker to turn the device unresponsive to all requests on the KNXnet/IP Secure layer, until the device is rebooted, via a SESSION_REQUEST frame with a modified total length field. | |||||
| CVE-2022-1451 | 1 Radare | 1 Radare2 | 2022-05-03 | 5.8 MEDIUM | 7.1 HIGH |
| Out-of-bounds Read in r_bin_java_constant_value_attr_new function in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end 2f the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash. More details see [CWE-125: Out-of-bounds read](https://cwe.mitre.org/data/definitions/125.html). | |||||
| CVE-2022-1452 | 1 Radare | 1 Radare2 | 2022-05-03 | 5.8 MEDIUM | 7.1 HIGH |
| Out-of-bounds Read in r_bin_java_bootstrap_methods_attr_new function in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end 2f the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash. More details see [CWE-125: Out-of-bounds read](https://cwe.mitre.org/data/definitions/125.html). | |||||
| CVE-2022-24424 | 1 Dell | 1 Emc Appsync | 2022-05-03 | 5.0 MEDIUM | 7.5 HIGH |
| Dell EMC AppSync versions from 3.9 to 4.3 contain a path traversal vulnerability in AppSync server. A remote unauthenticated attacker may potentially exploit this vulnerability to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application. | |||||
| CVE-2022-24875 | 1 Cve | 1 Cve-services | 2022-05-03 | 5.0 MEDIUM | 7.5 HIGH |
| The CVEProject/cve-services is an open source project used to operate the CVE services api. In versions up to and including 1.1.1 the `org.conroller.js` code would erroneously log user secrets. This has been resolved in commit `46d98f2b` and should be available in subsequent versions of the software. Users of the software are advised to manually apply the `46d98f2b` commit or to update when a new version becomes available. As a workaround users should inspect their logs and remove logged secrets as appropriate. | |||||
| CVE-2020-14120 | 1 Mi | 1 Miui | 2022-05-03 | 6.8 MEDIUM | 8.8 HIGH |
| Some Xiaomi models have a vulnerability in a certain application. The vulnerability is caused by the lack of checksum when using a three-party application to pass in parameters, and attackers can induce users to install a malicious app and use the vulnerability to achieve elevated privileges, making the normal services of the system affected. | |||||
| CVE-2021-44512 | 1 Tmate | 1 Tmate-ssh-server | 2022-05-03 | 4.4 MEDIUM | 7.0 HIGH |
| World-writable permissions on the /tmp/tmate/sessions directory in tmate-ssh-server 2.3.0 allow a local attacker to compromise the integrity of session handling, or obtain the read-write session ID from a read-only session symlink in this directory. | |||||
| CVE-2021-44686 | 2 Calibre-ebook, Fedoraproject | 2 Calibre, Fedora | 2022-05-03 | 5.0 MEDIUM | 7.5 HIGH |
| calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service) in html_preprocess_rules in ebooks/conversion/preprocess.py. | |||||
| CVE-2021-20835 | 1 Mercari | 1 Mercari | 2022-05-03 | 5.0 MEDIUM | 7.5 HIGH |
| Improper authorization in handler for custom URL scheme vulnerability in Android App 'Mercari (Merpay) - Marketplace and Mobile Payments App' (Japan version) versions prior to 4.49.1 allows a remote attacker to lead a user to access an arbitrary website and the website launches an arbitrary Activity of the app via the vulnerable App, which may result in Mercari account's access token being obtained. | |||||
| CVE-2021-29329 | 1 Moddable | 1 Moddable | 2022-05-03 | 6.8 MEDIUM | 7.8 HIGH |
| OpenSource Moddable v10.5.0 was discovered to contain a stack overflow in the fxBinaryExpressionNodeDistribute function at /moddable/xs/sources/xsTree.c. | |||||
| CVE-2021-29324 | 1 Moddable | 1 Moddable | 2022-05-03 | 6.8 MEDIUM | 7.8 HIGH |
| OpenSource Moddable v10.5.0 was discovered to contain a stack overflow via the component /moddable/xs/sources/xsScript.c. | |||||
| CVE-2021-0064 | 1 Intel | 24 7265, 7265 Firmware, Ac 3165 and 21 more | 2022-05-03 | 4.6 MEDIUM | 7.8 HIGH |
| Insecure inherited permissions in the Intel(R) PROSet/Wireless WiFi software installer for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||