Search
Total
46623 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-1124 | 1 Gitlab | 1 Gitlab | 2022-05-18 | 3.5 LOW | 4.3 MEDIUM |
| An improper authorization issue has been discovered in GitLab CE/EE affecting all versions prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and 14.10.0, allowing Guest project members to access trace log of jobs when it is enabled | |||||
| CVE-2022-1428 | 1 Gitlab | 1 Gitlab | 2022-05-18 | 4.0 MEDIUM | 4.3 MEDIUM |
| An issue has been discovered in GitLab affecting all versions before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was incorrectly verifying throttling limits for authenticated package requests which resulted in limits not being enforced. | |||||
| CVE-2022-1406 | 1 Gitlab | 1 Gitlab | 2022-05-18 | 4.0 MEDIUM | 6.5 MEDIUM |
| Improper input validation in GitLab CE/EE affecting all versions from 8.12 prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and 14.10.0 allows a Developer to read protected Group or Project CI/CD variables by importing a malicious project | |||||
| CVE-2022-1433 | 1 Gitlab | 1 Gitlab | 2022-05-18 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue has been discovered in GitLab affecting all versions starting from 14.4 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. Missing invalidation of Markdown caching causes potential payloads from a previously exploitable XSS vulnerability (CVE-2022-1175) to persist and execute. | |||||
| CVE-2022-29868 | 1 1password | 1 1password | 2022-05-18 | 2.1 LOW | 5.5 MEDIUM |
| 1Password for Mac 7.2.4 through 7.9.x before 7.9.3 is vulnerable to a process validation bypass. Malicious software running on the same computer can exfiltrate secrets from 1Password provided that 1Password is running and is unlocked. Affected secrets include vault items and derived values used for signing in to 1Password. | |||||
| CVE-2022-1417 | 1 Gitlab | 1 Gitlab | 2022-05-18 | 4.0 MEDIUM | 4.3 MEDIUM |
| Improper access control in GitLab CE/EE affecting all versions starting from 8.12 before 14.8.6, all versions starting from 14.9 before 14.9.4, and all versions starting from 14.10 before 14.10.1 allows non-project members to access contents of Project Members-only Wikis via malicious CI jobs | |||||
| CVE-2022-30278 | 1 Synopsys | 1 Black Duck Hub | 2022-05-18 | 4.3 MEDIUM | 6.1 MEDIUM |
| A vulnerability in Black Duck Hub’s embedded MadCap Flare documentation files could allow an unauthenticated remote attacker to conduct a cross-site scripting attack. The vulnerability is due to improper validation of user-supplied input to MadCap Flare's framework embedded within Black Duck Hub's Help Documentation to supply content. An attacker could exploit this vulnerability by convincing a user to click a link designed to pass malicious input to the interface. A successful exploit could allow the attacker to conduct cross-site scripting attacks and gain access to sensitive browser-based information. | |||||
| CVE-2022-0866 | 1 Redhat | 3 Jboss Enterprise Application Platform, Openstack Platform, Wildfly | 2022-05-18 | 4.3 MEDIUM | 5.3 MEDIUM |
| This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal. In particular, the org.jboss.as.ejb3.component.EJBComponent class has an incomingRunAsIdentity field. This field is used by the org.jboss.as.ejb3.security.RunAsPrincipalInterceptor to keep track of the current identity prior to switching to a new identity created using the RunAs principal. The exploit consist that the EJBComponent#incomingRunAsIdentity field is currently just a SecurityIdentity. This means in a concurrent environment, where multiple users are repeatedly invoking an EJB that is configured with a RunAs principal, it's possible for the wrong the caller principal to be returned from EJBComponent#getCallerPrincipal. Similarly, it's also possible for EJBComponent#isCallerInRole to return the wrong value. Both of these methods rely on incomingRunAsIdentity. Affects all versions of JBoss EAP from 7.1.0 and all versions of WildFly 11+ when Elytron is enabled. | |||||
| CVE-2021-27764 | 1 Hcltech | 1 Bigfix Webui | 2022-05-18 | 4.3 MEDIUM | 6.5 MEDIUM |
| Cookie without HTTPONLY flag set. NUMBER cookie(s) was set without Secure or HTTPOnly flags. The images show the cookie with the missing flag. (WebUI) | |||||
| CVE-2022-29950 | 1 Experian | 1 Hunter | 2022-05-18 | 4.0 MEDIUM | 4.3 MEDIUM |
| ** DISPUTED ** Experian Hunter 1.16 allows remote authenticated users to modify assumed-immutable elements via the (1) rule name parameter to the Rules page or the (2) subrule name or (3) categories name parameter to the Subrules page. NOTE: the vendor disputes this because version 1.16 has never existed. | |||||
| CVE-2022-28078 | 1 Home Owners Collection Management System Project | 1 Home Owners Collection Management System | 2022-05-17 | 4.3 MEDIUM | 6.1 MEDIUM |
| Home Owners Collection Management v1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the Admin panel via the $_GET['page'] parameter. | |||||
| CVE-2022-28077 | 1 Home Owners Collection Management System Project | 1 Home Owners Collection Management System | 2022-05-17 | 4.3 MEDIUM | 6.1 MEDIUM |
| Home Owners Collection Management v1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the Admin panel via the $_GET['s'] parameter. | |||||
| CVE-2022-29976 | 1 Altn | 1 Mdaemon | 2022-05-17 | 3.5 LOW | 5.4 MEDIUM |
| An Authenticated Reflected Cross-site scripting at BCC Parameter was discovered in MDaemon before 22.0.0 . | |||||
| CVE-2022-29975 | 1 Altn | 1 Mdaemon | 2022-05-17 | 3.5 LOW | 5.4 MEDIUM |
| An Authenticated Reflected Cross-site scripting at CC Parameter was discovered in MDaemon before 22.0.0 . | |||||
| CVE-2022-1567 | 1 Wp-js Project | 1 Wp-js | 2022-05-17 | 4.3 MEDIUM | 6.1 MEDIUM |
| The WP-JS plugin for WordPress contains a script called wp-js.php with the function wp_js_admin, that accepts unvalidated user input and echoes it back to the user. This can be used for reflected Cross-Site Scripting in versions up to, and including, 2.0.6. | |||||
| CVE-2021-43712 | 1 Employee Daily Task Management System Project | 1 Employee Daily Task Management System | 2022-05-17 | 3.5 LOW | 5.4 MEDIUM |
| Stored XSS in Add New Employee Form in Sourcecodester Employee Daily Task Management System 1.0 Allows Remote Attacker to Inject/Store Arbitrary Code via the Name Field. | |||||
| CVE-2022-28161 | 1 Brocade | 1 Sannav | 2022-05-17 | 1.9 LOW | 5.5 MEDIUM |
| An information exposure through log file vulnerability in Brocade SANNav versions before Brocade SANnav 2.2.0 could allow an authenticated, local attacker to view sensitive information such as ssh passwords in filetansfer.log in debug mode. To exploit this vulnerability, the attacker would need to have valid user credentials and turn on debug mode. | |||||
| CVE-2022-24681 | 1 Zohocorp | 1 Manageengine Adselfservice Plus | 2022-05-17 | 4.3 MEDIUM | 6.1 MEDIUM |
| Zoho ManageEngine ADSelfService Plus before 6121 allows XSS via the welcome name attribute to the Reset Password, Unlock Account, or User Must Change Password screen. | |||||
| CVE-2022-27308 | 1 Phprojekt Phpsimplygest Project | 1 Phprojekt Phpsimplygest | 2022-05-17 | 3.5 LOW | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in PHProjekt PhpSimplyGest v1.3.0 allows attackers to execute arbitrary web scripts or HTML via a project title. | |||||
| CVE-2022-26070 | 1 Splunk | 1 Splunk | 2022-05-17 | 4.0 MEDIUM | 4.3 MEDIUM |
| When handling a mismatched pre-authentication cookie, the application leaks the internal error message in the response, which contains the Splunk Enterprise local system path. The vulnerability impacts Splunk Enterprise versions before 8.1.0. | |||||
| CVE-2021-33845 | 1 Splunk | 1 Splunk | 2022-05-17 | 5.0 MEDIUM | 5.3 MEDIUM |
| The Splunk Enterprise REST API allows enumeration of usernames via the lockout error message. The potential vulnerability impacts Splunk Enterprise instances before 8.1.7 when configured to repress verbose login errors. | |||||
| CVE-2022-27114 | 2 Debian, Htmldoc Project | 2 Debian Linux, Htmldoc | 2022-05-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| There is a vulnerability in htmldoc 1.9.16. In image_load_jpeg function image.cxx when it calls malloc,'img->width' and 'img->height' they are large enough to cause an integer overflow. So, the malloc function may return a heap blosmaller than the expected size, and it will cause a buffer overflow/Address boundary error in the jpeg_read_scanlines function. | |||||
| CVE-2021-27759 | 1 Hcltech | 1 Bigfix Inventory | 2022-05-17 | 4.3 MEDIUM | 6.5 MEDIUM |
| This vulnerability arises because the application allows the user to perform some sensitive action without verifying that the request was sent intentionally. An attacker can cause a victim's browser to emit an HTTP request to an arbitrary URL in the application. | |||||
| CVE-2019-25060 | 1 Wpgraphql | 1 Wpgraphql | 2022-05-17 | 5.0 MEDIUM | 5.3 MEDIUM |
| The WPGraphQL WordPress plugin before 0.3.5 doesn't properly restrict access to information about other users' roles on the affected site. Because of this, a remote attacker could forge a GraphQL query to retrieve the account roles of every user on the site. | |||||
| CVE-2021-27758 | 1 Hcltech | 1 Bigfix Inventory | 2022-05-17 | 4.3 MEDIUM | 6.5 MEDIUM |
| There is a security vulnerability in login form related to Cross-site Request Forgery which prevents user to login after attacker spam to login and system blocked victim's account. | |||||
| CVE-2022-1047 | 1 Themify | 1 Post Type Builder Search Addon | 2022-05-17 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Themify Post Type Builder Search Addon WordPress plugin before 1.4.0 does not properly escape the current page URL before reusing it in a HTML attribute, leading to a reflected cross site scripting vulnerability. | |||||
| CVE-2022-26073 | 1 Anker | 2 Eufy Homebase 2, Eufy Homebase 2 Firmware | 2022-05-17 | 6.1 MEDIUM | 6.5 MEDIUM |
| A denial of service vulnerability exists in the libxm_av.so DemuxCmdInBuffer functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted set of network packets can lead to a device reboot. An attacker can send packets to trigger this vulnerability. | |||||
| CVE-2022-1104 | 1 Code-atlantic | 1 Popup Maker | 2022-05-17 | 3.5 LOW | 4.8 MEDIUM |
| The Popup Maker WordPress plugin before 1.16.5 does not sanitise and escape some of its Popup settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed | |||||
| CVE-2022-20117 | 1 Google | 1 Android | 2022-05-17 | 2.1 LOW | 5.5 MEDIUM |
| In (TBD) of (TBD), there is a possible way to decrypt local data encrypted by the GSC due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-217475903References: N/A | |||||
| CVE-2022-20119 | 1 Google | 1 Android | 2022-05-17 | 2.1 LOW | 5.5 MEDIUM |
| In private_handle_t of mali_gralloc_buffer.h, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-213170715References: N/A | |||||
| CVE-2022-20121 | 1 Google | 1 Android | 2022-05-17 | 2.1 LOW | 5.5 MEDIUM |
| In getNodeValue of USCCDMPlugin.java, there is a possible disclosure of ICCID due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-212573046References: N/A | |||||
| CVE-2022-29413 | 1 Hermit Project | 1 Hermit | 2022-05-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) in Mufeng's Hermit ????? plugin <= 3.1.6 on WordPress via &title parameter. | |||||
| CVE-2022-29412 | 1 Hermit Project | 1 Hermit | 2022-05-16 | 5.8 MEDIUM | 5.4 MEDIUM |
| Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Hermit ????? plugin <= 3.1.6 on WordPress allow attackers to delete cache, delete a source, create source. | |||||
| CVE-2018-19615 | 1 Rockwellautomation | 2 Powermonitor 1000, Powermonitor 1000 Firmware | 2022-05-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| Rockwell Automation Allen-Bradley PowerMonitor 1000 all versions. A remote attacker could inject arbitrary code into a targeted userâ??s web browser to gain access to the affected device. | |||||
| CVE-2015-5361 | 1 Juniper | 18 Srx1500, Srx1500 Firmware, Srx300 and 15 more | 2022-05-16 | 5.8 MEDIUM | 6.5 MEDIUM |
| Background For regular, unencrypted FTP traffic, the FTP ALG can inspect the unencrypted control channel and open related sessions for the FTP data channel. These related sessions (gates) are specific to source and destination IPs and ports of client and server. The design intent of the ftps-extensions option (which is disabled by default) is to provide similar functionality when the SRX secures the FTP/FTPS client. As the control channel is encrypted, the FTP ALG cannot inspect the port specific information and will open a wider TCP data channel (gate) from client IP to server IP on all destination TCP ports. In FTP/FTPS client environments to an enterprise network or the Internet, this is the desired behavior as it allows firewall policy to be written to FTP/FTPS servers on well-known control ports without using a policy with destination IP ANY and destination port ANY. Issue The ftps-extensions option is not intended or recommended where the SRX secures the FTPS server, as the wide data channel session (gate) will allow the FTPS client temporary access to all TCP ports on the FTPS server. The data session is associated to the control channel and will be closed when the control channel session closes. Depending on the configuration of the FTPS server, supporting load-balancer, and SRX inactivity-timeout values, the server/load-balancer and SRX may keep the control channel open for an extended period of time, allowing an FTPS client access for an equal duration.? Note that the ftps-extensions option is not enabled by default. | |||||
| CVE-2021-28090 | 2 Fedoraproject, Torproject | 2 Fedora, Tor | 2022-05-16 | 5.0 MEDIUM | 5.3 MEDIUM |
| Tor before 0.4.5.7 allows a remote attacker to cause Tor directory authorities to exit with an assertion failure, aka TROVE-2021-002. | |||||
| CVE-2021-31229 | 2 Debian, Ezxml Project | 2 Debian Linux, Ezxml | 2022-05-16 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_internal_dtd() performs incorrect memory handling while parsing crafted XML files, which leads to an out-of-bounds write of a one byte constant. | |||||
| CVE-2021-30485 | 2 Debian, Ezxml Project | 2 Debian Linux, Ezxml | 2022-05-16 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_internal_dtd(), while parsing a crafted XML file, performs incorrect memory handling, leading to a NULL pointer dereference while running strcmp() on a NULL pointer. | |||||
| CVE-2021-3133 | 1 Sean-barton | 1 Elementor Contact Form Db | 2022-05-16 | 4.3 MEDIUM | 6.5 MEDIUM |
| The Elementor Contact Form DB plugin before 1.6 for WordPress allows CSRF via backend admin pages. | |||||
| CVE-2021-29650 | 3 Debian, Fedoraproject, Linux | 3 Debian Linux, Fedora, Linux Kernel | 2022-05-16 | 4.9 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, aka CID-175e476b8cdf. | |||||
| CVE-2021-30002 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2022-05-16 | 2.1 LOW | 6.2 MEDIUM |
| An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists. video_usercopy in drivers/media/v4l2-core/v4l2-ioctl.c has a memory leak for large arguments, aka CID-fb18802a338b. | |||||
| CVE-2021-3564 | 3 Debian, Fedoraproject, Linux | 3 Debian Linux, Fedora, Linux Kernel | 2022-05-16 | 2.1 LOW | 5.5 MEDIUM |
| A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux kernel versions starting from 3.13. | |||||
| CVE-2019-8331 | 4 F5, Getbootstrap, Redhat and 1 more | 16 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 13 more | 2022-05-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute. | |||||
| CVE-2021-32921 | 4 Debian, Fedoraproject, Lua and 1 more | 4 Debian Linux, Fedora, Lua and 1 more | 2022-05-16 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue was discovered in Prosody before 0.11.9. It does not use a constant-time algorithm for comparing certain secret strings when running under Lua 5.2 or later. This can potentially be used in a timing attack to reveal the contents of secret strings to an attacker. | |||||
| CVE-2021-32925 | 1 Chamilo | 1 Chamilo | 2022-05-16 | 5.5 MEDIUM | 6.5 MEDIUM |
| admin/user_import.php in Chamilo 1.11.x reads XML data without disabling the ability to load external entities. | |||||
| CVE-2022-0625 | 1 Admin Menu Editor Project | 1 Admin Menu Editor | 2022-05-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Admin Menu Editor WordPress plugin through 1.0.4 does not sanitize and escape a parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting. | |||||
| CVE-2022-20731 | 1 Cisco | 3 Catalyst Digital Building Series Switches, Catalyst Digital Building Series Switches Firmware, Ios Rommon | 2022-05-16 | 7.2 HIGH | 6.8 MEDIUM |
| Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2022-20758 | 1 Cisco | 1 Ios Xr | 2022-05-16 | 7.1 HIGH | 6.8 MEDIUM |
| A vulnerability in the implementation of the Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the incorrect processing of a BGP update message that contains specific EVPN attributes. An attacker could exploit this vulnerability by sending a BGP update message that contains specific EVPN attributes. To exploit this vulnerability, an attacker must control a BGP speaker that has an established trusted peer connection to an affected device that is configured with the address family L2VPN EVPN to receive and process the update message. This vulnerability cannot be exploited by any data that is initiated by clients on the Layer 2 network or by peers that are not configured to accept the L2VPN EVPN address family. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP updates only from explicitly defined peers. For this vulnerability to be exploited, the malicious BGP update message must either come from a configured, valid BGP peer or be injected by the attacker into the affected BGP network on an existing, valid TCP connection to a BGP peer. | |||||
| CVE-2021-39700 | 1 Google | 1 Android | 2022-05-16 | 2.1 LOW | 5.5 MEDIUM |
| In the policies of adbd.te, there was a logic error which caused the CTS Listening Ports Test to report invalid results. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-201645790 | |||||
| CVE-2022-27909 | 1 Jdownloads | 1 Jdownloads | 2022-05-16 | 4.0 MEDIUM | 4.3 MEDIUM |
| In Joomla component 'jDownloads 3.9.8.2 Stable' the remote user can change some parameters in the address bar and see the names of other users' files | |||||