Search
Total
46623 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-1380 | 1 Snipeitapp | 1 Snipe-it | 2022-04-25 | 3.5 LOW | 5.4 MEDIUM |
| Stored Cross Site Scripting vulnerability in Item name parameter in GitHub repository snipe/snipe-it prior to v5.4.3. The vulnerability is capable of stolen the user Cookie. | |||||
| CVE-2021-3615 | 1 Lenovo | 6 Smart Camera C2e, Smart Camera C2e Firmware, Smart Camera X3 and 3 more | 2022-04-25 | 4.6 MEDIUM | 6.8 MEDIUM |
| A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow code execution if a specific file exists on the attached SD card. This vulnerability is the same as CNVD-2021-45262. | |||||
| CVE-2022-29287 | 1 Kentico | 1 Kentico | 2022-04-25 | 4.0 MEDIUM | 4.9 MEDIUM |
| Kentico CMS before 13.0.66 has an Insecure Direct Object Reference vulnerability. It allows an attacker with user management rights (default is Administrator) to export the user options of any user, even ones with higher privileges (like Global Administrators) than the current user. The exported XML contains every option of the exported user (even the hashed password). | |||||
| CVE-2022-29020 | 1 Forestblog Project | 1 Forestblog | 2022-04-25 | 4.3 MEDIUM | 6.1 MEDIUM |
| ForestBlog through 2022-02-16 allows admin/profile/save userAvatar XSS during addition of a user avatar. | |||||
| CVE-2021-32763 | 1 Openproject | 1 Openproject | 2022-04-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| OpenProject is open-source, web-based project management software. In versions prior to 11.3.3, the `MessagesController` class of OpenProject has a `quote` method that implements the logic behind the Quote button in the discussion forums, and it uses a regex to strip `<pre>` tags from the message being quoted. The `(.|\s)` part can match a space character in two ways, so an unterminated `<pre>` tag containing `n` spaces causes Ruby's regex engine to backtrack to try 2<sup>n</sup> states in the NFA. This will result in a Regular Expression Denial of Service. The issue is fixed in OpenProject 11.3.3. As a workaround, one may install the patch manually. | |||||
| CVE-2022-1365 | 1 Cross-fetch Project | 1 Cross-fetch | 2022-04-25 | 5.8 MEDIUM | 6.1 MEDIUM |
| Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository lquixada/cross-fetch prior to 3.1.5. | |||||
| CVE-2022-26920 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2022-04-25 | 4.9 MEDIUM | 5.5 MEDIUM |
| Windows Graphics Component Information Disclosure Vulnerability. | |||||
| CVE-2021-33697 | 1 Sap | 1 Businessobjects Business Intelligence | 2022-04-25 | 5.8 MEDIUM | 6.1 MEDIUM |
| Under certain conditions, SAP BusinessObjects Business Intelligence Platform (SAPUI5), versions - 420, 430, can allow an unauthenticated attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities. | |||||
| CVE-2021-28568 | 3 Adobe, Apple, Microsoft | 3 Genuine Service, Macos, Windows | 2022-04-25 | 6.9 MEDIUM | 6.5 MEDIUM |
| Adobe Genuine Services version 7.1 (and earlier) is affected by an Insecure file permission vulnerability during installation process. A local authenticated attacker could leverage this vulnerability to achieve privilege escalation in the context of the current user. | |||||
| CVE-2021-36037 | 1 Adobe | 2 Adobe Commerce, Magento Open Source | 2022-04-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper improper authorization vulnerability. An authenticated attacker could leverage this vulnerability to achieve sensitive information disclosure. | |||||
| CVE-2021-42250 | 1 Apache | 1 Superset | 2022-04-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| Improper output neutralization for Logs. A specific Apache Superset HTTP endpoint allowed for an authenticated user to forge log entries or inject malicious content into logs. | |||||
| CVE-2021-41229 | 2 Bluez, Debian | 2 Bluez, Debian Linux | 2022-04-25 | 3.3 LOW | 6.5 MEDIUM |
| BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdp_cstate_alloc_buf which allocates memory which will always be hung in the singly linked list of cstates and will not be freed. This will cause a memory leak over time. The data can be a very large object, which can be caused by an attacker continuously sending sdp packets and this may cause the service of the target device to crash. | |||||
| CVE-2021-41313 | 1 Atlassian | 2 Jira Data Center, Jira Server | 2022-04-25 | 4.0 MEDIUM | 4.3 MEDIUM |
| Affected versions of Atlassian Jira Server and Data Center allow authenticated but non-admin remote attackers to edit email batch configurations via an Improper Authorization vulnerability in the /secure/admin/ConfigureBatching!default.jspa endpoint. The affected versions are before version 8.20.1. | |||||
| CVE-2021-0212 | 1 Juniper | 1 Contrail Networking | 2022-04-25 | 7.2 HIGH | 5.0 MEDIUM |
| An Information Exposure vulnerability in Juniper Networks Contrail Networking allows a locally authenticated attacker able to read files to retrieve administrator credentials stored in plaintext thereby elevating their privileges over the system. This issue affects: Juniper Networks Contrail Networking versions prior to 1911.31. | |||||
| CVE-2020-2319 | 1 Jenkins | 1 Vmware Lab Manager Slaves | 2022-04-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| Jenkins VMware Lab Manager Slaves Plugin 0.2.8 and earlier stores a password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. | |||||
| CVE-2020-2318 | 1 Jenkins | 1 Mail Commander | 2022-04-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| Jenkins Mail Commander Plugin for Jenkins-ci Plugin 1.0.0 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system. | |||||
| CVE-2020-2314 | 1 Jenkins | 1 Appspider | 2022-04-25 | 2.1 LOW | 5.5 MEDIUM |
| Jenkins AppSpider Plugin 1.0.12 and earlier stores a password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. | |||||
| CVE-2020-15128 | 1 Octobercms | 1 October | 2022-04-25 | 3.5 LOW | 6.3 MEDIUM |
| In OctoberCMS before version 1.0.468, encrypted cookie values were not tied to the name of the cookie the value belonged to. This meant that certain classes of attacks that took advantage of other theoretical vulnerabilities in user facing code (nothing exploitable in the core project itself) had a higher chance of succeeding. Specifically, if your usage exposed a way for users to provide unfiltered user input and have it returned to them as an encrypted cookie (ex. storing a user provided search query in a cookie) they could then use the generated cookie in place of other more tightly controlled cookies; or if your usage exposed the plaintext version of an encrypted cookie at any point to the user they could theoretically provide encrypted content from your application back to it as an encrypted cookie and force the framework to decrypt it for them. Issue has been fixed in build 468 (v1.0.468). | |||||
| CVE-2020-10919 | 1 Automationdirect | 13 C-more Hmi Ea9 Firmware, Ea9-pgmsw, Ea9-rhmi and 10 more | 2022-04-25 | 4.3 MEDIUM | 5.9 MEDIUM |
| This vulnerability allows remote attackers to disclose sensitive information on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of passwords. When transmitting passwords, the process encrypts them in a recoverable format using a hard-coded key. An attacker can leverage this vulnerability to disclose credentials, leading to further compromise. Was ZDI-CAN-10185. | |||||
| CVE-2020-1629 | 1 Juniper | 1 Junos | 2022-04-25 | 4.3 MEDIUM | 5.9 MEDIUM |
| A race condition vulnerability on Juniper Network Junos OS devices may cause the routing protocol daemon (RPD) process to crash and restart while processing a BGP NOTIFICATION message. This issue affects Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S6; 16.2 versions prior to 16.2R2-S11; 17.1 versions prior to 17.1R2-S11, 17.1R3-S1; 17.2 versions prior to 17.2R1-S9, 17.2R3-S3; 17.2 version 17.2R2 and later versions; 17.2X75 versions prior to 17.2X75-D105, 17.2X75-D110; 17.3 versions prior to 17.3R2-S5, 17.3R3-S6; 17.4 versions prior to 17.4R2-S7, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3-S3; 18.2X75 versions prior to 18.2X75-D410, 18.2X75-D420, 18.2X75-D50, 18.2X75-D60; 18.3 versions prior to 18.3R1-S5, 18.3R2-S2, 18.3R3; 18.4 versions prior to 18.4R2-S2, 18.4R3; 19.1 versions prior to 19.1R1-S2, 19.1R2; 19.2 versions prior to 19.2R1-S4, 19.2R2. This issue does not affect Juniper Networks Junos OS prior to version 16.1R1. | |||||
| CVE-2020-1724 | 1 Redhat | 3 Keycloak, Openshift Application Runtimes, Single Sign-on | 2022-04-25 | 4.0 MEDIUM | 4.3 MEDIUM |
| A flaw was found in Keycloak in versions before 9.0.2. This flaw allows a malicious user that is currently logged in, to see the personal information of a previously logged out user in the account manager section. | |||||
| CVE-2020-1733 | 3 Debian, Fedoraproject, Redhat | 6 Debian Linux, Fedora, Ansible and 3 more | 2022-04-25 | 3.7 LOW | 5.0 MEDIUM |
| A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with an unprivileged become user. When Ansible needs to run a module with become user, the temporary directory is created in /var/tmp. This directory is created with "umask 77 && mkdir -p <dir>"; this operation does not fail if the directory already exists and is owned by another user. An attacker could take advantage to gain control of the become user as the target directory can be retrieved by iterating '/proc/<pid>/cmdline'. | |||||
| CVE-2020-2095 | 1 Jenkins | 1 Redgate Sql Change Automation | 2022-04-25 | 4.0 MEDIUM | 4.3 MEDIUM |
| Jenkins Redgate SQL Change Automation Plugin 2.0.4 and earlier stored an API key unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system. | |||||
| CVE-2021-41178 | 1 Nextcloud | 1 Server | 2022-04-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| Nextcloud is an open-source, self-hosted productivity platform. Prior to versions 20.0.13, 21.0.5, and 22.2.0, a file traversal vulnerability makes an attacker able to download arbitrary SVG images from the host system, including user provided files. This could also be leveraged into a XSS/phishing attack, an attacker could upload a malicious SVG file that mimics the Nextcloud login form and send a specially crafted link to victims. The XSS risk here is mitigated due to the fact that Nextcloud employs a strict Content-Security-Policy disallowing execution of arbitrary JavaScript. It is recommended that the Nextcloud Server be upgraded to 20.0.13, 21.0.5 or 22.2.0. There are no known workarounds aside from upgrading. | |||||
| CVE-2021-36012 | 1 Adobe | 2 Adobe Commerce, Magento Open Source | 2022-04-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a business logic error in the placeOrder graphql mutation. An authenticated attacker can leverage this vulnerability to altar the price of an item. | |||||
| CVE-2021-32796 | 1 Xmldom Project | 1 Xmldom | 2022-04-25 | 5.0 MEDIUM | 5.3 MEDIUM |
| xmldom is an open source pure JavaScript W3C standard-based (XML DOM Level 2 Core) DOMParser and XMLSerializer module. xmldom versions 0.6.0 and older do not correctly escape special characters when serializing elements removed from their ancestor. This may lead to unexpected syntactic changes during XML processing in some downstream applications. This issue has been resolved in version 0.7.0. As a workaround downstream applications can validate the input and reject the maliciously crafted documents. | |||||
| CVE-2021-1569 | 1 Cisco | 1 Jabber | 2022-04-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for Mac, and Cisco Jabber for mobile platforms could allow an attacker to access sensitive information or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2021-3509 | 1 Redhat | 1 Ceph Storage | 2022-04-25 | 4.3 MEDIUM | 6.1 MEDIUM |
| A flaw was found in Red Hat Ceph Storage 4, in the Dashboard component. In response to CVE-2020-27839, the JWT token was moved from localStorage to an httpOnly cookie. However, token cookies are used in the body of the HTTP response for the documentation, which again makes it available to XSS.The greatest threat to the system is for confidentiality, integrity, and availability. | |||||
| CVE-2021-1394 | 1 Cisco | 1 Ios Xe | 2022-04-25 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability in the ingress traffic manager of Cisco IOS XE Software for Cisco Network Convergence System (NCS) 520 Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition in the web management interface of an affected device. This vulnerability is due to incorrect processing of certain IPv4 TCP traffic that is destined to an affected device. An attacker could exploit this vulnerability by sending a large number of crafted TCP packets to the affected device. A successful exploit could allow the attacker to cause the web management interface to become unavailable, resulting in a DoS condition. Note: This vulnerability does not impact traffic that is going through the device or going to the Management Ethernet interface of the device. | |||||
| CVE-2021-1377 | 1 Cisco | 2 Ios, Ios Xe | 2022-04-25 | 5.0 MEDIUM | 5.8 MEDIUM |
| A vulnerability in Address Resolution Protocol (ARP) management of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent an affected device from resolving ARP entries for legitimate hosts on the connected subnets. This vulnerability exists because ARP entries are mismanaged. An attacker could exploit this vulnerability by continuously sending traffic that results in incomplete ARP entries. A successful exploit could allow the attacker to cause ARP requests on the device to be unsuccessful for legitimate hosts, resulting in a denial of service (DoS) condition. | |||||
| CVE-2022-1001 | 1 Wp Downgrade Project | 1 Wp Downgrade | 2022-04-25 | 3.5 LOW | 4.8 MEDIUM |
| The WP Downgrade WordPress plugin before 1.2.3 only perform client side validation of its "WordPress Target Version" settings, but does not sanitise and escape it server side, allowing high privilege users such as admin to perform Cross-Site attacks even when the unfiltered_html capability is disallowed | |||||
| CVE-2022-0707 | 1 Sandhillsdev | 1 Easy Digital Downloads | 2022-04-25 | 4.3 MEDIUM | 4.3 MEDIUM |
| The Easy Digital Downloads WordPress plugin before 2.11.6 does not have CSRF check in place when inserting payment notes, which could allow attackers to make a logged admin insert arbitrary notes via a CSRF attack | |||||
| CVE-2022-22844 | 3 Debian, Libtiff, Netapp | 3 Debian Linux, Libtiff, Ontap Select Deploy Administration Utility | 2022-04-25 | 4.3 MEDIUM | 5.5 MEDIUM |
| LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field. | |||||
| CVE-2022-0706 | 1 Sandhillsdev | 1 Easy Digital Downloads | 2022-04-25 | 2.1 LOW | 4.8 MEDIUM |
| The Easy Digital Downloads WordPress plugin before 2.11.6 does not sanitise and escape the Downloadable File Name in the Logs, which could allow high privilege users to perform Cross-Site Scripting attacks when the unfiltered_html capability is disallowed | |||||
| CVE-2021-25120 | 1 Easysocialfeed | 1 Easy Social Feed | 2022-04-25 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Easy Social Feed Free and Pro WordPress plugins before 6.2.7 do not sanitise some of their parameters used via AJAX actions before outputting them back in the response, leading to Reflected Cross-Site Scripting issues | |||||
| CVE-2022-27853 | 1 Contest-gallery | 1 Contest Gallery | 2022-04-25 | 3.5 LOW | 4.8 MEDIUM |
| Authenticated (author or higher role) Stored Cross-Site Scripting (XSS) in Contest Gallery (WordPress plugin) <= 13.1.0.9 | |||||
| CVE-2022-26785 | 1 Microsoft | 3 Windows Server 2016, Windows Server 2019, Windows Server 2022 | 2022-04-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-24490, CVE-2022-24539, CVE-2022-26783. | |||||
| CVE-2022-26784 | 1 Microsoft | 4 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 1 more | 2022-04-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-24484, CVE-2022-24538. | |||||
| CVE-2022-26783 | 1 Microsoft | 3 Windows Server 2016, Windows Server 2019, Windows Server 2022 | 2022-04-25 | 6.8 MEDIUM | 6.5 MEDIUM |
| Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-24490, CVE-2022-24539, CVE-2022-26785. | |||||
| CVE-2021-42782 | 2 Fedoraproject, Opensc Project | 2 Fedora, Opensc | 2022-04-25 | 5.0 MEDIUM | 5.3 MEDIUM |
| Stack buffer overflow issues were found in Opensc before version 0.22.0 in various places that could potentially crash programs using the library. | |||||
| CVE-2021-42781 | 3 Fedoraproject, Opensc Project, Redhat | 3 Fedora, Opensc, Enterprise Linux | 2022-04-25 | 5.0 MEDIUM | 5.3 MEDIUM |
| Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library. | |||||
| CVE-2021-42780 | 3 Fedoraproject, Opensc Project, Redhat | 3 Fedora, Opensc, Enterprise Linux | 2022-04-25 | 5.0 MEDIUM | 5.3 MEDIUM |
| A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the library. | |||||
| CVE-2022-24539 | 1 Microsoft | 3 Windows Server 2016, Windows Server 2019, Windows Server 2022 | 2022-04-25 | 6.8 MEDIUM | 6.5 MEDIUM |
| Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-24490, CVE-2022-26783, CVE-2022-26785. | |||||
| CVE-2022-20661 | 1 Cisco | 6 Cdb-8p, Cdb-8u, Cmicr-4pc and 3 more | 2022-04-25 | 4.9 MEDIUM | 4.6 MEDIUM |
| Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2022-28870 | 1 F-secure | 1 Safe | 2022-04-25 | 4.3 MEDIUM | 4.3 MEDIUM |
| A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the address bar was not correct if navigation fails. | |||||
| CVE-2022-20677 | 1 Cisco | 62 8101-32fh, 8101-32h, 8102-64h and 59 more | 2022-04-25 | 7.2 HIGH | 6.7 MEDIUM |
| Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2021-40405 | 1 Reolink | 2 Rlc-410w, Rlc-410w Firmware | 2022-04-25 | 6.8 MEDIUM | 6.5 MEDIUM |
| A denial of service vulnerability exists in the cgiserver.cgi Upgrade API functionality of Reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2022-20676 | 1 Cisco | 1 Ios Xe | 2022-04-25 | 7.2 HIGH | 6.7 MEDIUM |
| A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS XE Software could allow an authenticated, local attacker to escalate from privilege level 15 to root-level privileges. This vulnerability is due to insufficient input validation of data that is passed into the Tcl interpreter. An attacker could exploit this vulnerability by loading malicious Tcl code on an affected device. A successful exploit could allow the attacker to execute arbitrary commands as root. By default, Tcl shell access requires privilege level 15. | |||||
| CVE-2022-27422 | 1 Chamilo | 1 Chamilo Lms | 2022-04-25 | 4.3 MEDIUM | 6.1 MEDIUM |
| A reflected cross-site scripting (XSS) vulnerability in Chamilo LMS v1.11.13 allows attackers to execute arbitrary web scripts or HTML via user interaction with a crafted URL. | |||||
| CVE-2022-27425 | 1 Chamilo | 1 Chamilo | 2022-04-25 | 4.3 MEDIUM | 6.1 MEDIUM |
| Chamilo LMS v1.11.13 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /blog/blog.php. | |||||