Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-31147 | 1 Jqueryvalidation | 1 Jquery Validation | 2022-07-21 | N/A | 7.5 HIGH |
| The jQuery Validation Plugin (jquery-validation) provides drop-in validation for forms. Versions of jquery-validation prior to 1.19.5 are vulnerable to regular expression denial of service (ReDoS) when an attacker is able to supply arbitrary input to the url2 method. This is due to an incomplete fix for CVE-2021-43306. Users should upgrade to version 1.19.5 to receive a patch. | |||||
| CVE-2022-31156 | 1 Gradle | 1 Gradle | 2022-07-20 | N/A | 4.4 MEDIUM |
| Gradle is a build tool. Dependency verification is a security feature in Gradle Build Tool that was introduced to allow validation of external dependencies either through their checksum or cryptographic signatures. In versions 6.2 through 7.4.2, there are some cases in which Gradle may skip that verification and accept a dependency that would otherwise fail the build as an untrusted external artifact. This can occur in two ways. When signature verification is disabled but the verification metadata contains entries for dependencies that only have a `gpg` element but no `checksum` element. When signature verification is enabled, the verification metadata contains entries for dependencies with a `gpg` element but there is no signature file on the remote repository. In both cases, the verification will accept the dependency, skipping signature verification and not complaining that the dependency has no checksum entry. For builds that are vulnerable, there are two risks. Gradle could download a malicious binary from a repository outside your organization due to name squatting. For those still using HTTP only and not HTTPS for downloading dependencies, the build could download a malicious library instead of the expected one. Gradle 7.5 patches this issue by making sure to run checksum verification if signature verification cannot be completed, whatever the reason. Two workarounds are available: Remove all `gpg` elements from dependency verification metadata if you disable signature validation and/or avoid adding `gpg` entries for dependencies that do not have signature files. | |||||
| CVE-2022-32246 | 1 Sap | 1 Business Objects Business Intelligence Platform | 2022-07-20 | 4.9 MEDIUM | 4.6 MEDIUM |
| SAP Busines Objects Business Intelligence Platform (Visual Difference Application) - versions 420, 430, allows an authenticated attacker who has access to BI admin console to send crafted queries and extract data from the SQL backend. On successful exploitation, the attacker can cause limited impact on confidentiality and integrity of the application | |||||
| CVE-2022-35227 | 1 Sap | 1 Netweaver Enterprise Portal | 2022-07-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| A vulnerability in SAP NW EP (WPC) - versions 7.30, 7.31, 7.40, 7.50, which does not sufficiently validate user-controlled input, allows a remote attacker to conduct a Cross-Site (XSS) scripting attack. A successful exploit could allow the attacker to execute arbitrary script code which could lead to stealing or modifying of authentication information of the user, such as data relating to his or her current session. | |||||
| CVE-2022-35225 | 1 Sap | 1 Netweaver Enterprise Portal | 2022-07-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting (XSS) vulnerability, therefore changing the scope of the attack. This leads to limited impact on confidentiality and integrity of data. | |||||
| CVE-2022-35170 | 1 Sap | 1 Netweaver Enterprise Portal | 2022-07-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| SAP NetWeaver Enterprise Portal does - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting (XSS) vulnerability, therefore changing the scope of the attack. This leads to limited impact on confidentiality and integrity of data. | |||||
| CVE-2022-35169 | 1 Sap | 1 Businessobjects Business Intelligence Platform | 2022-07-20 | 6.5 MEDIUM | 6.0 MEDIUM |
| SAP BusinessObjects Business Intelligence Platform (LCM) - versions 420, 430, allows an attacker with an admin privilege to read and decrypt LCMBIAR file's password under certain conditions, enabling the attacker to modify the password or import the file into another system causing high impact on confidentiality but a limited impact on the availability and integrity of the application. | |||||
| CVE-2022-35168 | 1 Sap | 1 Business One | 2022-07-20 | 5.0 MEDIUM | 7.5 HIGH |
| Due to improper input sanitization of XML input in SAP Business One - version 10.0, an attacker can perform a denial-of-service attack rendering the system temporarily inoperative. | |||||
| CVE-2022-32249 | 1 Sap | 1 Business One | 2022-07-20 | 5.0 MEDIUM | 7.5 HIGH |
| Under special integration scenario of SAP Business one and SAP HANA - version 10.0, an attacker can exploit HANA cockpit?s data volume to gain access to highly sensitive information (e.g., high privileged account credentials) | |||||
| CVE-2022-32248 | 1 Sap | 1 S\/4hana | 2022-07-20 | 5.0 MEDIUM | 5.3 MEDIUM |
| Due to missing input validation in the Manage Checkbooks component of SAP S/4HANA - version 101, 102, 103, 104, 105, 106, an attacker could insert or edit the value of an existing field in the database. This leads to an impact on the integrity of the data. | |||||
| CVE-2022-32247 | 1 Sap | 1 Netweaver Enterprise Portal | 2022-07-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, is susceptible to script execution attack by an unauthenticated attacker due to improper sanitization of the User inputs while interacting on the Network. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application. | |||||
| CVE-2017-11147 | 2 Netapp, Php | 2 Clustered Data Ontap, Php | 2022-07-20 | 6.4 MEDIUM | 9.1 CRITICAL |
| In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the phar_parse_pharfile function in ext/phar/phar.c. | |||||
| CVE-2022-35410 | 2 0xacab, Debian | 2 Mat2, Debian Linux | 2022-07-20 | 5.0 MEDIUM | 7.5 HIGH |
| mat2 (aka metadata anonymisation toolkit) before 0.13.0 allows ../ directory traversal during the ZIP archive cleaning process. This primarily affects mat2 web instances, in which clients could obtain sensitive information via a crafted archive. | |||||
| CVE-2015-8391 | 4 Fedoraproject, Oracle, Pcre and 1 more | 9 Fedora, Linux, Pcre and 6 more | 2022-07-20 | 9.0 HIGH | 9.8 CRITICAL |
| The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | |||||
| CVE-2022-22370 | 1 Ibm | 1 Security Verify Access | 2022-07-20 | 3.5 LOW | 5.4 MEDIUM |
| IBM Security Verify Access 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 221194. | |||||
| CVE-2022-32425 | 1 Mealie | 1 Mealie | 2022-07-20 | N/A | 5.3 MEDIUM |
| The login function of Mealie v1.0.0beta-2 allows attackers to enumerate existing usernames by timing the server's response time. | |||||
| CVE-2021-36665 | 1 Druva | 1 Insync Client | 2022-07-20 | 7.2 HIGH | 7.8 HIGH |
| An issue was discovered in Druva 6.9.0 for macOS, allows attackers to gain escalated local privileges via the inSyncUpgradeDaemon. | |||||
| CVE-2016-10160 | 3 Debian, Netapp, Php | 3 Debian Linux, Clustered Data Ontap, Php | 2022-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PHAR archive with an alias mismatch. | |||||
| CVE-2016-1283 | 4 Fedoraproject, Oracle, Pcre and 1 more | 4 Fedora, Solaris, Pcre and 1 more | 2022-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the /((?:F?+(?:^(?(R)a+\"){99}-))(?J)(?'R'(?'R'<((?'RR'(?'R'\){97)?J)?J)(?'R'(?'R'\){99|(:(?|(?'R')(\k'R')|((?'R')))H'R'R)(H'R))))))/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | |||||
| CVE-2016-3078 | 1 Php | 1 Php | 2022-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple integer overflows in php_zip.c in the zip extension in PHP before 7.0.6 allow remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted call to (1) getFromIndex or (2) getFromName in the ZipArchive class. | |||||
| CVE-2016-3074 | 6 Canonical, Debian, Fedoraproject and 3 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2022-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflow. | |||||
| CVE-2016-4346 | 2 Opensuse, Php | 3 Leap, Opensuse, Php | 2022-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| Integer overflow in the str_pad function in ext/standard/string.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow. | |||||
| CVE-2016-4345 | 1 Php | 1 Php | 2022-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| Integer overflow in the php_filter_encode_url function in ext/filter/sanitizing_filters.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow. | |||||
| CVE-2016-4344 | 1 Php | 1 Php | 2022-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| Integer overflow in the xml_utf8_encode function in ext/xml/xml.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long argument to the utf8_encode function, leading to a heap-based buffer overflow. | |||||
| CVE-2016-4544 | 4 Debian, Fedoraproject, Opensuse and 1 more | 5 Debian Linux, Fedora, Leap and 2 more | 2022-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate TIFF start data, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data. | |||||
| CVE-2016-5770 | 3 Debian, Opensuse, Php | 4 Debian Linux, Leap, Opensuse and 1 more | 2022-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| Integer overflow in the SplFileObject::fread function in spl_directory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a related issue to CVE-2016-5096. | |||||
| CVE-2016-5771 | 3 Debian, Opensuse, Php | 4 Debian Linux, Leap, Opensuse and 1 more | 2022-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| spl_array.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) via crafted serialized data. | |||||
| CVE-2016-5772 | 4 Debian, Opensuse, Php and 1 more | 7 Debian Linux, Leap, Opensuse and 4 more | 2022-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| Double free vulnerability in the php_wddx_process_data function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted XML data that is mishandled in a wddx_deserialize call. | |||||
| CVE-2016-7480 | 2 Netapp, Php | 2 Clustered Data Ontap, Php | 2022-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| The SplObjectStorage unserialize implementation in ext/spl/spl_observer.c in PHP before 7.0.12 does not verify that a key is an object, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access) via crafted serialized data. | |||||
| CVE-2017-5340 | 2 Netapp, Php | 2 Clustered Data Ontap, Php | 2022-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| Zend/zend_hash.c in PHP before 7.0.15 and 7.1.x before 7.1.1 mishandles certain cases that require large array allocations, which allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow, uninitialized memory access, and use of arbitrary destructor function pointers) via crafted serialized data. | |||||
| CVE-2017-9120 | 2 Netapp, Php | 2 Storage Automation Store, Php | 2022-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a long string because of an Integer overflow in mysqli_real_escape_string. | |||||
| CVE-2017-9226 | 2 Oniguruma Project, Php | 2 Oniguruma, Php | 2022-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read occurs in next_state_val() during regular expression compilation. Octal numbers larger than 0xff are not handled correctly in fetch_token() and fetch_token_in_cc(). A malformed regular expression containing an octal number in the form of '\700' would produce an invalid code point value larger than 0xff in next_state_val(), resulting in an out-of-bounds write memory corruption. | |||||
| CVE-2017-9224 | 2 Oniguruma Project, Php | 2 Oniguruma, Php | 2022-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in match_at() during regular expression searching. A logical error involving order of validation and access in match_at() could result in an out-of-bounds read from a stack buffer. | |||||
| CVE-2017-9228 | 2 Oniguruma Project, Php | 2 Oniguruma, Php | 2022-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitset_set_range() during regular expression compilation due to an uninitialized variable from an incorrect state transition. An incorrect state transition in parse_char_class() could create an execution path that leaves a critical local variable uninitialized until it's used as an index, resulting in an out-of-bounds write memory corruption. | |||||
| CVE-2017-9227 | 2 Oniguruma Project, Php | 2 Oniguruma, Php | 2022-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in mbc_enc_len() during regular expression searching. Invalid handling of reg->dmin in forward_search_range() could result in an invalid pointer dereference, as an out-of-bounds read from a stack buffer. | |||||
| CVE-2019-13224 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2022-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte encoding that gets handled by onig_new_deluxe(). Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust. | |||||
| CVE-2017-8923 | 1 Php | 1 Php | 2022-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact by leveraging a script's use of .= with a long string. | |||||
| CVE-2015-8866 | 4 Canonical, Opensuse, Php and 1 more | 6 Ubuntu Linux, Leap, Opensuse and 3 more | 2022-07-20 | 6.8 MEDIUM | 9.6 CRITICAL |
| ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when PHP-FPM is used, does not isolate each thread from libxml_disable_entity_loader changes in other threads, which allows remote attackers to conduct XML External Entity (XXE) and XML Entity Expansion (XEE) attacks via a crafted XML document, a related issue to CVE-2015-5161. | |||||
| CVE-2016-4343 | 2 Opensuse, Php | 2 Opensuse, Php | 2022-07-20 | 6.8 MEDIUM | 8.8 HIGH |
| The phar_make_dirstream function in ext/phar/dirstream.c in PHP before 5.6.18 and 7.x before 7.0.3 mishandles zero-size ././@LongLink files, which allows remote attackers to cause a denial of service (uninitialized pointer dereference) or possibly have unspecified other impact via a crafted TAR archive. | |||||
| CVE-2016-5612 | 3 Mariadb, Oracle, Redhat | 8 Mariadb, Mysql, Enterprise Linux Desktop and 5 more | 2022-07-20 | 4.0 MEDIUM | 6.5 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.5.50 and earlier, 5.6.31 and earlier, and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML. | |||||
| CVE-2012-5612 | 4 Canonical, Mariadb, Oracle and 1 more | 6 Ubuntu Linux, Mariadb, Mysql and 3 more | 2022-07-20 | 6.5 MEDIUM | N/A |
| Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code, as demonstrated using certain variations of the (1) USE, (2) SHOW TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM, (6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER TABLE, (10) DELETE FROM, (11) UPDATE, and (12) SET PASSWORD commands. | |||||
| CVE-2021-36667 | 1 Druva | 1 Insync Client | 2022-07-20 | 4.6 MEDIUM | 7.8 HIGH |
| Command injection vulnerability in Druva inSync 6.9.0 for MacOS, allows attackers to execute arbitrary commands via crafted payload to the local HTTP server due to un-sanitized call to the python os.system library. | |||||
| CVE-2020-6922 | 1 Hp | 1 Support Assistant | 2022-07-20 | 6.8 MEDIUM | 7.8 HIGH |
| Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. | |||||
| CVE-2020-6921 | 1 Hp | 1 Support Assistant | 2022-07-20 | 6.8 MEDIUM | 7.8 HIGH |
| Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. | |||||
| CVE-2020-6920 | 1 Hp | 1 Support Assistant | 2022-07-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. | |||||
| CVE-2020-6919 | 1 Hp | 1 Support Assistant | 2022-07-20 | 6.8 MEDIUM | 7.8 HIGH |
| Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. | |||||
| CVE-2020-6918 | 1 Hp | 1 Support Assistant | 2022-07-20 | 6.8 MEDIUM | 7.8 HIGH |
| Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. | |||||
| CVE-2020-6917 | 1 Hp | 1 Support Assistant | 2022-07-20 | 6.8 MEDIUM | 7.8 HIGH |
| Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. | |||||
| CVE-2022-33633 | 1 Microsoft | 2 Lync Server, Skype For Business | 2022-07-20 | 6.5 MEDIUM | 7.2 HIGH |
| Skype for Business and Lync Remote Code Execution Vulnerability. | |||||
| CVE-2021-36668 | 1 Druva | 1 Insync Client | 2022-07-20 | 4.6 MEDIUM | 7.8 HIGH |
| URL injection in Driva inSync 6.9.0 for MacOS, allows attackers to force a visit to an arbitrary url via the port parameter to the Electron App. | |||||