Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-31058 | 1 Enalean | 1 Tuleap | 2022-07-15 | 6.5 MEDIUM | 7.2 HIGH |
| Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions prior to 13.9.99.95 Tuleap does not sanitize properly user inputs when constructing the SQL query to retrieve data for the tracker reports. An attacker with the capability to create a new tracker can execute arbitrary SQL queries. Users are advised to upgrade. There is no known workaround for this issue. | |||||
| CVE-2022-31032 | 1 Enalean | 1 Tuleap | 2022-07-15 | 4.0 MEDIUM | 4.3 MEDIUM |
| Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions prior to 13.9.99.58 authorizations are not properly verified when creating projects or trackers from projects marked as templates. Users can get access to information in those template projects because the permissions model is not properly enforced. Users are advised to upgrade. There are no known workarounds for this issue. | |||||
| CVE-2022-31063 | 1 Enalean | 1 Tuleap | 2022-07-15 | 3.5 LOW | 5.4 MEDIUM |
| Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions prior to 13.9.99.111 the title of a document is not properly escaped in the search result of MyDocmanSearch widget and in the administration page of the locked documents. A malicious user with the capability to create a document could force victim to execute uncontrolled code. Users are advised to upgrade. There are no known workarounds for this issue. | |||||
| CVE-2022-33737 | 1 Openvpn | 1 Openvpn Access Server | 2022-07-15 | 5.0 MEDIUM | 7.5 HIGH |
| The OpenVPN Access Server installer creates a log file readable for everyone, which from version 2.10.0 and before 2.11.0 may contain a random generated admin password | |||||
| CVE-2022-31135 | 1 Aceattorneyonline | 1 Akashi | 2022-07-15 | 7.8 HIGH | 7.5 HIGH |
| Akashi is an open source server implementation of the Attorney Online video game based on the Ace Attorney universe. Affected versions of Akashi are subject to a denial of service attack. An attacker can use a specially crafted evidence packet to make an illegal modification, causing a server crash. This can be used to mount a denial-of-service exploit. Users are advised to upgrade. There is no known workaround for this issue. | |||||
| CVE-2022-32208 | 1 Haxx | 1 Curl | 2022-07-15 | 4.3 MEDIUM | 5.9 MEDIUM |
| When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client. | |||||
| CVE-2022-32207 | 1 Haxx | 1 Curl | 2022-07-15 | 7.5 HIGH | 9.8 CRITICAL |
| When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended. | |||||
| CVE-2022-32206 | 1 Haxx | 1 Curl | 2022-07-15 | 4.3 MEDIUM | 6.5 MEDIUM |
| curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors. | |||||
| CVE-2022-33098 | 1 Magnolia-cms | 1 Magnolia Cms | 2022-07-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| Magnolia CMS v6.2.19 was discovered to contain a cross-site scripting (XSS) vulnerability via the Edit Contact function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | |||||
| CVE-2022-28889 | 1 Apache | 1 Druid | 2022-07-15 | 4.3 MEDIUM | 4.3 MEDIUM |
| In Apache Druid 0.22.1 and earlier, the server did not set appropriate headers to prevent clickjacking. Druid 0.23.0 and later prevent clickjacking using the Content-Security-Policy header. | |||||
| CVE-2022-32055 | 1 Nesote | 1 Inout Homestay | 2022-07-15 | 5.0 MEDIUM | 7.5 HIGH |
| Inout Homestay v2.2 was discovered to contain a SQL injection vulnerability via the guests parameter at /index.php?page=search/rentals. | |||||
| CVE-2022-32056 | 1 Online Accreditation Management System Project | 1 Online Accreditation Management System | 2022-07-15 | 7.5 HIGH | 9.8 CRITICAL |
| Online Accreditation Management v1.0 was discovered to contain a SQL injection vulnerability via the USERNAME parameter at process.php. | |||||
| CVE-2021-44791 | 1 Apache | 1 Druid | 2022-07-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| In Apache Druid 0.22.1 and earlier, certain specially-crafted links result in unescaped URL parameters being sent back in HTML responses. This makes it possible to execute reflected XSS attacks. | |||||
| CVE-2021-29281 | 1 Gfi | 1 Archiver | 2022-07-15 | 7.5 HIGH | 9.8 CRITICAL |
| File upload vulnerability in GFI Mail Archiver versions up to and including 15.1 via insecure implementation of Telerik Web UI plugin which is affected by CVE-2014-2217, and CVE-2017-11317. | |||||
| CVE-2022-2321 | 1 Heroiclabs | 1 Nakama | 2022-07-14 | 5.0 MEDIUM | 9.8 CRITICAL |
| Improper Restriction of Excessive Authentication Attempts in GitHub repository heroiclabs/nakama prior to 3.13.0. This results in login brute-force attacks. | |||||
| CVE-2022-2306 | 1 Heroiclabs | 1 Nakama | 2022-07-14 | 5.0 MEDIUM | 7.5 HIGH |
| Old session tokens can be used to authenticate to the application and send authenticated requests. | |||||
| CVE-2022-35230 | 1 Zabbix | 1 Zabbix | 2022-07-14 | 3.5 LOW | 5.4 MEDIUM |
| An authenticated user can create a link with reflected Javascript code inside it for the graphs page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. | |||||
| CVE-2022-22681 | 1 Synology | 1 Photo Station | 2022-07-14 | 5.0 MEDIUM | 7.5 HIGH |
| Session fixation vulnerability in access control management in Synology Photo Station before 6.8.16-3506 allows remote attackers to bypass security constraint via unspecified vectors. | |||||
| CVE-2022-32290 | 1 Northern.tech | 1 Mender | 2022-07-14 | 3.3 LOW | 4.3 MEDIUM |
| The client in Northern.tech Mender 3.2.0, 3.2.1, and 3.2.2 has Incorrect Access Control. It listens on a random, unprivileged TCP port and exposes an HTTP proxy to facilitate API calls from additional client components running on the device. However, it listens on all network interfaces instead of only the localhost interface. Therefore, any client on the same network can connect to this TCP port and send HTTP requests. The Mender Client will forward these requests to the Mender Server. Additionally, if mTLS is set up, the Mender Client will connect to the Mender Server using the device's client certificate, making it possible for the attacker to bypass mTLS authentication and send requests to the Mender Server without direct access to the client certificate and related private key. Accessing the HTTP proxy from the local network doesn't represent a direct threat, because it doesn't expose any device or server-specific data. However, it increases the attack surface and can be a potential vector to exploit other vulnerabilities both on the Client and the Server. | |||||
| CVE-2022-31133 | 1 Humhub | 1 Humhub | 2022-07-14 | 3.5 LOW | 4.8 MEDIUM |
| HumHub is an Open Source Enterprise Social Network. Affected versions of HumHub are vulnerable to a stored Cross-Site Scripting (XSS) vulnerability. For exploitation, the attacker would need a permission to administer the Spaces feature. The names of individual "spaces" are not properly escaped and so an attacker with sufficient privilege could insert malicious javascript into a space name and exploit system users who visit that space. It is recommended that the HumHub is upgraded to 1.11.4, 1.10.5. There are no known workarounds for this issue. | |||||
| CVE-2021-31645 | 1 Glftpd | 1 Glftpd | 2022-07-14 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in glFTPd 2.11a that allows remote attackers to cause a denial of service via exceeding the connection limit. | |||||
| CVE-2021-28507 | 1 Arista | 1 Eos | 2022-07-14 | 4.9 MEDIUM | 7.1 HIGH |
| An issue has recently been discovered in Arista EOS where, under certain conditions, the service ACL configured for OpenConfig gNOI and OpenConfig RESTCONF might be bypassed, which results in the denied requests being forwarded to the agent. | |||||
| CVE-2021-28506 | 1 Arista | 1 Eos | 2022-07-14 | 9.4 HIGH | 9.1 CRITICAL |
| An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip authorization and authentication which could potentially allow a factory reset of the device. | |||||
| CVE-2022-32441 | 1 Hex-rays | 1 Ida | 2022-07-14 | 4.3 MEDIUM | 5.5 MEDIUM |
| A memory corruption in Hex Rays Ida Pro v6.6 allows attackers to cause a Denial of Service (DoS) via a crafted file. Related to Data from Faulting Address controls subsequent Write Address starting at msvcrt!memcpy+0x0000000000000056. | |||||
| CVE-2021-28501 | 1 Arista | 1 Terminattr | 2022-07-14 | 6.9 MEDIUM | 7.8 HIGH |
| An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration. | |||||
| CVE-2022-23714 | 2 Elastic, Microsoft | 2 Endpoint Security, Windows | 2022-07-14 | 7.2 HIGH | 7.8 HIGH |
| A local privilege escalation (LPE) issue was discovered in the ransomware canaries features of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account. | |||||
| CVE-2021-35248 | 2 Microsoft, Solarwinds | 2 Windows, Orion Platform | 2022-07-14 | 4.0 MEDIUM | 4.3 MEDIUM |
| It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings entity and enumerate users and their basic settings. | |||||
| CVE-2022-23172 | 1 Priority-software | 1 Priority | 2022-07-14 | 4.0 MEDIUM | 4.3 MEDIUM |
| An attacker can access to "Forgot my password" button, as soon as he puts users is valid in the system, the system would issue a message that a password reset email had been sent to user. This way you can verify which users are in the system and which are not. | |||||
| CVE-2022-30929 | 1 Mini Tmall Project | 1 Mini Tmall | 2022-07-14 | 6.5 MEDIUM | 8.8 HIGH |
| Mini-Tmall v1.0 is vulnerable to Insecure Permissions via tomcat-embed-jasper. | |||||
| CVE-2022-23173 | 1 Priority-software | 1 Priority | 2022-07-14 | 6.5 MEDIUM | 6.3 MEDIUM |
| this vulnerability affect user that even not allowed to access via the web interface. First of all, the attacker needs to access the "Login menu - demo site" then he can see in this menu all the functionality of the application. If the attacker will try to click on one of the links, he will get an answer that he is not authorized because he needs to log in with credentials. after he performed log in to the system there are some functionalities that the specific user is not allowed to perform because he was configured with low privileges however all the attacker need to do in order to achieve his goals is to change the value of the prog step parameter from 0 to 1 or more and then the attacker could access to some of the functionality the web application that he couldn't perform it before the parameter changed. | |||||
| CVE-2015-1785 | 1 Imagely | 1 Nextgen Gallery | 2022-07-14 | 4.3 MEDIUM | 6.5 MEDIUM |
| In nextgen-galery wordpress plugin before 2.0.77.3 there are two vulnerabilities which can allow an attacker to gain full access over the web application. The vulnerabilities lie in how the application validates user uploaded files and lack of security measures preventing unwanted HTTP requests. | |||||
| CVE-2022-30619 | 1 Agilepoint | 1 Agilepoint Nx | 2022-07-14 | 6.5 MEDIUM | 8.8 HIGH |
| Editable SQL Queries behind Base64 encoding sending from the Client-Side to The Server-Side for a particular API used in legacy Work Center module. He attack is available for any authenticated user, in any kind of rule. under the function : /AgilePointServer/Extension/FetchUsingEncodedData in the parameter: EncodedData | |||||
| CVE-2015-1784 | 1 Imagely | 1 Nextgen Gallery | 2022-07-14 | 6.5 MEDIUM | 8.8 HIGH |
| In nextgen-galery wordpress plugin before 2.0.77.3 there are two vulnerabilities which can allow an attacker to gain full access over the web application. The vulnerabilities lie in how the application validates user uploaded files and lack of security measures preventing unwanted HTTP requests. | |||||
| CVE-2022-33996 | 1 Devolutions | 1 Devolutions Server | 2022-07-14 | 6.5 MEDIUM | 8.8 HIGH |
| Incorrect permission management in Devolutions Server before 2022.2 allows a new user with a preexisting username to inherit the permissions of that previous user. | |||||
| CVE-2022-23713 | 1 Elastic | 1 Kibana | 2022-07-14 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross-site-scripting (XSS) vulnerability was discovered in the Vega Charts Kibana integration which could allow arbitrary JavaScript to be executed in a victim’s browser. | |||||
| CVE-2022-25047 | 1 Control-webpanel | 1 Webpanel | 2022-07-14 | 4.3 MEDIUM | 5.9 MEDIUM |
| The password reset token in CWP v0.9.8.1126 is generated using known or predictable values. | |||||
| CVE-2022-25048 | 1 Control-webpanel | 1 Webpanel | 2022-07-14 | 9.0 HIGH | 8.8 HIGH |
| Command injection vulnerability in CWP v0.9.8.1126 that allows normal users to run commands as the root user. | |||||
| CVE-2022-27549 | 1 Hcltechsw | 1 Hcl Launch | 2022-07-14 | 2.1 LOW | 5.5 MEDIUM |
| HCL Launch may store certain data for recurring activities in a plain text format. | |||||
| CVE-2022-27548 | 1 Hcltechsw | 1 Hcl Launch | 2022-07-14 | 2.1 LOW | 5.5 MEDIUM |
| HCL Launch stores user credentials in plain clear text which can be read by a local user. | |||||
| CVE-2015-3207 | 1 Openshift | 1 Origin | 2022-07-14 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Openshift Origin 3 the cookies being set in console have no 'secure', 'HttpOnly' attributes. | |||||
| CVE-2022-21787 | 2 Google, Mediatek | 13 Android, Mt6833, Mt6853 and 10 more | 2022-07-14 | 4.6 MEDIUM | 6.7 MEDIUM |
| In audio DSP, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06558844; Issue ID: ALPS06558844. | |||||
| CVE-2022-32567 | 1 Appfire | 1 Jira Misc Custom Fields | 2022-07-14 | 3.5 LOW | 5.4 MEDIUM |
| The Appfire Jira Misc Custom Fields (JMCF) app 2.4.6 for Atlassian Jira allows XSS via a crafted project name to the Add Auto Indexing Rule function. | |||||
| CVE-2022-2339 | 1 Xgenecloud | 1 Nocodb | 2022-07-14 | 5.0 MEDIUM | 7.5 HIGH |
| With this SSRF vulnerability, an attacker can reach internal addresses to make a request as the server and read it's contents. This attack can lead to leak of sensitive information. | |||||
| CVE-2022-2342 | 1 Getoutline | 1 Outline | 2022-07-14 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository outline/outline prior to v0.64.4. | |||||
| CVE-2022-33980 | 1 Apache | 1 Commons Configuration | 2022-07-14 | 7.5 HIGH | 9.8 CRITICAL |
| Apache Commons Configuration performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", where "prefix" is used to locate an instance of org.apache.commons.configuration2.interpol.Lookup that performs the interpolation. Starting with version 2.4 and continuing through 2.7, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - "script" - execute expressions using the JVM script execution engine (javax.script) - "dns" - resolve dns records - "url" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values are used. Users are recommended to upgrade to Apache Commons Configuration 2.8.0, which disables the problematic interpolators by default. | |||||
| CVE-2021-25501 | 1 Google | 1 Android | 2022-07-14 | 2.1 LOW | 3.3 LOW |
| An improper access control vulnerability in SCloudBnRReceiver in SecTelephonyProvider prior to SMR Nov-2021 Release 1 allows untrusted application to call some protected providers. | |||||
| CVE-2022-20862 | 1 Cisco | 1 Unified Communications Manager | 2022-07-14 | 4.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to read arbitrary files on the underlying operating system of an affected device. This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to an affected system. A successful exploit could allow the attacker to access sensitive files on the operating system. | |||||
| CVE-2022-24140 | 1 Iobit | 5 Advanced System Care, Driver Booster, Itop Screen Recorder and 2 more | 2022-07-14 | 6.0 MEDIUM | 6.6 MEDIUM |
| IOBit Advanced System Care 15, iTop Screen Recorder 2.1, iTop VPN 3.2, Driver Booster 9, and iTop Screenshot sends HTTP requests in their update procedure in order to download a config file. After downloading the config file, the products will parse the HTTP location of the update from the file and will try to install the update automatically with ADMIN privileges. An attacker Intercepting this communication can supply the product a fake config file with malicious locations for the updates thus gaining a remote code execution on an endpoint. | |||||
| CVE-2022-20859 | 1 Cisco | 3 Unified Communications Manager, Unified Communications Manager Im And Presence Service, Unity Connection | 2022-07-14 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability in the Disaster Recovery framework of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), and Cisco Unity Connection could allow an authenticated, remote attacker to perform certain administrative actions they should not be able to. This vulnerability is due to insufficient access control checks on the affected device. An attacker with read-only privileges could exploit this vulnerability by executing a specific vulnerable command on an affected device. A successful exploit could allow the attacker to perform a set of administrative actions they should not be able to. | |||||
| CVE-2021-20023 | 1 Sonicwall | 2 Email Security, Hosted Email Security | 2022-07-14 | 4.0 MEDIUM | 4.9 MEDIUM |
| SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to read an arbitrary file on the remote host. | |||||