Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-19153 | 2022-07-07 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none. | |||||
| CVE-2019-19152 | 2022-07-07 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none. | |||||
| CVE-2021-3779 | 1 Ruby-mysql Project | 1 Ruby-mysql | 2022-07-07 | 4.3 MEDIUM | 6.5 MEDIUM |
| A malicious MySQL server can request local file content from a client using ruby-mysql prior to version 2.10.0 without explicit authorization from the user. This issue was resolved in version 2.10.0 and later. | |||||
| CVE-2017-20120 | 1 Trueconf | 1 Server | 2022-07-07 | 6.8 MEDIUM | 8.8 HIGH |
| A vulnerability classified as problematic was found in TrueConf Server 4.3.7. This vulnerability affects unknown code of the file /admin/service/stop/. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2017-20119 | 1 Trueconf | 1 Server | 2022-07-07 | 5.8 MEDIUM | 6.1 MEDIUM |
| A vulnerability classified as problematic has been found in TrueConf Server 4.3.7. This affects an unknown part of the file /admin/general/change-lang. The manipulation of the argument redirect_url leads to open redirect. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2022-33042 | 1 Online Railway Reservation System Project | 1 Online Railway Reservation System | 2022-07-07 | 6.5 MEDIUM | 7.2 HIGH |
| Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/inquiries/view_details.php. | |||||
| CVE-2021-39074 | 1 Ibm | 1 Security Guardium | 2022-07-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| IBM Security Guardium 11.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
| CVE-2022-2252 | 1 Microweber | 1 Microweber | 2022-07-07 | 5.8 MEDIUM | 6.1 MEDIUM |
| Open Redirect in GitHub repository microweber/microweber prior to 1.2.19. | |||||
| CVE-2022-33061 | 1 Online Railway Reservation System Project | 1 Online Railway Reservation System | 2022-07-07 | 6.5 MEDIUM | 7.2 HIGH |
| Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_service. | |||||
| CVE-2022-33060 | 1 Online Railway Reservation System Project | 1 Online Railway Reservation System | 2022-07-07 | 6.5 MEDIUM | 7.2 HIGH |
| Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_schedule. | |||||
| CVE-2022-33059 | 1 Online Railway Reservation System Project | 1 Online Railway Reservation System | 2022-07-07 | 6.5 MEDIUM | 7.2 HIGH |
| Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_train. | |||||
| CVE-2022-31093 | 1 Nextauth.js | 1 Next-auth | 2022-07-07 | 5.0 MEDIUM | 7.5 HIGH |
| NextAuth.js is a complete open source authentication solution for Next.js applications. In affected versions an attacker can send a request to an app using NextAuth.js with an invalid `callbackUrl` query parameter, which internally is converted to a `URL` object. The URL instantiation would fail due to a malformed URL being passed into the constructor, causing it to throw an unhandled error which led to the **API route handler timing out and logging in to fail**. This has been remedied in versions 3.29.5 and 4.5.0. If for some reason you cannot upgrade, the workaround requires you to rely on Advanced Initialization. Please see the documentation for more. | |||||
| CVE-2022-33058 | 1 Online Railway Reservation System Project | 1 Online Railway Reservation System | 2022-07-07 | 6.5 MEDIUM | 7.2 HIGH |
| Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_message. | |||||
| CVE-2022-33057 | 1 Online Railway Reservation System Project | 1 Online Railway Reservation System | 2022-07-07 | 6.5 MEDIUM | 7.2 HIGH |
| Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_reservation. | |||||
| CVE-2022-26477 | 1 Apache | 1 Systemds | 2022-07-07 | 5.0 MEDIUM | 7.5 HIGH |
| The Security Team noticed that the termination condition of the for loop in the readExternal method is a controllable variable, which, if tampered with, may lead to CPU exhaustion. As a fix, we added an upper bound and termination condition in the read and write logic. We classify it as a "low-priority but useful improvement". SystemDS is a distributed system and needs to serialize/deserialize data but in many code paths (e.g., on Spark broadcast/shuffle or writing to sequence files) the byte stream is anyway protected by additional CRC fingerprints. In this particular case though, the number of decoders is upper-bounded by twice the number of columns, which means an attacker would need to modify two entries in the byte stream in a consistent manner. By adding these checks robustness was strictly improved with almost zero overhead. These code changes are available in versions higher than 2.2.1. | |||||
| CVE-2017-20110 | 1 Calabrio | 1 Teleopti Workforce Management | 2022-07-07 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability, which was classified as problematic, has been found in Teleopti WFM up to 7.1.0. Affected by this issue is some unknown functionality of the component Administration. The manipulation as part of JSON leads to information disclosure (Credentials). The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2017-20109 | 1 Calabrio | 1 Teleopti Workforce Management | 2022-07-07 | 4.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability classified as problematic was found in Teleopti WFM up to 7.1.0. Affected by this vulnerability is an unknown functionality of the file /TeleoptiWFM/Administration/GetOneTenant of the component Administration. The manipulation leads to information disclosure (Credentials). The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2022-31076 | 1 Linuxfoundation | 1 Kubeedge | 2022-07-07 | 2.7 LOW | 5.7 MEDIUM |
| KubeEdge is built upon Kubernetes and extends native containerized application orchestration and device management to hosts at the Edge. In affected versions a malicious message can crash CloudCore by triggering a nil-pointer dereference in the UDS Server. Since the UDS Server only communicates with the CSI Driver on the cloud side, the attack is limited to the local host network. As such, an attacker would already need to be an authenticated user of the Cloud. Additionally it will be affected only when users turn on the unixsocket switch in the config file cloudcore.yaml. This bug has been fixed in Kubeedge 1.11.0, 1.10.1, and 1.9.3. Users should update to these versions to resolve the issue. Users unable to upgrade should sisable the unixsocket switch of CloudHub in the config file cloudcore.yaml. | |||||
| CVE-2022-31065 | 1 Bigbluebutton | 1 Bigbluebutton | 2022-07-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| BigBlueButton is an open source web conferencing system. In affected versions an attacker can embed malicious JS in their username and have it executed on the victim's client. When a user receives a private chat from the attacker (whose username contains malicious JavaScript), the script gets executed. Additionally when the victim receives a notification that the attacker has left the session. This issue has been patched in version 2.4.8 and 2.5.0. There are no known workarounds for this issue. | |||||
| CVE-2017-20111 | 1 Calabrio | 1 Teleopti Workforce Management | 2022-07-07 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, was found in Teleopti WFM 7.1.0. This affects an unknown part of the component Administration. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2022-31064 | 1 Bigbluebutton | 1 Bigbluebutton | 2022-07-07 | 2.1 LOW | 5.4 MEDIUM |
| BigBlueButton is an open source web conferencing system. Users in meetings with private chat enabled are vulnerable to a cross site scripting attack in affected versions. The attack occurs when the attacker (with xss in the name) starts a chat. in the victim's client the JavaScript will be executed. This issue has been addressed in version 2.4.8 and 2.5.0. There are no known workarounds for this issue. | |||||
| CVE-2017-20112 | 1 Ivpn | 1 Ivpn | 2022-07-07 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability has been found in IVPN Client 2.6.6120.33863 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument --up cmd leads to improper privilege management. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 2.6.2 is able to address this issue. It is recommended to upgrade the affected component. | |||||
| CVE-2021-40943 | 1 Axiosys | 1 Bento4 | 2022-07-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| In Bento4 1.6.0-638, there is a null pointer reference in the function AP4_DescriptorListInspector::Action function in Ap4Descriptor.h:124 , as demonstrated by GPAC. This can cause a denial of service (DOS). | |||||
| CVE-2021-40942 | 1 Gpac | 1 Gpac | 2022-07-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| In GPAC MP4Box v1.1.0, there is a heap-buffer-overflow in the function filter_parse_dyn_args function in filter_core/filter.c:1454, as demonstrated by GPAC. This can cause a denial of service (DOS). | |||||
| CVE-2022-31094 | 1 Scratchstatus | 1 Scratchtools | 2022-07-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| ScratchTools is a web extension designed to make interacting with the Scratch programming language community (Scratching) easier. In affected versions anybody who uses the Recently Viewed Projects feature is vulnerable to having their account taken over if they view a project that tries to. The issue is that if a user visits a project that includes Javascript in the title, then when the Recently Viewed Projects feature displays it, it could run the Javascript. This issue has been addressed in the 2.5.2 release. Users having issues scratching should open an issue in the project issue tracker https://github.com/STForScratch/ScratchTools/ | |||||
| CVE-2022-31089 | 1 Parseplatform | 1 Parse-server | 2022-07-07 | 5.0 MEDIUM | 7.5 HIGH |
| Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In affected versions certain types of invalid files requests are not handled properly and can crash the server. If you are running multiple Parse Server instances in a cluster, the availability impact may be low; if you are running Parse Server as single instance without redundancy, the availability impact may be high. This issue has been addressed in versions 4.10.12 and 5.2.3. Users are advised to upgrade. There are no known workarounds for this issue. | |||||
| CVE-2017-20103 | 1 Wp-kama | 1 Kama Click Counter | 2022-07-07 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability classified as critical has been found in Kama Click Counter Plugin up to 3.4.8. This affects an unknown part of the file wp-admin/admin.php. The manipulation of the argument order_by/order with the input ASC%2c(select*from(select(sleep(2)))a) leads to sql injection (Blind). It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.4.9 is able to address this issue. It is recommended to upgrade the affected component. | |||||
| CVE-2022-31017 | 1 Zulip | 1 Zulip | 2022-07-07 | 2.1 LOW | 2.6 LOW |
| Zulip is an open-source team collaboration tool. Versions 2.1.0 through and including 5.2 are vulnerable to a logic error. A stream configured as private with protected history, where new subscribers should not be allowed to see messages sent before they were subscribed, when edited causes the server to incorrectly send an API event that includes the edited message to all of the stream’s current subscribers. This API event is ignored by official clients, but can be observed by using a modified client or the browser’s developer tools. This bug will be fixed in Zulip Server 5.3. There are no known workarounds. | |||||
| CVE-2021-40609 | 1 Gpac | 1 Gpac | 2022-07-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| The GetHintFormat function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command. | |||||
| CVE-2022-28622 | 1 Hpe | 2 Storeonce 3640, Storeonce 3640 Firmware | 2022-07-07 | 5.0 MEDIUM | 7.5 HIGH |
| A potential security vulnerability has been identified in HPE StoreOnce Software. The SSH server supports weak key exchange algorithms which could lead to remote unauthorized access. HPE has made the following software update to resolve the vulnerability in HPE StoreOnce Software 4.3.2. | |||||
| CVE-2022-28168 | 1 Broadcom | 1 Sannav | 2022-07-07 | 5.0 MEDIUM | 7.5 HIGH |
| In Brocade SANnav before Brocade SANnav v2.2.0.2 and Brocade SANnav2.1.1.8, encoded scp-server passwords are stored using Base64 encoding, which could allow an attacker able to access log files to easily decode the passwords. | |||||
| CVE-2022-31082 | 1 Glpi-project | 1 Glpi Inventory | 2022-07-07 | 7.5 HIGH | 9.8 CRITICAL |
| GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. glpi-inventory-plugin is a plugin for GLPI to handle inventory management. In affected versions a SQL injection can be made using package deployment tasks. This issue has been resolved in version 1.0.2. Users are advised to upgrade. Users unable to upgrade should delete the `front/deploypackage.public.php` file if they are not using the `deploy tasks` feature. | |||||
| CVE-2021-40944 | 1 Gpac | 1 Gpac | 2022-07-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| In GPAC MP4Box 1.1.0, there is a Null pointer reference in the function gf_filter_pid_get_packet function in src/filter_core/filter_pid.c:5394, as demonstrated by GPAC. This can cause a denial of service (DOS). | |||||
| CVE-2022-31057 | 1 Shopware | 1 Shopware | 2022-07-07 | 3.5 LOW | 5.4 MEDIUM |
| Shopware is an open source e-commerce software made in Germany. Versions of Shopware 5 prior to version 5.7.12 are subject to an authenticated Stored XSS in Administration. Users are advised to upgrade. There are no known workarounds for this issue. | |||||
| CVE-2022-0085 | 1 Dompdf Project | 1 Dompdf | 2022-07-07 | 4.3 MEDIUM | 5.3 MEDIUM |
| Server-Side Request Forgery (SSRF) in GitHub repository dompdf/dompdf prior to 2.0.0. | |||||
| CVE-2022-31039 | 1 Bigbluebutton | 1 Greenlight | 2022-07-07 | 5.0 MEDIUM | 5.3 MEDIUM |
| Greenlight is a simple front-end interface for your BigBlueButton server. In affected versions an attacker can view any room's settings even though they are not authorized to do so. Only the room owner and administrator should be able to view a room's settings. This issue has been patched in release version 2.12.6. | |||||
| CVE-2021-41460 | 1 Shopex | 1 Ecshop | 2022-07-07 | 5.0 MEDIUM | 7.5 HIGH |
| ECShop 4.1.0 has SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information. | |||||
| CVE-2022-31036 | 1 Linuxfoundation | 1 Argo-cd | 2022-07-07 | 4.0 MEDIUM | 4.3 MEDIUM |
| Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. All versions of Argo CD starting with v1.3.0 are vulnerable to a symlink following bug allowing a malicious user with repository write access to leak sensitive YAML files from Argo CD's repo-server. A malicious Argo CD user with write access for a repository which is (or may be) used in a Helm-type Application may commit a symlink which points to an out-of-bounds file. If the target file is a valid YAML file, the attacker can read the contents of that file. Sensitive files which could be leaked include manifest files from other Applications' source repositories (potentially decrypted files, if you are using a decryption plugin) or any YAML-formatted secrets which have been mounted as files on the repo-server. Patches for this vulnerability has been released in the following Argo CD versions: v2.4.1, v2.3.5, v2.2.10 and v2.1.16. If you are using a version >=v2.3.0 and do not have any Helm-type Applications you may disable the Helm config management tool as a workaround. | |||||
| CVE-2014-8113 | 2022-07-07 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none. | |||||
| CVE-2014-7854 | 2022-07-07 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none. | |||||
| CVE-2014-3918 | 2022-07-07 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none. | |||||
| CVE-2014-3705 | 2022-07-07 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none. | |||||
| CVE-2014-3658 | 2022-07-07 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none. | |||||
| CVE-2014-3644 | 2022-07-07 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none. | |||||
| CVE-2022-31035 | 1 Linuxfoundation | 1 Argo-cd | 2022-07-07 | 3.5 LOW | 5.4 MEDIUM |
| Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. All versions of Argo CD starting with v1.0.0 are vulnerable to a cross-site scripting (XSS) bug allowing a malicious user to inject a `javascript:` link in the UI. When clicked by a victim user, the script will execute with the victim's permissions (up to and including admin). The script would be capable of doing anything which is possible in the UI or via the API, such as creating, modifying, and deleting Kubernetes resources. A patch for this vulnerability has been released in the following Argo CD versions: v2.4.1, v2.3.5, v2.2.10 and v2.1.16. There are no completely-safe workarounds besides upgrading. | |||||
| CVE-2022-31034 | 1 Linuxfoundation | 1 Argo-cd | 2022-07-07 | 6.8 MEDIUM | 8.1 HIGH |
| Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. All versions of Argo CD starting with v0.11.0 are vulnerable to a variety of attacks when an SSO login is initiated from the Argo CD CLI or UI. The vulnerabilities are due to the use of insufficiently random values in parameters in Oauth2/OIDC login flows. In each case, using a relatively-predictable (time-based) seed in a non-cryptographically-secure pseudo-random number generator made the parameter less random than required by the relevant spec or by general best practices. In some cases, using too short a value made the entropy even less sufficient. The attacks on login flows which are meant to be mitigated by these parameters are difficult to accomplish but can have a high impact potentially granting an attacker admin access to Argo CD. Patches for this vulnerability has been released in the following Argo CD versions: v2.4.1, v2.3.5, v2.2.10 and v2.1.16. There are no known workarounds for this vulnerability. | |||||
| CVE-2017-20105 | 1 Simplessus | 1 Simplessus | 2022-07-07 | 5.5 MEDIUM | 8.1 HIGH |
| A vulnerability was found in Simplessus 3.7.7. It has been rated as critical. This issue affects some unknown processing. The manipulation of the argument path with the input ..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.8.3 is able to address this issue. It is recommended to upgrade the affected component. | |||||
| CVE-2021-33651 | 1 Mindspore | 1 Mindspore | 2022-07-07 | 5.0 MEDIUM | 7.5 HIGH |
| When performing the analytical operation of the DepthwiseConv2D operator, if the attribute depth_multiplier is 0, it will cause a division by 0 exception. | |||||
| CVE-2022-31061 | 1 Glpi-project | 1 Glpi | 2022-07-07 | 7.5 HIGH | 9.8 CRITICAL |
| GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected versions there is a SQL injection vulnerability which is possible on login page. No user credentials are required to exploit this vulnerability. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue. | |||||
| CVE-2022-31056 | 1 Glpi-project | 1 Glpi | 2022-07-07 | 7.5 HIGH | 9.8 CRITICAL |
| GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected versions all assistance forms (Ticket/Change/Problem) permit sql injection on the actor fields. This issue has been resolved in version 10.0.2 and all affected users are advised to upgrade. | |||||