Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-34132 | 1 Jorani Project | 1 Jorani | 2022-07-06 | 7.5 HIGH | 9.8 CRITICAL |
| Benjamin BALET Jorani v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at application/controllers/Leaves.php. | |||||
| CVE-2022-34064 | 1 Zibal Project | 1 Zibal | 2022-07-06 | 7.5 HIGH | 9.8 CRITICAL |
| The Zibal package in PyPI v1.0.0 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | |||||
| CVE-2022-34295 | 1 Totd Project | 1 Totd | 2022-07-06 | 4.3 MEDIUM | 6.5 MEDIUM |
| totd before 1.5.3 does not properly randomize mesg IDs. | |||||
| CVE-2022-22502 | 1 Ibm | 3 Robotic Process Automation, Robotic Process Automation As A Service, Robotic Process Automation For Cloud Pak | 2022-07-06 | 3.5 LOW | 5.4 MEDIUM |
| IBM Robotic Process Automation 21.0.1 and 21.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 227124. | |||||
| CVE-2022-1776 | 1 Icegram | 1 Popups\, Welcome Bar\, Optins And Lead Generation Plugin | 2022-07-06 | 3.5 LOW | 5.4 MEDIUM |
| The Popups, Welcome Bar, Optins and Lead Generation Plugin WordPress plugin before 2.1.8 does not sanitize and escape some campaign parameters, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks | |||||
| CVE-2022-2208 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2022-07-06 | 4.3 MEDIUM | 5.5 MEDIUM |
| NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163. | |||||
| CVE-2022-2216 | 1 Parse-url Project | 1 Parse-url | 2022-07-06 | 7.5 HIGH | 9.8 CRITICAL |
| Server-Side Request Forgery (SSRF) in GitHub repository ionicabizau/parse-url prior to 7.0.0. | |||||
| CVE-2022-1844 | 1 Wp-sentry Project | 1 Wp-sentry | 2022-07-06 | 4.3 MEDIUM | 4.3 MEDIUM |
| The WP Sentry WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well | |||||
| CVE-2022-1843 | 1 Mailpress Project | 1 Mailpress | 2022-07-06 | 4.3 MEDIUM | 6.5 MEDIUM |
| The MailPress WordPress plugin through 7.2.1 does not have CSRF checks in various places, which could allow attackers to make a logged in admin change the settings, purge log files and more via CSRF attacks | |||||
| CVE-2022-2207 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2022-07-06 | 7.5 HIGH | 9.8 CRITICAL |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | |||||
| CVE-2022-1842 | 1 Openbook Book Data Project | 1 Openbook Book Data | 2022-07-06 | 4.3 MEDIUM | 4.3 MEDIUM |
| The OpenBook Book Data WordPress plugin through 3.5.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well | |||||
| CVE-2022-1885 | 1 Cimy Header Image Rotator Project | 1 Cimy Header Image Rotator | 2022-07-06 | 4.3 MEDIUM | 4.3 MEDIUM |
| The Cimy Header Image Rotator WordPress plugin through 6.1.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | |||||
| CVE-2022-1847 | 1 Rotating Posts Project | 1 Rotating Posts | 2022-07-06 | 4.3 MEDIUM | 4.3 MEDIUM |
| The Rotating Posts WordPress plugin through 1.11 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | |||||
| CVE-2022-1846 | 1 Tiny Contact Form Project | 1 Tiny Contact Form | 2022-07-06 | 4.3 MEDIUM | 4.3 MEDIUM |
| The Tiny Contact Form WordPress plugin through 0.7 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | |||||
| CVE-2022-2217 | 1 Parse-url Project | 1 Parse-url | 2022-07-06 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site Scripting (XSS) - Generic in GitHub repository ionicabizau/parse-url prior to 7.0.0. | |||||
| CVE-2022-1845 | 1 Wp Post Styling Project | 1 Wp Post Styling | 2022-07-06 | 4.3 MEDIUM | 4.3 MEDIUM |
| The WP Post Styling WordPress plugin before 1.3.1 does not have CSRF checks in various actions, which could allow attackers to make a logged in admin delete plugin's data, update the settings, add new entries and more via CSRF attacks | |||||
| CVE-2022-0722 | 1 Parse-url Project | 1 Parse-url | 2022-07-06 | 5.0 MEDIUM | 7.5 HIGH |
| Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository ionicabizau/parse-url prior to 7.0.0. | |||||
| CVE-2022-1913 | 1 Add Post Url Project | 1 Add Post Url | 2022-07-06 | 4.3 MEDIUM | 4.3 MEDIUM |
| The Add Post URL WordPress plugin through 2.1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping | |||||
| CVE-2022-1904 | 1 Fatcatapps | 1 Easy Pricing Tables | 2022-07-06 | 2.6 LOW | 6.1 MEDIUM |
| The Pricing Tables WordPress Plugin WordPress plugin before 3.2.1 does not sanitise and escape parameter before outputting it back in a page available to any user (both authenticated and unauthenticated) when a specific setting is enabled, leading to a Reflected Cross-Site Scripting | |||||
| CVE-2022-1903 | 1 Armemberplugin | 1 Armember | 2022-07-06 | 6.8 MEDIUM | 8.1 HIGH |
| The ARMember WordPress plugin before 3.4.8 is vulnerable to account takeover (even the administrator) due to missing nonce and authorization checks in an AJAX action available to unauthenticated users, allowing them to change the password of arbitrary users by knowing their username | |||||
| CVE-2022-1960 | 1 Mycss Project | 1 Mycss | 2022-07-06 | 4.3 MEDIUM | 4.3 MEDIUM |
| The MyCSS WordPress plugin through 1.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | |||||
| CVE-2022-2041 | 1 Brizy | 1 Brizy-page Builder | 2022-07-06 | 3.5 LOW | 5.4 MEDIUM |
| The Brizy WordPress plugin before 2.4.2 does not sanitise and escape some element content, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks | |||||
| CVE-2022-2040 | 1 Brizy | 1 Brizy-page Builder | 2022-07-06 | 3.5 LOW | 5.4 MEDIUM |
| The Brizy WordPress plugin before 2.4.2 does not sanitise and escape some element URL, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks | |||||
| CVE-2022-1953 | 1 Product Configurator For Woocommerce Project | 1 Product Configurator For Woocommerce | 2022-07-06 | 6.4 MEDIUM | 9.1 CRITICAL |
| The Product Configurator for WooCommerce WordPress plugin before 1.2.32 suffers from an arbitrary file deletion vulnerability via an AJAX action, accessible to unauthenticated users, which accepts user input that is being used in a path and passed to unlink() without validation first | |||||
| CVE-2022-1916 | 1 Pluginus | 1 Active Products Tables For Woocommerce | 2022-07-06 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Active Products Tables for WooCommerce. Professional products tables for WooCommerce store WordPress plugin before 1.0.5 does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected cross-Site Scripting | |||||
| CVE-2022-1914 | 1 Clean-contact Project | 1 Clean-contact | 2022-07-06 | 4.3 MEDIUM | 4.3 MEDIUM |
| The Clean-Contact WordPress plugin through 1.6 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored XSS due to the lack of sanitisation and escaping as well | |||||
| CVE-2022-28217 | 1 Sap | 1 Netweaver | 2022-07-06 | 4.0 MEDIUM | 6.5 MEDIUM |
| Some part of SAP NetWeaver (EP Web Page Composer) does not sufficiently validate an XML document accepted from an untrusted source, which allows an adversary to exploit unprotected XML parking at endpoints, and a possibility to conduct SSRF attacks that could compromise system?s Availability by causing system to crash. | |||||
| CVE-2022-29617 | 1 Sap | 1 Contributor License Agreement Assistant | 2022-07-06 | 4.0 MEDIUM | 6.5 MEDIUM |
| Due to improper error handling an authenticated user can crash CLA assistant instance. This could impact the availability of the application. | |||||
| CVE-2022-32530 | 1 Schneider-electric | 1 Geo Scada Mobile | 2022-07-06 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-668 Exposure of Resource to Wrong Sphere vulnerability exists that could cause users to be misled, hiding alarms, showing the wrong server connection option or the wrong control request when a mobile device has been compromised by a malicious application. Affected Product: Geo SCADA Mobile (Build 222 and prior) | |||||
| CVE-2022-33910 | 1 Mantisbt | 1 Mantisbt | 2022-07-06 | 3.5 LOW | 5.4 MEDIUM |
| An XSS vulnerability in MantisBT before 2.25.5 allows remote attackers to attach crafted SVG documents to issue reports or bugnotes. When a user or an admin clicks on the attachment, file_download.php opens the SVG document in a browser tab instead of downloading it as a file, causing the JavaScript code to execute. | |||||
| CVE-2022-21231 | 1 Deep-get-set Project | 1 Deep-get-set | 2022-07-06 | 7.5 HIGH | 9.8 CRITICAL |
| All versions of package deep-get-set are vulnerable to Prototype Pollution via the 'deep' function. **Note:** This vulnerability derives from an incomplete fix of [CVE-2020-7715](https://security.snyk.io/vuln/SNYK-JS-DEEPGETSET-598666) | |||||
| CVE-2022-29578 | 1 Meridian | 1 Meridian | 2022-07-06 | 5.0 MEDIUM | 5.3 MEDIUM |
| Meridian Cooperative Utility Software versions 22.02 and 22.03 allows remote attackers to obtain sensitive information such as name, address, and daily energy usage. | |||||
| CVE-2020-18648 | 1 Juqingcms | 1 Juqingcms | 2022-07-06 | 6.8 MEDIUM | 8.8 HIGH |
| Cross Site Request Forgery (CSRF) in JuQingCMS v1.0 allows remote attackers to gain local privileges via the component "JuQingCMS_v1.0/admin/index.php?c=administrator&a=add". | |||||
| CVE-2022-29097 | 1 Dell | 1 Wyse Management Suite | 2022-07-06 | 4.0 MEDIUM | 4.9 MEDIUM |
| Dell WMS 3.6.1 and below contains a Path Traversal vulnerability in Device API. A remote attacker could potentially exploit this vulnerability, to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application. | |||||
| CVE-2022-29096 | 1 Dell | 1 Wyse Management Suite | 2022-07-06 | 3.5 LOW | 5.4 MEDIUM |
| Dell Wyse Management Suite 3.6.1 and below contains a Reflected Cross-Site Scripting Vulnerability in saveGroupConfigurations page. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery. | |||||
| CVE-2022-20829 | 1 Cisco | 25 Adaptive Security Device Manager, Asa 5512-x, Asa 5512-x Firmware and 22 more | 2022-07-06 | 9.0 HIGH | 7.2 HIGH |
| A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM) images and the validation of those images by Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker with administrative privileges to upload an ASDM image that contains malicious code to a device that is running Cisco ASA Software. This vulnerability is due to insufficient validation of the authenticity of an ASDM image during its installation on a device that is running Cisco ASA Software. An attacker could exploit this vulnerability by installing a crafted ASDM image on the device that is running Cisco ASA Software and then waiting for a targeted user to access that device using ASDM. A successful exploit could allow the attacker to execute arbitrary code on the machine of the targeted user with the privileges of that user on that machine. Notes: To successfully exploit this vulnerability, the attacker must have administrative privileges on the device that is running Cisco ASA Software. Potential targets are limited to users who manage the same device that is running Cisco ASA Software using ASDM. Cisco has released and will release software updates that address this vulnerability. | |||||
| CVE-2021-42056 | 3 Linux, Microsoft, Thalesgroup | 3 Linux Kernel, Windows, Safenet Authentication Client | 2022-07-06 | 7.2 HIGH | 6.7 MEDIUM |
| Thales Safenet Authentication Client (SAC) for Linux and Windows through 10.7.7 creates insecure temporary hid and lock files allowing a local attacker, through a symlink attack, to overwrite arbitrary files, and potentially achieve arbitrary command execution with high privileges. | |||||
| CVE-2022-20828 | 1 Cisco | 20 Asa Firepower, Firepower 1010, Firepower 1120 and 17 more | 2022-07-06 | 9.0 HIGH | 7.2 HIGH |
| A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWER module as the root user. This vulnerability is due to improper handling of undefined command parameters. An attacker could exploit this vulnerability by using a crafted command on the CLI or by submitting a crafted HTTPS request to the web-based management interface of the Cisco ASA that is hosting the ASA FirePOWER module. Note: To exploit this vulnerability, the attacker must have administrative access to the Cisco ASA. A user who has administrative access to a particular Cisco ASA is also expected to have administrative access to the ASA FirePOWER module that is hosted by that Cisco ASA. | |||||
| CVE-2022-1977 | 1 Smackcoders | 1 Download Import All Xml\, Csv \& Txt Into Wordpress | 2022-07-06 | 6.0 MEDIUM | 7.2 HIGH |
| The Import Export All WordPress Images, Users & Post Types WordPress plugin before 6.5.3 does not fully validate the file to be imported via an URL before making an HTTP request to it, which could allow high privilege users such as admin to perform Blind SSRF attacks | |||||
| CVE-2022-1971 | 1 Wpgetready | 1 Nextcellent Gallery | 2022-07-06 | 3.5 LOW | 4.8 MEDIUM |
| The NextCellent Gallery WordPress plugin through 1.9.35 does not sanitise and escape some of its image settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup) | |||||
| CVE-2022-1964 | 1 Easy Svg Support Project | 1 Easy Svg Support | 2022-07-06 | 3.5 LOW | 5.4 MEDIUM |
| The Easy SVG Support WordPress plugin before 3.3.0 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads | |||||
| CVE-2022-1995 | 1 Miniorange | 1 Malware Scanner | 2022-07-06 | 3.5 LOW | 4.8 MEDIUM |
| The Malware Scanner WordPress plugin before 4.5.2 does not sanitise and escape some of its settings, leading to malicious users with administrator privileges to store malicious Javascript code leading to Cross-Site Scripting attacks when unfiltered_html is disallowed (for example in multisite setup) | |||||
| CVE-2022-1994 | 1 Miniorange | 1 Login With Otp Over Sms\, Email\, Whatsapp And Google Authenticator | 2022-07-06 | 3.5 LOW | 4.8 MEDIUM |
| The Login With OTP Over SMS, Email, WhatsApp and Google Authenticator WordPress plugin before 1.0.8 does not escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed | |||||
| CVE-2022-2102 | 1 Secheron | 2 Sepcos Control And Protection Relay, Sepcos Control And Protection Relay Firmware | 2022-07-06 | 5.0 MEDIUM | 7.5 HIGH |
| Controls limiting uploads to certain file extensions may be bypassed. This could allow an attacker to intercept the initial file upload page response and modify the associated code. This modified code can be forwarded and used by a script loaded later in the sequence, allowing for arbitrary file upload into a location where PHP scripts may be executed. | |||||
| CVE-2022-32209 | 1 Rubyonrails | 1 Rails Html Sanitizers | 2022-07-06 | 4.3 MEDIUM | 6.1 MEDIUM |
| # Possible XSS Vulnerability in Rails::Html::SanitizerThere is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer.This vulnerability has been assigned the CVE identifier CVE-2022-32209.Versions Affected: ALLNot affected: NONEFixed Versions: v1.4.3## ImpactA possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer's allowed tags to allow both `select` and `style` elements.Code is only impacted if allowed tags are being overridden. This may be done via application configuration:```ruby# In config/application.rbconfig.action_view.sanitized_allowed_tags = ["select", "style"]```see https://guides.rubyonrails.org/configuring.html#configuring-action-viewOr it may be done with a `:tags` option to the Action View helper `sanitize`:```<%= sanitize @comment.body, tags: ["select", "style"] %>```see https://api.rubyonrails.org/classes/ActionView/Helpers/SanitizeHelper.html#method-i-sanitizeOr it may be done with Rails::Html::SafeListSanitizer directly:```ruby# class-level optionRails::Html::SafeListSanitizer.allowed_tags = ["select", "style"]```or```ruby# instance-level optionRails::Html::SafeListSanitizer.new.sanitize(@article.body, tags: ["select", "style"])```All users overriding the allowed tags by any of the above mechanisms to include both "select" and "style" should either upgrade or use one of the workarounds immediately.## ReleasesThe FIXED releases are available at the normal locations.## WorkaroundsRemove either `select` or `style` from the overridden allowed tags.## CreditsThis vulnerability was responsibly reported by [windshock](https://hackerone.com/windshock?type=user). | |||||
| CVE-2022-28619 | 1 Hpe | 1 Control Repository Manager | 2022-07-06 | 4.6 MEDIUM | 7.8 HIGH |
| A potential security vulnerability has been identified in the installer of HPE Version Control Repository Manager. The vulnerability could allow local escalation of privilege. HPE has made the following software update to resolve the vulnerability in HPE Version Control Repository Manager installer 7.6.14.0. | |||||
| CVE-2022-2105 | 1 Secheron | 2 Sepcos Control And Protection Relay, Sepcos Control And Protection Relay Firmware | 2022-07-06 | 6.4 MEDIUM | 9.1 CRITICAL |
| Client-side JavaScript controls may be bypassed to change user credentials and permissions without authentication, including a “root” user level meant only for the vendor. Web server root level access allows for changing of safety critical parameters. | |||||
| CVE-2022-2104 | 1 Secheron | 2 Sepcos Control And Protection Relay, Sepcos Control And Protection Relay Firmware | 2022-07-06 | 7.5 HIGH | 9.8 CRITICAL |
| The www-data (Apache web server) account is configured to run sudo with no password for many commands (including /bin/sh and /bin/bash). | |||||
| CVE-2022-24851 | 1 Ldap-account-manager | 1 Ldap Account Manager | 2022-07-06 | 3.5 LOW | 4.8 MEDIUM |
| LDAP Account Manager (LAM) is an open source web frontend for managing entries stored in an LDAP directory. The profile editor tool has an edit profile functionality, the parameters on this page are not properly sanitized and hence leads to stored XSS attacks. An authenticated user can store XSS payloads in the profiles, which gets triggered when any other user try to access the edit profile page. The pdf editor tool has an edit pdf profile functionality, the logoFile parameter in it is not properly sanitized and an user can enter relative paths like ../../../../../../../../../../../../../usr/share/icons/hicolor/48x48/apps/gvim.png via tools like burpsuite. Later when a pdf is exported using the edited profile the pdf icon has the image on that path(if image is present). Both issues require an attacker to be able to login to LAM admin interface. The issue is fixed in version 7.9.1. | |||||
| CVE-2022-31813 | 1 Apache | 1 Http Server | 2022-07-06 | 7.5 HIGH | 9.8 CRITICAL |
| Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application. | |||||