Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-23267 | 1 Craftercms | 1 Crafter Cms | 2022-05-25 | 9.0 HIGH | 8.8 HIGH |
| Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker static methods. | |||||
| CVE-2022-1731 | 1 Allgeier | 1 Metasonic Doc Webclient | 2022-05-25 | 6.8 MEDIUM | 9.8 CRITICAL |
| Metasonic Doc WebClient 7.0.14.0 / 7.0.12.0 / 7.0.3.0 is vulnerable to a SQL injection attack in the username field. SSO or System authentication are required to be enabled for vulnerable conditions to exist. | |||||
| CVE-2022-1728 | 1 Trudesk Project | 1 Trudesk | 2022-05-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| Allowing long password leads to denial of service in polonel/trudesk in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications. | |||||
| CVE-2022-1721 | 1 Diagrams | 1 Draw.io | 2022-05-25 | 5.0 MEDIUM | 7.5 HIGH |
| Path Traversal in WellKnownServlet in GitHub repository jgraph/drawio prior to 18.0.5. Read local files of the web application. | |||||
| CVE-2022-1713 | 1 Diagrams | 1 Draw.io | 2022-05-25 | 5.0 MEDIUM | 7.5 HIGH |
| SSRF on /proxy in GitHub repository jgraph/drawio prior to 18.0.4. An attacker can make a request as the server and read its contents. This can lead to a leak of sensitive information. | |||||
| CVE-2022-1726 | 1 Bootstrap-table | 1 Bootstrap Table | 2022-05-25 | 3.5 LOW | 5.4 MEDIUM |
| Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table prior to 1.20.2. Disclosing session cookies, disclosing secure session data, exfiltrating data to third-parties. | |||||
| CVE-2022-1559 | 1 Clipr | 1 Clipr | 2022-05-25 | 3.5 LOW | 4.8 MEDIUM |
| The Clipr WordPress plugin through 1.2.3 does not sanitise and escape its API Key settings before outputting it in an attribute, leading to a Stored Cross-Site Scripting issue even when the unfiltered_html capability is disallowed | |||||
| CVE-2022-1557 | 1 Uleak-security-dashboard Project | 1 Uleak-security-dashboard | 2022-05-25 | 3.5 LOW | 5.4 MEDIUM |
| The ULeak Security & Monitoring WordPress plugin through 1.2.3 does not have authorisation and CSRF checks when updating its settings, and is also lacking sanitisation as well as escaping in some of them, which could allow any authenticated users such as subscriber to perform Stored Cross-Site Scripting attacks against admins viewing the settings | |||||
| CVE-2022-1512 | 1 Scrollrevealjs-effects Project | 1 Scrollrevealjs-effects | 2022-05-25 | 3.5 LOW | 4.8 MEDIUM |
| The ScrollReveal.js Effects WordPress plugin through 1.2 does not sanitise and escape its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed | |||||
| CVE-2022-30782 | 1 Openmoney Api Project | 1 Openmoney Api | 2022-05-25 | 5.0 MEDIUM | 7.5 HIGH |
| Openmoney API through 2020-06-29 uses the JavaScript Math.random function, which does not provide cryptographically secure random numbers. | |||||
| CVE-2022-24790 | 1 Puma | 1 Puma | 2022-05-24 | 5.0 MEDIUM | 7.5 HIGH |
| Puma is a simple, fast, multi-threaded, parallel HTTP 1.1 server for Ruby/Rack applications. When using Puma behind a proxy that does not properly validate that the incoming HTTP request matches the RFC7230 standard, Puma and the frontend proxy may disagree on where a request starts and ends. This would allow requests to be smuggled via the front-end proxy to Puma. The vulnerability has been fixed in 5.6.4 and 4.3.12. Users are advised to upgrade as soon as possible. Workaround: when deploying a proxy in front of Puma, turning on any and all functionality to make sure that the request matches the RFC7230 standard. | |||||
| CVE-2022-26291 | 2 Debian, Long Range Zip Project | 2 Debian Linux, Long Range Zip | 2022-05-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| lrzip v0.641 was discovered to contain a multiple concurrency use-after-free between the functions zpaq_decompress_buf() and clear_rulist(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted Irz file. | |||||
| CVE-2021-41136 | 1 Puma | 1 Puma | 2022-05-24 | 3.6 LOW | 3.7 LOW |
| Puma is a HTTP 1.1 server for Ruby/Rack applications. Prior to versions 5.5.1 and 4.3.9, using `puma` with a proxy which forwards HTTP header values which contain the LF character could allow HTTP request smugggling. A client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. The only proxy which has this behavior, as far as the Puma team is aware of, is Apache Traffic Server. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This vulnerability was patched in Puma 5.5.1 and 4.3.9. As a workaround, do not use Apache Traffic Server with `puma`. | |||||
| CVE-2018-5786 | 2 Debian, Long Range Zip Project | 2 Debian Linux, Long Range Zip | 2022-05-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the get_fileinfo function (lrzip.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file. | |||||
| CVE-2022-30050 | 1 Sir | 1 Gnuboard | 2022-05-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| Gnuboard 5.55 and 5.56 is vulnerable to Cross Site Scripting (XSS) via bbs/member_confirm.php. | |||||
| CVE-2022-30695 | 1 Acronis | 1 Snap Deploy | 2022-05-24 | 4.6 MEDIUM | 7.8 HIGH |
| Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Snap Deploy (Windows) before build 3640 | |||||
| CVE-2022-30696 | 1 Acronis | 1 Snap Deploy | 2022-05-24 | 4.4 MEDIUM | 7.8 HIGH |
| Local privilege escalation due to a DLL hijacking vulnerability. The following products are affected: Acronis Snap Deploy (Windows) before build 3640 | |||||
| CVE-2022-30697 | 1 Acronis | 1 Snap Deploy | 2022-05-24 | 4.6 MEDIUM | 7.8 HIGH |
| Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Snap Deploy (Windows) before build 3640 | |||||
| CVE-2022-1216 | 1 Advanced Image Sitemap Project | 1 Advanced Image Sitemap | 2022-05-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Advanced Image Sitemap WordPress plugin through 1.2 does not sanitise and escape the PHP_SELF PHP variable before outputting it back in an attribute in an admin page, leading to Reflected Cross-Site Scripting. | |||||
| CVE-2022-1217 | 1 Custom Tinymce Shortcode Button Project | 1 Custom Tinymce Shortcode Button | 2022-05-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Custom TinyMCE Shortcode Button WordPress plugin through 1.1 does not sanitise and escape the PHP_SELF variable before outputting it back in an attribute in an admin page, leading to Reflected Cross-Site Scripting. | |||||
| CVE-2022-1265 | 1 Ait-pro | 1 Bulletproof Security | 2022-05-24 | 3.5 LOW | 4.8 MEDIUM |
| The BulletProof Security WordPress plugin before 6.1 does not sanitize and escape some of its CAPTCHA settings, which could allow high-privileged users to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed | |||||
| CVE-2022-1267 | 1 Bmi Bmr Calculator Project | 1 Bmi Bmr Calculator | 2022-05-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| The BMI BMR Calculator WordPress plugin through 1.3 does not sanitise and escape arbitrary POST data before outputting it back in the response, leading to a Reflected Cross-Site Scripting | |||||
| CVE-2022-1334 | 1 Wp Youtube Live Project | 1 Wp Youtube Live | 2022-05-24 | 3.5 LOW | 4.8 MEDIUM |
| The WP YouTube Live WordPress plugin before 1.8.3 does not validate, sanitise and escape various of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed | |||||
| CVE-2022-1349 | 1 2code | 1 Wpqa Builder | 2022-05-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| The WPQA Builder Plugin WordPress plugin before 5.2, used as a companion plugin for the Discy and Himer , does not validate that the value passed to the image_id parameter of the ajax action wpqa_remove_image belongs to the requesting user, allowing any users (with privileges as low as Subscriber) to delete the profile pictures of any other user. | |||||
| CVE-2020-3938 | 1 Sysjust | 1 Syuan-gu-da-shin | 2022-05-24 | 5.0 MEDIUM | 7.5 HIGH |
| SysJust Syuan-Gu-Da-Shih, versions before 20191223, contain vulnerability of Request Forgery, allowing attackers to launch inquiries into network architecture or system files of the server via forged inquests. | |||||
| CVE-2020-3766 | 2 Adobe, Microsoft | 2 Genuine Integrity Service, Windows | 2022-05-24 | 7.2 HIGH | 7.8 HIGH |
| Adobe Genuine Integrity Service versions Version 6.4 and earlier have an insecure file permissions vulnerability. Successful exploitation could lead to privilege escalation. | |||||
| CVE-2020-3926 | 2 Changingtec, Microsoft | 2 Servisign, Windows | 2022-05-24 | 7.8 HIGH | 7.5 HIGH |
| An arbitrary-file-access vulnerability exists in ServiSign security plugin, as long as the attackers learn the specific API function, they may access arbitrary files on target system via crafted API parameter. | |||||
| CVE-2021-33013 | 1 Myscada | 1 Mypro | 2022-05-24 | 5.0 MEDIUM | 7.5 HIGH |
| mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized read access to sensitive system information. | |||||
| CVE-2021-33009 | 1 Myscada | 1 Mypro | 2022-05-24 | 5.0 MEDIUM | 7.5 HIGH |
| mySCADA myPRO versions prior to 8.20.0 allows an unauthenticated remote attacker to upload arbitrary files to the file system. | |||||
| CVE-2021-33005 | 1 Myscada | 1 Mypro | 2022-05-24 | 5.0 MEDIUM | 7.5 HIGH |
| mySCADA myPRO versions prior to 8.20.0 allows an unauthenticated remote attacker to upload arbitrary files to arbitrary directories. | |||||
| CVE-2021-27505 | 1 Myscada | 1 Mypro | 2022-05-24 | 5.0 MEDIUM | 7.5 HIGH |
| mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized read access to sensitive directory listing information. | |||||
| CVE-2022-1051 | 1 2code | 1 Wpqa Builder | 2022-05-24 | 3.5 LOW | 5.4 MEDIUM |
| The WPQA Builder Plugin WordPress plugin before 5.2, used as a companion plugin for the Discy and Himer , does not sanitise and escape the city, phone or profile credentials fields when outputting it in the profile page, allowing any authenticated user to perform Cross-Site Scripting attacks. | |||||
| CVE-2022-0578 | 1 Publify Project | 1 Publify | 2022-05-24 | 6.4 MEDIUM | 6.5 MEDIUM |
| Code Injection in GitHub repository publify/publify prior to 9.2.8. | |||||
| CVE-2022-0574 | 1 Publify Project | 1 Publify | 2022-05-24 | 6.4 MEDIUM | 6.5 MEDIUM |
| Improper Access Control in GitHub repository publify/publify prior to 9.2.8. | |||||
| CVE-2022-0867 | 1 Reputeinfosystems | 1 Pricing Table | 2022-05-24 | 7.5 HIGH | 9.8 CRITICAL |
| The Pricing Table WordPress plugin before 3.6.1 fails to properly sanitize and escape user supplied POST data before it is being interpolated in an SQL statement and then executed via an AJAX action available to unauthenticated users | |||||
| CVE-2022-30776 | 1 Atmail | 1 Atmail | 2022-05-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| atmail 6.5.0 allows XSS via the index.php/admin/index/ error parameter. | |||||
| CVE-2022-30013 | 1 Totaljs | 1 Total.js | 2022-05-24 | 3.5 LOW | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in the upload function of totaljs CMS 3.4.5 allows attackers to execute arbitrary web scripts via a JavaScript embedded PDF file. | |||||
| CVE-2022-29623 | 1 Connect-multiparty Project | 1 Connect-multiparty | 2022-05-24 | 6.8 MEDIUM | 7.8 HIGH |
| An arbitrary file upload vulnerability in the file upload module of Connect-Multiparty v2.2.0 allows attackers to execute arbitrary code via a crafted PDF file. | |||||
| CVE-2022-30011 | 1 Hospital Managment System Project | 1 Hospital Managment System | 2022-05-24 | 7.5 HIGH | 9.8 CRITICAL |
| In HMS 1.0 when requesting appointment.php through POST, multiple parameters can lead to a SQL injection vulnerability. | |||||
| CVE-2022-30781 | 1 Gitea | 1 Gitea | 2022-05-24 | 5.0 MEDIUM | 7.5 HIGH |
| Gitea before 1.16.7 does not escape git fetch remote. | |||||
| CVE-2022-30779 | 1 Laravel | 1 Laravel | 2022-05-24 | 7.5 HIGH | 9.8 CRITICAL |
| Laravel 9.1.8, when processing attacker-controlled data for deserialization, allows Remote Code Execution via an unserialize pop chain in __destruct in GuzzleHttp\Cookie\FileCookieJar.php. | |||||
| CVE-2022-30778 | 1 Laravel | 1 Laravel | 2022-05-24 | 7.5 HIGH | 9.8 CRITICAL |
| Laravel 9.1.8, when processing attacker-controlled data for deserialization, allows Remote Code Execution via an unserialize pop chain in __destruct in Illuminate\Broadcasting\PendingBroadcast.php and dispatch($command) in Illuminate\Bus\QueueingDispatcher.php. | |||||
| CVE-2022-30775 | 1 Xpdfreader | 1 Xpdf | 2022-05-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| xpdf 4.04 allocates excessive memory when presented with crafted input. This can be triggered by (for example) sending a crafted PDF document to the pdftoppm binary. It is most easily reproduced with the DCMAKE_CXX_COMPILER=afl-clang-fast++ option. | |||||
| CVE-2022-30770 | 1 Terminalfour | 1 Terminalfour | 2022-05-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| Terminalfour before 8.3.8 allows XSS, aka RDSM-31817. 8.2.18.2.1 and 8.2.18.5 are also fixed versions. | |||||
| CVE-2022-1386 | 1 Theme-fusion | 1 Avada | 2022-05-24 | 7.5 HIGH | 9.8 CRITICAL |
| The Fusion Builder WordPress plugin before 3.6.2, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. This could be used to interact with hosts on the server's local network bypassing firewalls and access control measures. | |||||
| CVE-2022-30765 | 1 Calibre-web Project | 1 Calibre-web | 2022-05-24 | 7.5 HIGH | 9.8 CRITICAL |
| Calibre-Web before 0.6.18 allows user table SQL Injection. | |||||
| CVE-2021-27771 | 1 Hcltech | 1 Sametime | 2022-05-24 | 6.5 MEDIUM | 7.6 HIGH |
| User SID can be modified resulting in an Arbitrary File Upload or deletion of directories causing a Denial of Service. When interacting in a normal matter with the Sametime chat application, users hold a cookie containing their session ID (SID). This value is also used when sending chat messages, receiving notifications and/or transferring files. | |||||
| CVE-2020-9983 | 2 Apple, Fedoraproject | 8 Icloud, Ipad Os, Iphone Os and 5 more | 2022-05-24 | 6.8 MEDIUM | 8.8 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to code execution. | |||||
| CVE-2021-27770 | 1 Hcltech | 1 Sametime | 2022-05-24 | 6.8 MEDIUM | 8.8 HIGH |
| The vulnerability was discovered within the “FaviconService”. The service takes a base64-encoded URL which is then requested by the webserver. We assume this service is used by the “meetings”-function where users can specify an external URL where the online meeting will take place. | |||||
| CVE-2020-8813 | 4 Cacti, Fedoraproject, Opensuse and 1 more | 5 Cacti, Fedora, Suse Linux Enterprise Server and 2 more | 2022-05-24 | 9.3 HIGH | 8.8 HIGH |
| graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege. | |||||