Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-27247 | 1 Cdsoft | 1 Winhotel.mx | 2022-05-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| onlinetolls in cdSoft Onlinetools-Smart Winhotel.MX 2021 allows an attacker to download sensitive information about any customer (e.g., data of birth, full address, mail information, and phone number) via GastKont Insecure Direct Object Reference. | |||||
| CVE-2022-1408 | 1 Vikwp | 1 Hotel Booking Engine \& Pms | 2022-05-24 | 3.5 LOW | 4.8 MEDIUM |
| The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.5.8 does not escape various settings before outputting them in attributes, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed | |||||
| CVE-2022-1418 | 1 Pluginmirror | 1 Social Stickers | 2022-05-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Social Stickers WordPress plugin through 2.2.9 does not have CSRF checks in place when updating its Social Network settings, and does not escape some of these fields, which could allow attackers to make a logged-in admin change them and lead to Stored Cross-Site Scripting issues. | |||||
| CVE-2022-1409 | 1 Vikwp | 1 Hotel Booking Engine \& Pms | 2022-05-24 | 6.5 MEDIUM | 7.2 HIGH |
| The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.5.8 does not properly validate images, allowing high privilege users such as administrators to upload PHP files disguised as images and containing malicious PHP code | |||||
| CVE-2020-8184 | 3 Canonical, Debian, Rack Project | 3 Ubuntu Linux, Debian Linux, Rack | 2022-05-24 | 5.0 MEDIUM | 7.5 HIGH |
| A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix. | |||||
| CVE-2020-8161 | 3 Canonical, Debian, Rack Project | 3 Ubuntu Linux, Debian Linux, Rack | 2022-05-24 | 5.0 MEDIUM | 8.6 HIGH |
| A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure. | |||||
| CVE-2022-1425 | 1 2code | 1 Wpqa Builder | 2022-05-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| The WPQA Builder Plugin WordPress plugin before 5.2, used as a companion plugin for the Discy and Himer , does not validate that the message_id of the wpqa_message_view ajax action belongs to the requesting user, leading to any user being able to read messages for any other users via a Insecure Direct Object Reference (IDOR) vulnerability. | |||||
| CVE-2021-27773 | 1 Hcltech | 1 Sametime | 2022-05-24 | 4.3 MEDIUM | 4.3 MEDIUM |
| This vulnerability allows users to execute a clickjacking attack in the meeting's chat. | |||||
| CVE-2022-1435 | 1 Wptaskforce | 1 Track \& Trace | 2022-05-24 | 3.5 LOW | 4.8 MEDIUM |
| The WPCargo Track & Trace WordPress plugin before 6.9.5 does not sanitize and escapes some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed. | |||||
| CVE-2022-1436 | 1 Wptaskforce | 1 Track \& Trace | 2022-05-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| The WPCargo Track & Trace WordPress plugin before 6.9.5 does not sanitise and escape the wpcargo_tracking_number parameter before outputting it back in the page, which could allow attackers to perform reflected Cross-Site Scripting attacks. | |||||
| CVE-2022-1455 | 1 Callnowbutton | 1 Call Now Button | 2022-05-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Call Now Button WordPress plugin before 1.1.2 does not escape a parameter before outputting it back in an attribute of a hidden input, leading to a Reflected Cross-Site Scripting when the premium is enabled | |||||
| CVE-2020-7106 | 5 Cacti, Debian, Fedoraproject and 2 more | 8 Cacti, Debian Linux, Extra Packages For Enterprise Linux and 5 more | 2022-05-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the description parameter in data_sources.php (a raw string from the database that is displayed by $header to trigger the XSS). | |||||
| CVE-2022-30457 | 2022-05-24 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | |||||
| CVE-2022-25862 | 1 Sds Project | 1 Sds | 2022-05-24 | 5.0 MEDIUM | 7.5 HIGH |
| This affects the package sds from 0.0.0. The library could be tricked into adding or modifying properties of the Object.prototype by abusing the set function located in js/set.js. **Note:** This vulnerability derives from an incomplete fix to [CVE-2020-7618](https://security.snyk.io/vuln/SNYK-JS-SDS-564123) | |||||
| CVE-2020-13230 | 3 Cacti, Debian, Fedoraproject | 3 Cacti, Debian Linux, Fedora | 2022-05-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions granted to that account (e.g., permission to view logs). | |||||
| CVE-2020-9992 | 1 Apple | 3 Ipad Os, Iphone Os, Xcode | 2022-05-24 | 9.3 HIGH | 7.8 HIGH |
| This issue was addressed by encrypting communications over the network to devices running iOS 14, iPadOS 14, tvOS 14, and watchOS 7. This issue is fixed in iOS 14.0 and iPadOS 14.0, Xcode 12.0. An attacker in a privileged network position may be able to execute arbitrary code on a paired device during a debug session over the network. | |||||
| CVE-2020-9979 | 1 Apple | 3 Ipados, Iphone Os, Tvos | 2022-05-24 | 2.1 LOW | 5.5 MEDIUM |
| A trust issue was addressed by removing a legacy API. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0. An attacker may be able to misuse a trust relationship to download malicious content. | |||||
| CVE-2020-9986 | 1 Apple | 1 Mac Os X | 2022-05-24 | 4.3 MEDIUM | 3.3 LOW |
| A file access issue existed with certain home folder files. This was addressed with improved access restrictions. This issue is fixed in macOS Catalina 10.15.7. A malicious application may be able to read sensitive location information. | |||||
| CVE-2022-21190 | 1 Mozilla | 1 Convict | 2022-05-24 | 7.5 HIGH | 9.8 CRITICAL |
| This affects the package convict before 6.2.3. This is a bypass of [CVE-2022-22143](https://security.snyk.io/vuln/SNYK-JS-CONVICT-2340604). The [fix](https://github.com/mozilla/node-convict/commit/3b86be087d8f14681a9c889d45da7fe3ad9cd880) introduced, relies on the startsWith method and does not prevent the vulnerability: before splitting the path, it checks if it starts with __proto__ or this.constructor.prototype. To bypass this check it's possible to prepend the dangerous paths with any string value followed by a dot, like for example foo.__proto__ or foo.this.constructor.prototype. | |||||
| CVE-2021-34587 | 2 Bender, Ibm | 9 Cc612, Cc612 Firmware, Cc613 and 6 more | 2022-05-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to a stack variable. | |||||
| CVE-2022-1465 | 1 Wpclever | 1 Wpc Smart Wishlist For Woocommerce | 2022-05-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| The WPC Smart Wishlist for WooCommerce WordPress plugin before 2.9.9 does not sanitise and escape a parameter before outputting it back in an attribute via an AJAX action, leading to a Reflected Cross-Site Scripting issue. | |||||
| CVE-2022-0730 | 3 Cacti, Debian, Fedoraproject | 3 Cacti, Debian Linux, Fedora | 2022-05-24 | 6.8 MEDIUM | 9.8 CRITICAL |
| Under certain ldap conditions, Cacti authentication can be bypassed with certain credential types. | |||||
| CVE-2021-23225 | 2 Cacti, Debian | 2 Cacti, Debian Linux | 2022-05-24 | 3.5 LOW | 5.4 MEDIUM |
| Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary web script or HTML in the "new_username" field during creation of a new user via "Copy" method at user_admin.php. | |||||
| CVE-2020-23226 | 2 Cacti, Debian | 2 Cacti, Debian Linux | 2022-05-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| Multiple Cross Site Scripting (XSS) vulneratiblities exist in Cacti 1.2.12 in (1) reports_admin.php, (2) data_queries.php, (3) data_input.php, (4) graph_templates.php, (5) graphs.php, (6) reports_admin.php, and (7) data_input.php. | |||||
| CVE-2019-11025 | 2 Cacti, Debian | 2 Cacti, Debian Linux | 2022-05-24 | 3.5 LOW | 5.4 MEDIUM |
| In clearFilter() in utilities.php in Cacti before 1.2.3, no escaping occurs before printing out the value of the SNMP community string (SNMP Options) in the View poller cache, leading to XSS. | |||||
| CVE-2018-10061 | 2 Cacti, Debian | 2 Cacti, Debian Linux | 2022-05-24 | 3.5 LOW | 5.4 MEDIUM |
| Cacti before 1.1.37 has XSS because it makes certain htmlspecialchars calls without the ENT_QUOTES flag (these calls occur when the html_escape function in lib/html.php is not used). | |||||
| CVE-2018-10060 | 2 Cacti, Debian | 2 Cacti, Debian Linux | 2022-05-24 | 3.5 LOW | 5.4 MEDIUM |
| Cacti before 1.1.37 has XSS because it does not properly reject unintended characters, related to use of the sanitize_uri function in lib/functions.php. | |||||
| CVE-2021-27768 | 1 Hcltech | 1 Verse | 2022-05-24 | 4.3 MEDIUM | 5.9 MEDIUM |
| Using the ability to perform a Man-in-the-Middle (MITM) attack, which indicates a lack of hostname verification, sensitive account information was able to be intercepted. In this specific scenario, the application's network traffic was intercepted using a proxy server set up in 'transparent' mode while a certificate with an invalid hostname was active. The Android application was found to have hostname verification issues during the server setup and login flows; however, the application did not process requests post-login. | |||||
| CVE-2022-29383 | 1 Netgear | 2 Ssl312, Ssl312 Firmware | 2022-05-24 | 7.5 HIGH | 9.8 CRITICAL |
| NETGEAR ProSafe SSL VPN firmware FVS336Gv2 and FVS336Gv3 was discovered to contain a SQL injection vulnerability via USERDBDomains.Domainname at cgi-bin/platform.cgi. | |||||
| CVE-2021-27673 | 1 Tribalsystems | 1 Zenario | 2022-05-23 | 3.5 LOW | 4.8 MEDIUM |
| Cross Site Scripting (XSS) in the "admin_boxes.ajax.php" component of Tribal Systems Zenario CMS v8.8.52729 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the "cID" parameter when creating a new HTML component. | |||||
| CVE-2021-24122 | 3 Apache, Debian, Oracle | 3 Tomcat, Debian Linux, Agile Plm | 2022-05-23 | 4.3 MEDIUM | 5.9 MEDIUM |
| When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to JSP source code disclosure in some configurations. The root cause was the unexpected behaviour of the JRE API File.getCanonicalPath() which in turn was caused by the inconsistent behaviour of the Windows API (FindFirstFileW) in some circumstances. | |||||
| CVE-2021-27308 | 1 4homepages | 1 4images | 2022-05-23 | 3.5 LOW | 4.8 MEDIUM |
| A cross-site scripting (XSS) vulnerability in the admin login panel in 4images version 1.8 allows remote attackers to inject JavaScript via the "redirect" parameter. | |||||
| CVE-2021-27358 | 2 Grafana, Netapp | 2 Grafana, E-series Performance Analyzer | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a remote API call if a commonly used configuration is set. | |||||
| CVE-2021-27516 | 1 Urijs Project | 1 Urijs | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| URI.js (aka urijs) before 1.19.6 mishandles certain uses of backslash such as http:\/ and interprets the URI as a relative path. | |||||
| CVE-2021-27645 | 2 Fedoraproject, Gnu | 2 Fedora, Glibc | 2022-05-23 | 1.9 LOW | 2.5 LOW |
| The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c. | |||||
| CVE-2021-27803 | 3 Debian, Fedoraproject, W1.fi | 3 Debian Linux, Fedora, Wpa Supplicant | 2022-05-23 | 5.4 MEDIUM | 7.5 HIGH |
| A vulnerability was discovered in how p2p/p2p_pd.c in wpa_supplicant before 2.10 processes P2P (Wi-Fi Direct) provision discovery requests. It could result in denial of service or other impact (potentially execution of arbitrary code), for an attacker within radio range. | |||||
| CVE-2021-27351 | 1 Telegram | 1 Telegram | 2022-05-23 | 5.0 MEDIUM | 5.3 MEDIUM |
| The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through 2.4.7 for Windows and UNIX, fails to invalidate a recently active session. | |||||
| CVE-2021-27515 | 1 Url-parse Project | 1 Url-parse | 2022-05-23 | 5.0 MEDIUM | 5.3 MEDIUM |
| url-parse before 1.5.0 mishandles certain uses of backslash such as http:\/ and interprets the URI as a relative path. | |||||
| CVE-2021-3189 | 1 Google | 1 Slashify | 2022-05-23 | 5.8 MEDIUM | 6.1 MEDIUM |
| The slashify package 1.0.0 for Node.js allows open-redirect attacks, as demonstrated by a localhost:3000///example.com/ substring. | |||||
| CVE-2022-0860 | 2 Cobbler Project, Fedoraproject | 2 Cobbler, Fedora | 2022-05-23 | 6.4 MEDIUM | 9.1 CRITICAL |
| Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2. | |||||
| CVE-2022-24302 | 3 Debian, Fedoraproject, Paramiko | 3 Debian Linux, Fedora, Paramiko | 2022-05-23 | 4.3 MEDIUM | 5.9 MEDIUM |
| In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure. | |||||
| CVE-2021-26910 | 2 Debian, Firejail Project | 2 Debian Linux, Firejail | 2022-05-23 | 6.9 MEDIUM | 7.0 HIGH |
| Firejail before 0.9.64.4 allows attackers to bypass intended access restrictions because there is a TOCTOU race condition between a stat operation and an OverlayFS mount operation. | |||||
| CVE-2021-26675 | 3 Debian, Intel, Opensuse | 3 Debian Linux, Connman, Leap | 2022-05-23 | 5.8 MEDIUM | 8.8 HIGH |
| A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute code. | |||||
| CVE-2021-41965 | 1 Churchcrm | 1 Churchcrm | 2022-05-23 | 6.5 MEDIUM | 8.8 HIGH |
| A SQL injection vulnerability exists in ChurchCRM version 2.0.0 to 4.4.5 that allows an authenticated attacker to issue an arbitrary SQL command to the database through the unsanitized EN_tyid, theID and EID fields used when an Edit action on an existing record is being performed. | |||||
| CVE-2022-28929 | 1 Hospital Management System Project | 1 Hospital Management System | 2022-05-23 | 7.5 HIGH | 9.8 CRITICAL |
| Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the delid parameter at viewtreatmentrecord.php. | |||||
| CVE-2022-23166 | 1 Sysaid | 1 Sysaid | 2022-05-23 | 10.0 HIGH | 9.8 CRITICAL |
| Sysaid – Sysaid Local File Inclusion (LFI) – An unauthenticated attacker can access to the system by accessing to "/lib/tinymce/examples/index.html" path. in the "Insert/Edit Embedded Media" window Choose Type : iFrame and File/URL : [here is the LFI] Solution: Update to 22.2.20 cloud version, or to 22.1.64 on premise version. | |||||
| CVE-2022-23165 | 1 Sysaid | 1 Sysaid | 2022-05-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| Sysaid – Sysaid 14.2.0 Reflected Cross-Site Scripting (XSS) - The parameter "helpPageName" used by the page "/help/treecontent.jsp" suffers from a Reflected Cross-Site Scripting vulnerability. For an attacker to exploit this Cross-Site Scripting vulnerability, it's necessary for the affected product to expose the Offline Help Pages. An attacker may gain access to sensitive information or execute client-side code in the browser session of the victim user. Furthermore, an attacker would require the victim to open a malicious link. An attacker may exploit this vulnerability in order to perform phishing attacks. The attacker can receive sensitive data like server details, usernames, workstations, etc. He can also perform actions such as uploading files, deleting calls from the system | |||||
| CVE-2022-23139 | 1 Zte | 2 Zxmp M721, Zxmp M721 Firmware | 2022-05-23 | 6.5 MEDIUM | 8.8 HIGH |
| ZTE's ZXMP M721 product has a permission and access control vulnerability. Since the folder permission viewed by sftp is 666, which is inconsistent with the actual permission. It’s easy for?users to?ignore the modification?of?the file permission configuration, so that low-authority accounts could actually obtain higher operating permissions on key files. | |||||
| CVE-2022-22797 | 1 Sysaid | 1 Sysaid | 2022-05-23 | 5.8 MEDIUM | 6.1 MEDIUM |
| Sysaid – sysaid Open Redirect - An Attacker can change the redirect link at the parameter "redirectURL" from"GET" request from the url location: /CommunitySSORedirect.jsp?redirectURL=https://google.com. Unvalidated redirects and forwards are possible when a web application accepts untrusted input that could cause the web application to redirect the request to a URL contained within untrusted input. By modifying untrusted URL input to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials. | |||||
| CVE-2022-22393 | 1 Ibm | 1 Websphere Application Server | 2022-05-23 | 3.5 LOW | 6.5 MEDIUM |
| IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.5 , with the adminCenter-1.0 feature configured, could allow an authenticated user to issue a request to obtain the status of HTTP/HTTPS ports which are accessible by the application server. IBM X-Force ID: 222078. | |||||