Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-28784 | 1 Google | 1 Android | 2022-05-11 | 2.1 LOW | 3.3 LOW |
| Path traversal vulnerability in Galaxy Themes prior to SMR May-2022 Release 1 allows attackers to list file names in arbitrary directory as system user. The patch addresses incorrect implementation of file path validation check logic. | |||||
| CVE-2022-28783 | 1 Google | 1 Android | 2022-05-11 | 3.6 LOW | 7.1 HIGH |
| Improper validation of removing package name in Galaxy Themes prior to SMR May-2022 Release 1 allows attackers to uninstall arbitrary packages without permission. The patch adds proper validation logic for removing package name. | |||||
| CVE-2022-1555 | 1 Microweber | 1 Microweber | 2022-05-11 | 4.3 MEDIUM | 6.1 MEDIUM |
| DOM XSS in microweber ver 1.2.15 in GitHub repository microweber/microweber prior to 1.2.16. inject arbitrary js code, deface website, steal cookie... | |||||
| CVE-2022-28782 | 1 Google | 1 Android | 2022-05-11 | 2.1 LOW | 4.6 MEDIUM |
| Improper access control vulnerability in Contents To Window prior to SMR May-2022 Release 1 allows physical attacker to install package before completion of Setup wizard. The patch blocks entry point of the vulnerability. | |||||
| CVE-2022-27431 | 1 Wuzhicms | 1 Wuzhi Cms | 2022-05-11 | 7.5 HIGH | 9.8 CRITICAL |
| Wuzhicms v4.1.0 was discovered to contain a SQL injection vulnerability via the groupid parameter at /coreframe/app/member/admin/group.php. | |||||
| CVE-2022-28781 | 1 Google | 1 Android | 2022-05-11 | 7.2 HIGH | 6.7 MEDIUM |
| Improper input validation in Settings prior to SMR-May-2022 Release 1 allows attackers to launch arbitrary activity with system privilege. The patch adds proper validation logic to check the caller. | |||||
| CVE-2022-27420 | 1 Hospital Management System Project | 1 Hospital Management System | 2022-05-11 | 7.5 HIGH | 9.8 CRITICAL |
| Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the patient_contact parameter in patientsearch.php. | |||||
| CVE-2021-3100 | 2 Amazon, Linux | 2 Log4jhotpatch, Linux Kernel | 2022-05-11 | 7.2 HIGH | 8.8 HIGH |
| The Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.1-13 didn’t mimic the permissions of the JVM being patched, allowing it to escalate privileges. | |||||
| CVE-2021-26312 | 1 Amd | 114 Epyc 7232p, Epyc 7232p Firmware, Epyc 7251 and 111 more | 2022-05-11 | 2.1 LOW | 5.5 MEDIUM |
| Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity. | |||||
| CVE-2022-28780 | 1 Google | 1 Android | 2022-05-11 | 2.1 LOW | 5.5 MEDIUM |
| Improper access control vulnerability in Weather prior to SMR May-2022 Release 1 allows that attackers can access location information that set in Weather without permission. The patch adds proper protection to prevent access to location information. | |||||
| CVE-2022-27330 | 1 E-commerce Website Project | 1 E-commerce Website | 2022-05-11 | 3.5 LOW | 5.4 MEDIUM |
| A cross-site scripting (XSS) vulnerability in /public/admin/index.php?add_product of E-Commerce Website v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Title text field. | |||||
| CVE-2021-34588 | 1 Bender | 4 Cc612, Cc612 Firmware, Cc613 and 1 more | 2022-05-11 | 5.0 MEDIUM | 8.6 HIGH |
| In Bender/ebee Charge Controllers in multiple versions are prone to unprotected data export. Backup export is protected via a random key. The key is set at user login. It is empty after reboot . | |||||
| CVE-2022-29973 | 1 Exfat Project | 1 Exfat | 2022-05-11 | 1.9 LOW | 4.7 MEDIUM |
| relan exFAT 1.3.0 allows local users to obtain sensitive information (data from deleted files in the filesystem) in certain situations involving offsets beyond ValidDataLength. | |||||
| CVE-2022-25842 | 1 Alibabagroup | 1 One-java-agent | 2022-05-11 | 7.5 HIGH | 9.8 CRITICAL |
| All versions of package com.alibaba.oneagent:one-java-agent-plugin are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) using a specially crafted archive that holds directory traversal filenames (e.g. ../../evil.exe). The attacker can overwrite executable files and either invoke them remotely or wait for the system or user to call them, thus achieving remote command execution on the victim’s machine. | |||||
| CVE-2022-25767 | 1 Ureport2 Project | 1 Ureport2 | 2022-05-11 | 7.5 HIGH | 9.8 CRITICAL |
| All versions of package com.bstek.ureport:ureport2-console are vulnerable to Remote Code Execution by connecting to a malicious database server, causing arbitrary file read and deserialization of local gadgets. | |||||
| CVE-2022-25645 | 1 Dset Project | 1 Dset | 2022-05-11 | 6.8 MEDIUM | 8.1 HIGH |
| All versions of package dset are vulnerable to Prototype Pollution via 'dset/merge' mode, as the dset function checks for prototype pollution by validating if the top-level path contains __proto__, constructor or protorype. By crafting a malicious object, it is possible to bypass this check and achieve prototype pollution. | |||||
| CVE-2022-23161 | 1 Dell | 1 Emc Powerscale Onefs | 2022-05-11 | 5.0 MEDIUM | 7.5 HIGH |
| Dell PowerScale OneFS versions 8.2.x - 9.3.0.x contain a denial-of-service vulnerability in SmartConnect. An unprivileged network attacker may potentially exploit this vulnerability, leading to denial-of-service. | |||||
| CVE-2020-12944 | 1 Amd | 114 Epyc 7232p, Epyc 7232p Firmware, Epyc 7251 and 111 more | 2022-05-11 | 4.6 MEDIUM | 7.8 HIGH |
| Insufficient validation of BIOS image length by ASP Firmware could lead to arbitrary code execution. | |||||
| CVE-2021-36278 | 1 Dell | 1 Emc Powerscale Onefs | 2022-05-11 | 2.1 LOW | 5.5 MEDIUM |
| Dell EMC PowerScale OneFS versions 8.2.x, 9.1.0.x, and 9.1.1.1 contain a sensitive information exposure vulnerability in log files. A local malicious user with ISI_PRIV_LOGIN_SSH, ISI_PRIV_LOGIN_CONSOLE, or ISI_PRIV_SYS_SUPPORT privileges may exploit this vulnerability to access sensitive information. If any third-party consumes those logs, the same sensitive information is available to those systems as well. | |||||
| CVE-2022-25349 | 1 Materializecss | 1 Materialize | 2022-05-11 | 4.3 MEDIUM | 5.4 MEDIUM |
| All versions of package materialize-css are vulnerable to Cross-site Scripting (XSS) due to improper escape of user input (such as <not-a-tag />) that is being parsed as HTML/JavaScript, and inserted into the Document Object Model (DOM). This vulnerability can be exploited when the user-input is provided to the autocomplete component. | |||||
| CVE-2021-31674 | 1 Cyclos | 1 Cyclos | 2022-05-11 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cyclos 4 PRO 4.14.7 and before does not validate user input at error inform, which allows remote unauthenticated attacker to execute javascript code via undefine enum constant. | |||||
| CVE-2022-23923 | 1 Jailed Project | 1 Jailed | 2022-05-11 | 7.5 HIGH | 9.8 CRITICAL |
| All versions of package jailed are vulnerable to Sandbox Bypass via an exported alert() method which can access the main application. Exported methods are stored in the application.remote object. | |||||
| CVE-2022-20099 | 2 Google, Mediatek | 45 Android, Mt6580, Mt6739 and 42 more | 2022-05-11 | 4.6 MEDIUM | 7.8 HIGH |
| In aee daemon, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06296442; Issue ID: ALPS06296442. | |||||
| CVE-2021-3982 | 1 Gnome | 1 Gnome-shell | 2022-05-11 | 2.1 LOW | 5.5 MEDIUM |
| Linux distributions using CAP_SYS_NICE for gnome-shell may be exposed to a privilege escalation issue. An attacker, with low privilege permissions, may take advantage of the way CAP_SYS_NICE is currently implemented and eventually load code to increase its process scheduler priority leading to possible DoS of other services running in the same machine. | |||||
| CVE-2021-36207 | 1 Johnsoncontrols | 3 Metasys Application And Data Server, Metasys Extended Application And Data Server, Metasys Open Application Server | 2022-05-11 | 8.5 HIGH | 8.8 HIGH |
| Under certain circumstances improper privilege management in Metasys ADS/ADX/OAS servers versions 10 and 11 could allow an authenticated user to elevate their privileges to administrator. | |||||
| CVE-2022-29856 | 1 Automationanywhere | 1 Automation 360 | 2022-05-11 | 5.0 MEDIUM | 7.5 HIGH |
| A hardcoded cryptographic key in Automation360 22 allows an attacker to decrypt exported RPA packages. | |||||
| CVE-2022-27313 | 1 Gitea | 1 Gitea | 2022-05-11 | 5.0 MEDIUM | 7.5 HIGH |
| An arbitrary file deletion vulnerability in Gitea v1.16.3 allows attackers to cause a Denial of Service (DoS) via deleting the configuration file. | |||||
| CVE-2022-1249 | 1 Pesign Project | 1 Pesign | 2022-05-11 | 2.1 LOW | 3.3 LOW |
| A NULL pointer dereference flaw was found in pesign's cms_set_pw_data() function of the cms_common.c file. The function fails to handle the NULL pwdata invocation from daemon.c, which leads to an explicit NULL dereference and crash on all attempts to daemonize pesign. | |||||
| CVE-2022-0306 | 1 Google | 1 Chrome | 2022-05-11 | 6.8 MEDIUM | 8.8 HIGH |
| Heap buffer overflow in PDFium in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-22766 | 1 Bd | 48 Pyxis Anesthesia Station 4000, Pyxis Anesthesia Station 4000 Firmware, Pyxis Anesthesia Station Es and 45 more | 2022-05-11 | 2.1 LOW | 5.5 MEDIUM |
| Hardcoded credentials are used in specific BD Pyxis products. If exploited, threat actors may be able to gain access to the underlying file system and could potentially exploit application files for information that could be used to decrypt application credentials or gain access to electronic protected health information (ePHI) or other sensitive information. | |||||
| CVE-2022-20098 | 2 Google, Mediatek | 45 Android, Mt6580, Mt6739 and 42 more | 2022-05-11 | 2.1 LOW | 4.4 MEDIUM |
| In aee daemon, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06419017; Issue ID: ALPS06419017. | |||||
| CVE-2022-24112 | 1 Apache | 1 Apisix | 2022-05-11 | 7.5 HIGH | 9.8 CRITICAL |
| An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX (with default API key) is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different from the data panel, the impact is lower. But there is still a risk to bypass the IP restriction of Apache APISIX's data panel. There is a check in the batch-requests plugin which overrides the client IP with its real remote IP. But due to a bug in the code, this check can be bypassed. | |||||
| CVE-2022-1114 | 1 Imagemagick | 1 Imagemagick | 2022-05-11 | 5.8 MEDIUM | 7.1 HIGH |
| A heap-use-after-free flaw was found in ImageMagick's RelinquishDCMInfo() function of dcm.c file. This vulnerability is triggered when an attacker passes a specially crafted DICOM image file to ImageMagick for conversion, potentially leading to information disclosure and a denial of service. | |||||
| CVE-2022-24959 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2022-05-11 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c. | |||||
| CVE-2022-24897 | 1 Xwiki | 1 Xwiki | 2022-05-11 | 6.0 MEDIUM | 7.5 HIGH |
| APIs to evaluate content with Velocity is a package for APIs to evaluate content with Velocity. Starting with version 2.3 and prior to 12.6.7, 12.10.3, and 13.0, the velocity scripts are not properly sandboxed against using the Java File API to perform read or write operations on the filesystem. Writing an attacking script in Velocity requires the Script rights in XWiki so not all users can use it, and it also requires finding an XWiki API which returns a File. The problem has been patched in versions 12.6.7, 12.10.3, and 13.0. There is no easy workaround for fixing this vulnerability other than upgrading and being careful when giving Script rights. | |||||
| CVE-2022-1015 | 2 Fedoraproject, Linux | 2 Fedora, Linux Kernel | 2022-05-11 | 4.6 MEDIUM | 6.6 MEDIUM |
| A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue. | |||||
| CVE-2021-46461 | 1 Nginx | 1 Njs | 2022-05-11 | 7.5 HIGH | 9.8 CRITICAL |
| njs through 0.7.0, used in NGINX, was discovered to contain an out-of-bounds array access via njs_vmcode_typeof in /src/njs_vmcode.c. | |||||
| CVE-2022-24686 | 1 Hashicorp | 1 Nomad | 2022-05-11 | 4.3 MEDIUM | 5.9 MEDIUM |
| HashiCorp Nomad and Nomad Enterprise 0.3.0 through 1.0.17, 1.1.11, and 1.2.5 artifact download functionality has a race condition such that the Nomad client agent could download the wrong artifact into the wrong destination. Fixed in 1.0.18, 1.1.12, and 1.2.6 | |||||
| CVE-2022-22765 | 1 Bd | 2 Viper Lt System, Viper Lt System Firmware | 2022-05-11 | 4.6 MEDIUM | 7.8 HIGH |
| BD Viper LT system, versions 2.0 and later, contains hardcoded credentials. If exploited, threat actors may be able to access, modify or delete sensitive information, including electronic protected health information (ePHI), protected health information (PHI) and personally identifiable information (PII). BD Viper LT system versions 4.0 and later utilize Microsoft Windows 10 and have additional Operating System hardening configurations which increase the attack complexity required to exploit this vulnerability. | |||||
| CVE-2020-23620 | 1 Orlansoft | 1 Orlansoft Erp | 2022-05-11 | 7.5 HIGH | 9.8 CRITICAL |
| The Java Remote Management Interface of all versions of Orlansoft ERP was discovered to contain a vulnerability due to insecure deserialization of user-supplied content, which can allow attackers to execute arbitrary code via a crafted serialized Java object. | |||||
| CVE-2022-0985 | 1 Moodle | 1 Moodle | 2022-05-11 | 4.0 MEDIUM | 4.3 MEDIUM |
| Insufficient capability checks could allow users with the moodle/site:uploadusers capability to delete users, without having the necessary moodle/user:delete capability. | |||||
| CVE-2020-23621 | 1 Squire-technologies | 1 Svi Ms Management System | 2022-05-11 | 7.5 HIGH | 9.8 CRITICAL |
| The Java Remote Management Interface of all versions of SVI MS Management System was discovered to contain a vulnerability due to insecure deserialization of user-supplied content, which can allow attackers to execute arbitrary code via a crafted serialized Java object. | |||||
| CVE-2022-21230 | 1 Nanohttpd | 1 Nanohttpd | 2022-05-11 | 2.1 LOW | 5.5 MEDIUM |
| This affects all versions of package org.nanohttpd:nanohttpd. Whenever an HTTP Session is parsing the body of an HTTP request, the body of the request is written to a RandomAccessFile when the it is larger than 1024 bytes. This file is created with insecure permissions that allow its contents to be viewed by all users on the host machine. **Workaround:** Manually specifying the -Djava.io.tmpdir= argument when launching Java to set the temporary directory to a directory exclusively controlled by the current user can fix this issue. | |||||
| CVE-2021-43937 | 1 Smartptt | 1 Scada Server | 2022-05-11 | 6.8 MEDIUM | 8.8 HIGH |
| Elcomplus SmartPTT SCADA Server web application does not, or cannot, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request. | |||||
| CVE-2022-20100 | 2 Google, Mediatek | 45 Android, Mt6580, Mt6739 and 42 more | 2022-05-11 | 2.1 LOW | 4.4 MEDIUM |
| In aee daemon, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06383944; Issue ID: ALPS06270804. | |||||
| CVE-2021-39082 | 1 Ibm | 1 Urbancode Deploy | 2022-05-11 | 5.0 MEDIUM | 7.5 HIGH |
| IBM UrbanCode Deploy (UCD) 7.1.1.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | |||||
| CVE-2022-0617 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2022-05-11 | 4.9 MEDIUM | 5.5 MEDIUM |
| A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2. | |||||
| CVE-2022-1536 | 1 Automad | 1 Automad | 2022-05-11 | 3.5 LOW | 5.4 MEDIUM |
| A vulnerability has been found in automad up to 1.10.9 and classified as problematic. This vulnerability affects the Dashboard. The manipulation of the argument title with the input Home</title><script>alert("home")</script><title> leads to a cross site scripting. The attack can be initiated remotely but requires an authentication. The exploit details have disclosed to the public and may be used. | |||||
| CVE-2021-33945 | 1 Ricoh | 132 Aficio Sp 3500sf, Aficio Sp 3500sf Firmware, M 2700 and 129 more | 2022-05-11 | 7.5 HIGH | 9.8 CRITICAL |
| RICOH Printer series SP products 320DN, SP 325DNw, SP 320SN, SP 320SFN, SP 325SNw, SP 325SFNw, SP 330SN, Aficio SP 3500SF, SP 221S, SP 220SNw, SP 221SNw, SP 221SF, SP 220SFNw, SP 221SFNw v1.06 were discovered to contain a stack buffer overflow in the file /etc/wpa_supplicant.conf. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data. | |||||
| CVE-2022-23410 | 1 Axis | 1 Ip Utility | 2022-05-11 | 4.4 MEDIUM | 7.8 HIGH |
| AXIS IP Utility before 4.18.0 allows for remote code execution and local privilege escalation by the means of DLL hijacking. IPUtility.exe would attempt to load DLLs from its current working directory which could allow for remote code execution if a compromised DLL would be placed in the same folder. | |||||