Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-20097 | 2 Google, Mediatek | 45 Android, Mt6580, Mt6739 and 42 more | 2022-05-11 | 1.9 LOW | 4.7 MEDIUM |
| In aee daemon, there is a possible information disclosure due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06383944; Issue ID: ALPS06383944. | |||||
| CVE-2021-20321 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Enterprise Linux | 2022-05-11 | 4.7 MEDIUM | 4.7 MEDIUM |
| A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system. | |||||
| CVE-2021-41942 | 1 Msvod | 1 Msvod Cms | 2022-05-11 | 5.0 MEDIUM | 7.5 HIGH |
| The Magic CMS MSVOD v10 video system has a SQL injection vulnerability. Attackers can use vulnerabilities to obtain sensitive information in the database. | |||||
| CVE-2022-1534 | 1 Libmobi Project | 1 Libmobi | 2022-05-11 | 3.6 LOW | 7.1 HIGH |
| Buffer Over-read at parse_rawml.c:1416 in GitHub repository bfabiszewski/libmobi prior to 0.11. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash. | |||||
| CVE-2022-1533 | 1 Libmobi Project | 1 Libmobi | 2022-05-11 | 4.6 MEDIUM | 7.8 HIGH |
| Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11. This vulnerability is capable of arbitrary code execution. | |||||
| CVE-2022-24683 | 1 Hashicorp | 1 Nomad | 2022-05-11 | 7.8 HIGH | 7.5 HIGH |
| HashiCorp Nomad and Nomad Enterprise 0.9.2 through 1.0.17, 1.1.11, and 1.2.5 allow operators with read-fs and alloc-exec (or job-submit) capabilities to read arbitrary files on the host filesystem as root. | |||||
| CVE-2022-1531 | 1 Rtx Project | 1 Rtx | 2022-05-11 | 10.0 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in ARAX-UI Synonym Lookup functionality in GitHub repository rtxteam/rtx prior to checkpoint_2022-04-20 . This vulnerability is critical as it can lead to remote code execution and thus complete server takeover. | |||||
| CVE-2022-21227 | 1 Ghost | 1 Sqlite3 | 2022-05-11 | 5.0 MEDIUM | 7.5 HIGH |
| The package sqlite3 before 5.0.3 are vulnerable to Denial of Service (DoS) which will invoke the toString function of the passed parameter. If passed an invalid Function object it will throw and crash the V8 engine. | |||||
| CVE-2022-25258 | 3 Debian, Fedoraproject, Linux | 3 Debian Linux, Fedora, Linux Kernel | 2022-05-11 | 4.9 MEDIUM | 4.6 MEDIUM |
| An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruption might occur. | |||||
| CVE-2022-21189 | 1 Dexie | 1 Dexie | 2022-05-11 | 7.5 HIGH | 9.8 CRITICAL |
| The package dexie before 3.2.2, from 4.0.0-alpha.1 and before 4.0.0-alpha.3 are vulnerable to Prototype Pollution in the Dexie.setByKeyPath(obj, keyPath, value) function which does not properly check the keys being set (like __proto__ or constructor). This can allow an attacker to add/modify properties of the Object.prototype leading to prototype pollution vulnerability. **Note:** This vulnerability can occur in multiple ways, for example when modifying a collection with untrusted user input. | |||||
| CVE-2022-21167 | 1 Idqk | 1 Masuit.tools | 2022-05-11 | 7.5 HIGH | 9.8 CRITICAL |
| All versions of package masuit.tools.core are vulnerable to Arbitrary Code Execution via the ReceiveVarData<T> function in the SocketClient.cs component. The socket client in the package can pass in the payload via the user-controllable input after it has been established, because this socket client transmission does not have the appropriate restrictions or type bindings for the BinaryFormatter. | |||||
| CVE-2022-21149 | 1 S-cart | 1 S-cart | 2022-05-11 | 3.5 LOW | 3.5 LOW |
| The package s-cart/s-cart before 6.9; the package s-cart/core before 6.9 are vulnerable to Cross-site Scripting (XSS) which can lead to cookie stealing of any victim that visits the affected URL so the attacker can gain unauthorized access to that user's account through the stolen cookie. | |||||
| CVE-2022-29947 | 1 Woodpecker-ci | 1 Woodpecker | 2022-05-11 | 4.3 MEDIUM | 6.1 MEDIUM |
| Woodpecker before 0.15.1 allows XSS via build logs because web/src/components/repo/build/BuildLog.vue lacks escaping. | |||||
| CVE-2022-28198 | 2 Microsoft, Nvidia | 3 Windows, Omniverse Cache, Omniverse Nucleus | 2022-05-11 | 4.6 MEDIUM | 6.8 MEDIUM |
| NVIDIA Omniverse Nucleus and Cache contain a vulnerability in its configuration of OpenSSL, where an attacker with physical access to the system can cause arbitrary code execution which can impact confidentiality, integrity, and availability. | |||||
| CVE-2022-20096 | 2 Google, Mediatek | 13 Android, Mt6765, Mt6768 and 10 more | 2022-05-11 | 2.1 LOW | 4.4 MEDIUM |
| In camera, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS06419003; Issue ID: ALPS06419003. | |||||
| CVE-2022-1543 | 1 Erudika | 1 Scoold | 2022-05-11 | 6.5 MEDIUM | 8.8 HIGH |
| Improper handling of Length parameter in GitHub repository erudika/scoold prior to 1.49.4. When the text size is large enough the service results in a momentary outage in a production environment. That can lead to memory corruption on the server. | |||||
| CVE-2022-29937 | 1 Usu | 1 Oracle Optimization | 2022-05-11 | 9.0 HIGH | 8.8 HIGH |
| USU Oracle Optimization before 5.17.5 allows authenticated DataCollection users to achieve agent root access because some common OS commands are blocked but (for example) an OS command for base64 decoding is not blocked. NOTE: this is not an Oracle Corporation product. | |||||
| CVE-2022-29936 | 1 Usu | 1 Oracle Optimization | 2022-05-11 | 6.5 MEDIUM | 8.8 HIGH |
| USU Oracle Optimization before 5.17 allows authenticated quantum users to achieve remote code execution because of /v2/quantum/save-data-upload-big-file Java deserialization. NOTE: this is not an Oracle Corporation product. | |||||
| CVE-2021-4090 | 2 Linux, Netapp | 17 Linux Kernel, Baseboard Management Controller H300e, Baseboard Management Controller H300e Firmware and 14 more | 2022-05-11 | 6.6 MEDIUM | 7.1 HIGH |
| An out-of-bounds (OOB) memory write flaw was found in the NFSD in the Linux kernel. Missing sanity may lead to a write beyond bmval[bmlen-1] in nfsd4_decode_bitmap4 in fs/nfsd/nfs4xdr.c. In this flaw, a local attacker with user privilege may gain access to out-of-bounds memory, leading to a system integrity and confidentiality threat. | |||||
| CVE-2022-20084 | 2 Google, Mediatek | 55 Android, Mt6731, Mt6732 and 52 more | 2022-05-11 | 4.6 MEDIUM | 7.8 HIGH |
| In telephony, there is a possible way to disable receiving emergency broadcasts due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06498874; Issue ID: ALPS06498874. | |||||
| CVE-2022-29451 | 1 Rarathemes | 1 Rara One Click Demo Import | 2022-05-11 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) leading to Arbitrary File Upload vulnerability in Rara One Click Demo Import plugin <= 1.2.9 on WordPress allows attackers to trick logged-in admin users into uploading dangerous files into /wp-content/uploads/ directory. | |||||
| CVE-2021-29854 | 1 Ibm | 2 Maximo Application Suite, Maximo Asset Management | 2022-05-11 | 4.3 MEDIUM | 7.2 HIGH |
| IBM Maximo Asset Management 7.6.1.1 and 7.6.1.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to inject HTTP HOST header, which will allow the attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 205680. | |||||
| CVE-2022-26325 | 1 Microfocus | 1 Netiq Access Manager | 2022-05-11 | 4.3 MEDIUM | 6.1 MEDIUM |
| Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.2 | |||||
| CVE-2022-1378 | 1 Deltaww | 1 Diaenergie | 2022-05-11 | 10.0 HIGH | 9.8 CRITICAL |
| Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_pgHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands. | |||||
| CVE-2022-1377 | 1 Deltaww | 1 Diaenergie | 2022-05-11 | 10.0 HIGH | 9.8 CRITICAL |
| Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_rltHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands. | |||||
| CVE-2014-3620 | 2 Apple, Haxx | 3 Mac Os X, Curl, Libcurl | 2022-05-11 | 5.0 MEDIUM | N/A |
| cURL and libcurl before 7.38.0 allow remote attackers to bypass the Same Origin Policy and set cookies for arbitrary sites by setting a cookie for a top-level domain. | |||||
| CVE-2022-24882 | 1 Freerdp | 1 Freerdp | 2022-05-11 | 5.0 MEDIUM | 7.5 HIGH |
| FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). In versions prior to 2.7.0, NT LAN Manager (NTLM) authentication does not properly abort when someone provides and empty password value. This issue affects FreeRDP based RDP Server implementations. RDP clients are not affected. The vulnerability is patched in FreeRDP 2.7.0. There are currently no known workarounds. | |||||
| CVE-2021-29859 | 1 Ibm | 1 Cloud Pak For Business Automation | 2022-05-11 | 4.6 MEDIUM | 6.8 MEDIUM |
| IBM ICP4A - User Management System Component (IBM Cloud Pak for Business Automation V21.0.3 through V21.0.3-IF008, V21.0.2 through V21.0.2-IF009, and V21.0.1 through V21.0.1-IF007) could allow a user with physical access to the system to perform unauthorized actions or obtain sensitive information due to insufficient validation and recvocation another user logouting out. IBM X-Force ID: 206081. | |||||
| CVE-2021-42528 | 1 Adobe | 1 Xmp Toolkit Software Development Kit | 2022-05-11 | 7.1 HIGH | 5.5 MEDIUM |
| XMP Toolkit 2021.07 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-42529 | 1 Adobe | 1 Xmp Toolkit Software Development Kit | 2022-05-11 | 9.3 HIGH | 7.8 HIGH |
| XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file. | |||||
| CVE-2021-42531 | 1 Adobe | 1 Xmp Toolkit Software Development Kit | 2022-05-11 | 9.3 HIGH | 7.8 HIGH |
| XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file. | |||||
| CVE-2021-42530 | 1 Adobe | 1 Xmp Toolkit Software Development Kit | 2022-05-11 | 9.3 HIGH | 7.8 HIGH |
| XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file. | |||||
| CVE-2021-42532 | 1 Adobe | 1 Xmp Toolkit Software Development Kit | 2022-05-11 | 9.3 HIGH | 7.8 HIGH |
| XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file. | |||||
| CVE-2021-4138 | 1 Mozilla | 1 Geckodriver | 2022-05-11 | 5.0 MEDIUM | 5.3 MEDIUM |
| Improved Host header checks to reject requests not sent to a well-known local hostname or IP, or the server-specified hostname. | |||||
| CVE-2022-20767 | 1 Cisco | 1 Firepower Threat Defense | 2022-05-11 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability in the Snort rule evaluation function of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of the DNS reputation enforcement rule. An attacker could exploit this vulnerability by sending crafted UDP packets through an affected device to force a buildup of UDP connections. A successful exploit could allow the attacker to cause traffic that is going through the affected device to be dropped, resulting in a DoS condition. Note: This vulnerability only affects Cisco FTD devices that are running Snort 3. | |||||
| CVE-2022-24974 | 1 Menlosecurity | 1 Email Isolation | 2022-05-11 | 5.0 MEDIUM | 5.3 MEDIUM |
| Links may not be rewritten according to policy in some specially formatted emails. | |||||
| CVE-2022-28118 | 1 Sscms | 1 Siteserver Cms | 2022-05-11 | 7.5 HIGH | 9.8 CRITICAL |
| SiteServer CMS v7.x allows attackers to execute arbitrary code via a crafted plug-in. | |||||
| CVE-2021-41959 | 1 Jerryscript | 1 Jerryscript | 2022-05-11 | 5.0 MEDIUM | 7.5 HIGH |
| JerryScript Git version 14ff5bf does not sufficiently track and release allocated memory via jerry-core/ecma/operations/ecma-regexp-object.c after RegExp, which causes a memory leak. | |||||
| CVE-2021-42165 | 1 Mitrastar | 2 Gpt-2541gnac-n1, Gpt-2541gnac-n1 Firmware | 2022-05-11 | 9.0 HIGH | 8.8 HIGH |
| MitraStar GPT-2541GNAC-N1 (HGU) 100VNZ0b33 devices allow remote authenticated users to obtain root access by executing command "deviceinfo show file &&/bin/bash" because of incorrect sanitization of parameter "path". | |||||
| CVE-2022-0916 | 1 Logitech | 1 Options | 2022-05-10 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in Logitech Options. The OAuth 2.0 state parameter was not properly validated. This leaves applications vulnerable to CSRF attacks during authentication and authorization operations. | |||||
| CVE-2021-22556 | 1 Google | 1 Fuchsia | 2022-05-10 | 4.6 MEDIUM | 7.8 HIGH |
| The Security Team discovered an integer overflow bug that allows an attacker with code execution to issue memory cache invalidation operations on pages that they don’t own, allowing them to control kernel memory from userspace. We recommend upgrading to kernel version 4.1 or beyond. | |||||
| CVE-2021-22573 | 1 Google | 1 Oauth Client Library For Java | 2022-05-10 | 3.5 LOW | 7.3 HIGH |
| The vulnerability is that IDToken verifier does not verify if token is properly signed. Signature verification makes sure that the token's payload comes from valid provider, not from someone else. An attacker can provide a compromised token with custom payload. The token will pass the validation on the client side. We recommend upgrading to version 1.33.3 or above | |||||
| CVE-2021-3608 | 2 Fedoraproject, Qemu | 2 Fedora, Qemu | 2022-05-10 | 4.9 MEDIUM | 6.0 MEDIUM |
| A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior to 6.1.0. The issue occurs while handling a "PVRDMA_REG_DSRHIGH" write from the guest and may result in a crash of QEMU or cause undefined behavior due to the access of an uninitialized pointer. The highest threat from this vulnerability is to system availability. | |||||
| CVE-2021-3607 | 2 Fedoraproject, Qemu | 2 Fedora, Qemu | 2022-05-10 | 4.9 MEDIUM | 6.0 MEDIUM |
| An integer overflow was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior to 6.1.0. The issue occurs while handling a "PVRDMA_REG_DSRHIGH" write from the guest due to improper input validation. This flaw allows a privileged guest user to make QEMU allocate a large amount of memory, resulting in a denial of service. The highest threat from this vulnerability is to system availability. | |||||
| CVE-2022-23985 | 1 Fatek | 1 Fvdesigner | 2022-05-10 | 6.8 MEDIUM | 7.8 HIGH |
| The affected product is vulnerable to an out-of-bounds write while processing project files, which allows an attacker to craft a project file that would allow arbitrary code execution. | |||||
| CVE-2022-22137 | 1 Accusoft | 1 Imagegear | 2022-05-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| A memory corruption vulnerability exists in the ioca_mys_rgb_allocate functionality of Accusoft ImageGear 19.10. A specially-crafted malformed file can lead to an arbitrary free. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2022-1376 | 1 Deltaww | 1 Diaenergie | 2022-05-10 | 10.0 HIGH | 9.8 CRITICAL |
| Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_privgrpHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands. | |||||
| CVE-2022-20085 | 2 Google, Mediatek | 53 Android, Mt6580, Mt6731 and 50 more | 2022-05-10 | 4.6 MEDIUM | 6.7 MEDIUM |
| In netdiag, there is a possible symbolic link following due to an improper link resolution. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06308877; Issue ID: ALPS06308877. | |||||
| CVE-2022-28505 | 1 Jflyfox | 1 Jfinal Cms | 2022-05-10 | 6.5 MEDIUM | 7.2 HIGH |
| Jfinal_cms 5.1.0 is vulnerable to SQL Injection via com.jflyfox.system.log.LogController.java. | |||||
| CVE-2022-1375 | 1 Deltaww | 1 Diaenergie | 2022-05-10 | 10.0 HIGH | 9.8 CRITICAL |
| Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_slogHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands. | |||||