Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-27236 | 1 Mutare | 1 Voice | 2022-05-03 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. getfile.asp allows Unauthenticated Local File Inclusion, which can be leveraged to achieve Remote Code Execution. | |||||
| CVE-2021-26753 | 1 Nedi | 1 Nedi | 2022-05-03 | 6.5 MEDIUM | 9.9 CRITICAL |
| NeDi 1.9C allows an authenticated user to inject PHP code in the System Files function on the endpoint /System-Files.php via the txt HTTP POST parameter. This allows an attacker to obtain access to the operating system where NeDi is installed and to all application data. | |||||
| CVE-2021-20642 | 1 Logitech | 2 Lan-w300n\/rs, Lan-w300n\/rs Firmware | 2022-05-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| Improper check or handling of exceptional conditions in LOGITEC LAN-W300N/RS allows a remote attacker to cause a denial-of-service (DoS) condition by sending a specially crafted URL. | |||||
| CVE-2021-20637 | 1 Logitech | 2 Lan-w300n\/pr5b, Lan-w300n\/pr5b Firmware | 2022-05-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| Improper check or handling of exceptional conditions in LOGITEC LAN-W300N/PR5B allows a remote attacker to cause a denial-of-service (DoS) condition by sending a specially crafted URL. | |||||
| CVE-2021-0345 | 1 Google | 1 Android | 2022-05-03 | 7.2 HIGH | 6.7 MEDIUM |
| In mobile_log_d, there is a possible escalation of privilege due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05432974. | |||||
| CVE-2021-3115 | 4 Fedoraproject, Golang, Microsoft and 1 more | 5 Fedora, Go, Windows and 2 more | 2022-05-03 | 5.1 MEDIUM | 7.5 HIGH |
| Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the "go get" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download). | |||||
| CVE-2021-25905 | 1 Bra Project | 1 Bra | 2022-05-03 | 6.4 MEDIUM | 9.1 CRITICAL |
| An issue was discovered in the bra crate before 0.1.1 for Rust. It lacks soundness because it can read uninitialized memory. | |||||
| CVE-2021-20616 | 1 Skygroup | 1 Skysea Client View | 2022-05-03 | 4.4 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in the installer of SKYSEA Client View Ver.1.020.05b to Ver.16.001.01g allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2021-21464 | 1 Sap | 1 3d Visual Enterprise Viewer | 2022-05-03 | 4.3 MEDIUM | 4.3 MEDIUM |
| SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PCX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. | |||||
| CVE-2021-21494 | 1 Mk-auth | 1 Mk-auth | 2022-05-03 | 3.5 LOW | 4.8 MEDIUM |
| MK-AUTH through 19.01 K4.9 allows XSS via the admin/logs_ajax.php tipo parameter. An attacker can leverage this to read the centralmka2 (session token) cookie, which is not set to HTTPOnly. | |||||
| CVE-2020-27746 | 2 Debian, Schedmd | 2 Debian Linux, Slurm | 2022-05-03 | 4.3 MEDIUM | 3.7 LOW |
| Slurm before 19.05.8 and 20.x before 20.02.6 exposes Sensitive Information to an Unauthorized Actor because xauth for X11 magic cookies is affected by a race condition in a read operation on the /proc filesystem. | |||||
| CVE-2020-27697 | 2 Microsoft, Trendmicro | 5 Windows, Antivirus\+ Security 2020, Internet Security 2020 and 2 more | 2022-05-03 | 6.9 MEDIUM | 7.8 HIGH |
| Trend Micro Security 2020 (Consumer) contains a vulnerability in the installer package that could be exploited by placing a malicious DLL in a non-protected location with high privileges (symlink attack) which can lead to obtaining administrative privileges during the installation of the product. | |||||
| CVE-2020-9990 | 1 Apple | 1 Mac Os X | 2022-05-03 | 6.9 MEDIUM | 7.8 HIGH |
| A race condition was addressed with additional validation. This issue is fixed in macOS Catalina 10.15.6. A malicious application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2020-25779 | 1 Trendmicro | 1 Antivirus | 2022-05-03 | 2.1 LOW | 3.3 LOW |
| Trend Micro Antivirus for Mac 2020 (Consumer) has a vulnerability in which a Internationalized Domain Name homograph attack (Puny-code) could be used to add a malicious website to the approved websites list of Trend Micro Antivirus for Mac to bypass the web threat protection feature. | |||||
| CVE-2020-13995 | 1 Airforce | 1 Nitf Extract Utility | 2022-05-03 | 7.5 HIGH | 9.8 CRITICAL |
| U.S. Air Force Sensor Data Management System extract75 has a buffer overflow that leads to code execution. An overflow in a global variable (sBuffer) leads to a Write-What-Where outcome. Writing beyond sBuffer will clobber most global variables until reaching a pointer such as DES_info or image_info. By controlling that pointer, one achieves an arbitrary write when its fields are assigned. The data written is from a potentially untrusted NITF file in the form of an integer. The attacker can gain control of the instruction pointer. | |||||
| CVE-2020-12063 | 1 Postfix | 1 Postfix | 2022-05-03 | 5.0 MEDIUM | 5.3 MEDIUM |
| ** DISPUTED ** A certain Postfix 2.10.1-7 package could allow an attacker to send an email from an arbitrary-looking sender via a homoglyph attack, as demonstrated by the similarity of \xce\xbf to the 'o' character. This is potentially relevant when the /etc/postfix/sender_login feature is used, because a spoofed outbound message that uses a configured sender address is blocked with a "Sender address rejected: not logged in" error message, but a spoofed outbound message that uses a homoglyph of a configured sender address is not blocked. NOTE: some third parties argue that any missed blocking of spoofed outbound messages - except for exact matches to a sender address in the /etc/postfix/sender_login file - is outside the design goals of Postfix and thus cannot be considered a Postfix vulnerability. | |||||
| CVE-2020-7081 | 1 Autodesk | 1 Fbx Software Development Kit | 2022-05-03 | 9.3 HIGH | 8.8 HIGH |
| A type confusion vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to arbitary code read/write on the system running it. | |||||
| CVE-2022-24872 | 1 Shopware | 1 Shopware | 2022-05-03 | 5.5 MEDIUM | 8.1 HIGH |
| Shopware is an open commerce platform based on Symfony Framework and Vue. Permissions set to sales channel context by admin-api are still usable within normal user session. Users are advised to update to the current version 6.4.10.1. For older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin. There are no known workarounds for this issue. | |||||
| CVE-2021-43708 | 1 Helpsystems | 1 Titus Data Classification | 2022-05-03 | 2.1 LOW | 5.5 MEDIUM |
| The Labeling tool in Titus Classification Suite 18.8.1910.140 allows users to avoid the generation of a classification label by using Excel's safe mode. | |||||
| CVE-2022-27237 | 1 Ni | 5 Flexlogger, G Web Development Software, Labview and 2 more | 2022-05-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| There is a cross-site scripting (XSS) vulnerability in an NI Web Server component installed with several NI products. Depending on the product(s) in use, remediation guidance includes: install SystemLink version 2021 R3 or later, install FlexLogger 2022 Q2 or later, install LabVIEW 2021 SP1, install G Web Development 2022 R1 or later, or install Static Test Software Suite version 1.2 or later. | |||||
| CVE-2021-35229 | 1 Solarwinds | 2 Database Performance Analyzer, Database Performance Monitor | 2022-05-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability is present in Database Performance Monitor 2022.1.7779 and previous versions when using a complex SQL query | |||||
| CVE-2022-20804 | 1 Cisco | 1 Unified Communications Manager | 2022-05-03 | 6.1 MEDIUM | 6.5 MEDIUM |
| A vulnerability in the Cisco Discovery Protocol of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, adjacent attacker to cause a kernel panic on an affected system, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect processing of certain Cisco Discovery Protocol packets. An attacker could exploit this vulnerability by continuously sending certain Cisco Discovery Protocol packets to an affected device. A successful exploit could allow the attacker to cause a kernel panic on the system that is running the affected software, resulting in a DoS condition. | |||||
| CVE-2022-20790 | 1 Cisco | 1 Unified Communications Manager | 2022-05-03 | 4.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to read arbitrary files from the underlying operating system. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to an affected system. A successful exploit could allow the attacker to access sensitive files on the underlying operating system. | |||||
| CVE-2022-20732 | 1 Cisco | 1 Virtualized Infrastructure Manager | 2022-05-03 | 4.6 MEDIUM | 7.8 HIGH |
| A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager (VIM) could allow an authenticated, local attacker to access confidential information and elevate privileges on an affected device. This vulnerability is due to improper access permissions for certain configuration files. An attacker with low-privileged credentials could exploit this vulnerability by accessing an affected device and reading the affected configuration files. A successful exploit could allow the attacker to obtain internal database credentials, which the attacker could use to view and modify the contents of the database. The attacker could use this access to the database to elevate privileges on the affected device. | |||||
| CVE-2021-40402 | 1 Gerbv Project | 1 Gerbv | 2022-05-03 | 5.0 MEDIUM | 7.5 HIGH |
| An out-of-bounds read vulnerability exists in the RS-274X aperture macro multiple outline primitives functionality of Gerbv 2.7.0 and dev (commit b5f1eacd), and Gerbv forked 2.7.1 and 2.8.0. A specially-crafted Gerber file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2021-40400 | 1 Gerbv Project | 1 Gerbv | 2022-05-03 | 5.0 MEDIUM | 7.5 HIGH |
| An out-of-bounds read vulnerability exists in the RS-274X aperture macro outline primitive functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and the forked version of Gerbv (commit d7f42a9a). A specially-crafted Gerber file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2022-24869 | 1 Glpi-project | 1 Glpi | 2022-05-03 | 3.5 LOW | 5.4 MEDIUM |
| GLPI is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions prior to 10.0.0 one can use ticket's followups or setup login messages with a stylesheet link. This may allow for a cross site scripting attack vector. This issue is partially mitigated by cors security of browsers, though users are still advised to upgrade. | |||||
| CVE-2020-14118 | 1 Mi | 1 Mi App Store | 2022-05-03 | 5.8 MEDIUM | 6.1 MEDIUM |
| An intent redirection vulnerability in the Mi App Store product. This vulnerability is caused by the Mi App Store does not verify the validity of the incoming data, can cause the app store to automatically download and install apps. | |||||
| CVE-2022-24861 | 1 Databasir | 1 Databasir | 2022-05-03 | 6.5 MEDIUM | 8.8 HIGH |
| Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has remote code execution vulnerability. JDBC drivers are not validated prior to use and may be provided by users of the system. This can lead to code execution by any basic user who has access to the system. Users are advised to upgrade. There are no known workarounds to this issue. | |||||
| CVE-2022-24862 | 1 Databasir Project | 1 Databasir | 2022-05-03 | 4.0 MEDIUM | 7.7 HIGH |
| Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has Server-Side Request Forgery vulnerability. During the download verification process of a JDBC driver the corresponding JDBC driver download address will be downloaded first, but this address will return a response page with complete error information when accessing a non-existent URL. Attackers can take advantage of this feature for SSRF. | |||||
| CVE-2019-11835 | 2 Cjson Project, Oracle | 2 Cjson, Timesten In-memory Database | 2022-05-03 | 7.5 HIGH | 9.8 CRITICAL |
| cJSON before 1.7.11 allows out-of-bounds access, related to multiline comments. | |||||
| CVE-2019-11834 | 2 Cjson Project, Oracle | 2 Cjson, Timesten In-memory Database | 2022-05-03 | 7.5 HIGH | 9.8 CRITICAL |
| cJSON before 1.7.11 allows out-of-bounds access, related to \x00 in a string literal. | |||||
| CVE-2019-11412 | 2 Artifex, Fedoraproject | 2 Mujs, Fedora | 2022-05-03 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Artifex MuJS 1.0.5. jscompile.c can cause a denial of service (invalid stack-frame jump) because it lacks an ENDTRY opcode call. | |||||
| CVE-2019-10899 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2022-05-03 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a heap-based buffer under-read. | |||||
| CVE-2019-10895 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2022-05-03 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the NetScaler file parser could crash. This was addressed in wiretap/netscaler.c by improving data validation. | |||||
| CVE-2019-10740 | 3 Fedoraproject, Opensuse, Roundcube | 4 Fedora, Backports Sle, Leap and 1 more | 2022-05-03 | 4.3 MEDIUM | 4.3 MEDIUM |
| In Roundcube Webmail before 1.3.10, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker. | |||||
| CVE-2019-10692 | 1 Codecabin | 1 Wp Google Maps | 2022-05-03 | 7.5 HIGH | 9.8 CRITICAL |
| In the wp-google-maps plugin before 7.11.18 for WordPress, includes/class.rest-api.php in the REST API does not sanitize field names before a SELECT statement. | |||||
| CVE-2019-9752 | 2 Opensuse, Otrs | 3 Backports Sle, Leap, Otrs | 2022-05-03 | 3.5 LOW | 5.4 MEDIUM |
| An issue was discovered in Open Ticket Request System (OTRS) 5.x before 5.0.34, 6.x before 6.0.16, and 7.x before 7.0.4. An attacker who is logged into OTRS as an agent or a customer user may upload a carefully crafted resource in order to cause execution of JavaScript in the context of OTRS. This is related to Content-type mishandling in Kernel/Modules/PictureUpload.pm. | |||||
| CVE-2019-7310 | 5 Canonical, Debian, Fedoraproject and 2 more | 11 Ubuntu Linux, Debian Linux, Fedora and 8 more | 2022-05-03 | 6.8 MEDIUM | 7.8 HIGH |
| In Poppler 0.73.0, a heap-based buffer over-read (due to an integer signedness error in the XRef::getEntry function in XRef.cc) allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo. | |||||
| CVE-2020-6448 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2022-05-03 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2020-8437 | 1 Bittorrent | 1 Utorrent | 2022-05-03 | 5.0 MEDIUM | 7.5 HIGH |
| The bencoding parser in BitTorrent uTorrent through 3.5.5 (build 45505) misparses nested bencoded dictionaries, which allows a remote attacker to cause a denial of service. | |||||
| CVE-2019-7656 | 1 Wowza | 1 Streaming Engine | 2022-05-03 | 7.2 HIGH | 7.8 HIGH |
| A privilege escalation vulnerability in Wowza Streaming Engine 4.8.0 and earlier allows any unprivileged Linux user to escalate privileges to root. The installer sets too relaxed permissions on /usr/local/WowzaStreamingEngine/bin/* core program files. By injecting a payload into one of those files, it will run with the same privileges as the Wowza server, root. For example, /usr/local/WowzaStreamingEngine/bin/tune.sh could be replaced with a Trojan horse. This issue was resolved in Wowza Streaming Engine 4.8.5. | |||||
| CVE-2020-7232 | 1 Evoko | 1 Home | 2022-05-03 | 5.0 MEDIUM | 7.5 HIGH |
| Evoko Home devices 1.31 through 1.37 allow remote attackers to obtain sensitive information (such as usernames and password hashes) via a WebSocket request, as demonstrated by the sockjs/224/uf1psgff/websocket URI at a wss:// URL. | |||||
| CVE-2019-18179 | 3 Debian, Opensuse, Otrs | 4 Debian Linux, Backports Sle, Leap and 1 more | 2022-05-03 | 4.0 MEDIUM | 4.3 MEDIUM |
| An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.12, and Community Edition 5.0.x through 5.0.38 and 6.0.x through 6.0.23. An attacker who is logged into OTRS as an agent is able to list tickets assigned to other agents, even tickets in a queue where the attacker doesn't have permissions. | |||||
| CVE-2019-19689 | 2 Microsoft, Trendmicro | 2 Windows, Housecall For Home Networks | 2022-05-03 | 4.4 MEDIUM | 7.8 HIGH |
| Trend Micro HouseCall for Home Networks (versions below 5.3.0.1063) could be exploited via a DLL Hijack related to a vulnerability on the packer that the program uses. | |||||
| CVE-2019-19830 | 3 Canonical, Debian, Spip | 3 Ubuntu Linux, Debian Linux, Spip | 2022-05-03 | 4.0 MEDIUM | 6.5 MEDIUM |
| _core_/plugins/medias in SPIP 3.2.x before 3.2.7 allows remote authenticated authors to inject content into the database. | |||||
| CVE-2019-16863 | 1 St | 8 St33tphf20i2c, St33tphf20i2c Firmware, St33tphf20spi and 5 more | 2022-05-03 | 4.3 MEDIUM | 5.9 MEDIUM |
| STMicroelectronics ST33TPHF2ESPI TPM devices before 2019-09-12 allow attackers to extract the ECDSA private key via a side-channel timing attack because ECDSA scalar multiplication is mishandled, aka TPM-FAIL. | |||||
| CVE-2019-18848 | 2 Debian, Json-jwt Project | 2 Debian Linux, Json-jwt | 2022-05-03 | 5.0 MEDIUM | 7.5 HIGH |
| The json-jwt gem before 1.11.0 for Ruby lacks an element count during the splitting of a JWE string. | |||||
| CVE-2019-16394 | 3 Canonical, Debian, Spip | 3 Ubuntu Linux, Debian Linux, Spip | 2022-05-03 | 5.0 MEDIUM | 5.3 MEDIUM |
| SPIP before 3.1.11 and 3.2 before 3.2.5 provides different error messages from the password-reminder page depending on whether an e-mail address exists, which might help attackers to enumerate subscribers. | |||||
| CVE-2019-15947 | 1 Bitcoin | 1 Bitcoin Core | 2022-05-03 | 5.0 MEDIUM | 7.5 HIGH |
| In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it may dump a core file. If a user were to mishandle a core file, an attacker can reconstruct the user's wallet.dat file, including their private keys, via a grep "6231 0500" command. | |||||