iss — blackice_pc_protection
  ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in ISS BlackICE PC Protection and classified as critical. Affected by this issue is the component Cross Site Scripting Detection. The manipulation as part of POST/PUT/DELETE/OPTIONS Request leads to privilege escalation. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. 2022-03-28 not yet calculated CVE-2003-5001
MISC
MISC
MISC iss — blackice_pc_protection
  ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in ISS BlackICE PC Protection. It has been declared as problematic. Affected by this vulnerability is the component Update Handler which allows cleartext transmission of data. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. 2022-03-28 not yet calculated CVE-2003-5002
MISC iss — blackice_pc_protection
  ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in ISS BlackICE PC Protection. It has been rated as problematic. Affected by this issue is the Update Handler. The manipulation with an unknown input leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. 2022-03-28 not yet calculated CVE-2003-5003
MISC netegrity — siteminder
  ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Netegrity SiteMinder up to 4.5.1 and classified as critical. Affected by this issue is the file /siteminderagent/pwcgi/smpwservicescgi.exe of the component Login. The manipulation of the argument target leads to an open redirect. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. 2022-03-28 not yet calculated CVE-2005-10001
MISC pro2col — stingray_fts
  ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, has been found in Pro2col Stingray FTS. The manipulation of the argument Username leads to cross site scripting. The attack may be initiated remotely. It is recommended to upgrade the affected component. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. 2022-03-28 not yet calculated CVE-2008-10001
MISC
MISC shemes — grablt
  A vulnerability, which was classified as problematic, was found in Shemes GrabIt up to 1.7.2 Beta 4. This affects the component NZB Date Parser. The manipulation of the argument date with the input 1000000000000000 as part of a NZB File leads to a denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. 2022-03-28 not yet calculated CVE-2010-10001
MISC
MISC
MISC kiddoware — kids_place A vulnerability classified as problematic has been found in Kiddoware Kids Place. This affects the Home Button Protection. A repeated pressing of the button causes a local denial of service. It is recommended to upgrade the affected component. 2022-03-28 not yet calculated CVE-2015-10002
N/A yubico — ykneo-openpgp
  Yubico ykneo-openpgp before 1.0.10 has a typo in which an invalid PIN can be used. When first powered up, a signature will be issued even though the PIN has not been validated. 2022-03-30 not yet calculated CVE-2015-3298
MISC weka — interest_security_scanner
  ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in WEKA INTEREST Security Scanner 1.8. It has been rated as problematic. This issue affects some unknown processing of the component HTTP Handler. The manipulation with an unknown input leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. 2022-03-28 not yet calculated CVE-2017-20011
MISC
MISC weka — interest_security_scanner
  ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic has been found in WEKA INTEREST Security Scanner up to 1.8. Affected is Stresstest Scheme Handler which leads to a denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. 2022-03-28 not yet calculated CVE-2017-20012
MISC
MISC
MISC weka — interest_security_scanner
  ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic was found in WEKA INTEREST Security Scanner up to 1.8. Affected by this vulnerability is the Stresstest Configuration Handler. A manipulation leads to a local denial of service. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. 2022-03-28 not yet calculated CVE-2017-20013
MISC
MISC
MISC weka — interest_security_scanner
  ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, has been found in WEKA INTEREST Security Scanner up to 1.8. Affected by this issue is some unknown functionality of the component Webspider. The manipulation with an unknown input leads to denial of service. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. 2022-03-28 not yet calculated CVE-2017-20014
MISC
MISC
MISC weka — interest_security_scanner
  ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, was found in WEKA INTEREST Security Scanner up to 1.8. This affects an unknown part of the component LAN Viewer. The manipulation with an unknown input leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. 2022-03-28 not yet calculated CVE-2017-20015
MISC
MISC
MISC weka — interest_security_scanner
  ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in WEKA INTEREST Security Scanner up to 1.8 and classified as problematic. This vulnerability affects unknown code of the component Portscan. The manipulation with an unknown input leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. 2022-03-28 not yet calculated CVE-2017-20016
MISC
MISC
MISC mirmay — secure_private_browser_and_file_manager
  A vulnerability classified as problematic has been found in Mirmay Secure Private Browser and File Manager up to 2.5. Affected is the Auto Lock. A race condition leads to a local authentication bypass. The exploit has been disclosed to the public and may be used. 2022-03-28 not yet calculated CVE-2018-25030
N/A
N/A
MISC wyze — cam_pan
  Stack-based Buffer Overflow vulnerability in Wyze Cam Pan v2, Cam v2, Cam v3 allows an attacker to run arbitrary code on the affected device. This issue affects: Wyze Cam Pan v2 versions prior to 4.49.1.47. Wyze Cam v2 versions prior to 4.9.8.1002. Wyze Cam v3 versions prior to 4.36.8.32. 2022-03-30 not yet calculated CVE-2019-12266
MISC linux — business_central_console
  It was observed that while login into Business-central console, HTTP request discloses sensitive information like username and password when intercepted using some tool like burp suite etc. 2022-04-01 not yet calculated CVE-2019-14839
MISC wyze — cam_pan
  A vulnerability in the authentication logic of Wyze Cam Pan v2, Cam v2, Cam v3 allows an attacker to bypass login and control the devices. This issue affects: Wyze Cam Pan v2 versions prior to 4.49.1.47. Wyze Cam v2 versions prior to 4.9.8.1002. Wyze Cam v3 versions prior to 4.36.8.32. 2022-03-30 not yet calculated CVE-2019-9564
CONFIRM inductive_automation — inductive_automation_ignition_7_gateway Sensitive information can be obtained through the handling of serialized data. The issue results from the lack of proper authentication required to query the server 2022-04-01 not yet calculated CVE-2020-14479
MISC nexusphp — nexusphp
  SQL injection vulnerability in takeconfirm.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the classes parameter. 2022-03-30 not yet calculated CVE-2020-24769
MISC
MISC
MISC nexusphp — nexusphp
  SQL injection vulnerability in modrules.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. 2022-03-30 not yet calculated CVE-2020-24770
MISC
MISC
MISC nexusphp — nexusphp
  Incorrect access control in NexusPHP 1.5.beta5.20120707 allows unauthorized attackers to access published content. 2022-03-30 not yet calculated CVE-2020-24771
MISC
MISC linux — linux
  A flaw was found in darkhttpd. Invalid error handling allows remote attackers to cause denial-of-service by accessing a file with a large modification date. The highest threat from this vulnerability is to system availability. 2022-04-01 not yet calculated CVE-2020-25691
MISC linux — linux_kernels
  A flaw was found in the Linux kernels implementation of audit rules, where a syscall can unexpectedly not be correctly not be logged by the audit subsystem 2022-03-30 not yet calculated CVE-2020-35501
MISC android — android
  In createBluetoothDeviceSlice of ConnectedDevicesSliceProvider.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-185190688 2022-03-30 not yet calculated CVE-2021-1000
MISC android — android
  In createGeneralSlice of ConnectedDevicesSliceProvider.java.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-185247656 2022-03-30 not yet calculated CVE-2021-1033
MISC qualcomm — qualcomm
  Improper handling of permissions of a shared memory region can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking 2022-04-01 not yet calculated CVE-2021-1942
CONFIRM qualcomm — qualcomm
  Improper cleaning of secure memory between authenticated users can lead to face authentication bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking 2022-04-01 not yet calculated CVE-2021-1950
CONFIRM linux — linux
  It was found in OpenShift Container Platform 4 that ignition config, served by the Machine Config Server, can be accessed externally from clusters without authentication. The MCS endpoint (port 22623) provides ignition configuration used for bootstrapping Nodes and can include some sensitive data, e.g. registry pull secrets. There are two scenarios where this data can be accessed. The first is on Baremetal, OpenStack, Ovirt, Vsphere and KubeVirt deployments which do not have a separate internal API endpoint and allow access from outside the cluster to port 22623 from the standard OpenShift API Virtual IP address. The second is on cloud deployments when using unsupported network plugins, which do not create iptables rules that prevent to port 22623. In this scenario, the ignition config is exposed to all pods within the cluster and cannot be accessed externally. 2022-04-01 not yet calculated CVE-2021-20238
MISC linux — linux
  It was discovered that the update for the virt:rhel module in the RHSA-2020:4676 (https://access.redhat.com/errata/RHSA-2020:4676) erratum released as part of Red Hat Enterprise Linux 8.3 failed to include the fix for the qemu-kvm component issue CVE-2020-10756, which was previously corrected in virt:rhel/qemu-kvm via erratum RHSA-2020:4059 (https://access.redhat.com/errata/RHSA-2020:4059). CVE-2021-20295 was assigned to that Red Hat specific security regression. For more details about the original security issue CVE-2020-10756, refer to bug 1835986 or the CVE page: https://access.redhat.com/security/cve/CVE-2020-10756. 2022-04-01 not yet calculated CVE-2021-20295
MISC
MISC pfsense — pfsense_ce_and_plus
  Cross-site scripting vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions 2.5.2 and earlier, and pfSense Plus software versions 21.05 and earlier) allows a remote attacker to inject an arbitrary script via a malicious URL. 2022-03-31 not yet calculated CVE-2021-20729
MISC
MISC abb — 800xa_control
  Improper Input Validation vulnerability in ABB 800xA, Control Software for AC 800M, Control Builder Safe, Compact Product Suite – Control and I/O, ABB Base Software for SoftControl allows an attacker to cause the denial of service. 2022-04-01 not yet calculated CVE-2021-22277
MISC google — data_transfer_project
  On unix-like systems, the system temporary directory is shared between all users on that system. The root cause is File.createTempFile creates files in the the system temporary directory with world readable permissions. Any sensitive information written to theses files is visible to all other local users on unix-like systems. We recommend upgrading past commit https://github.com/google/data-transfer-project/pull/969 2022-03-29 not yet calculated CVE-2021-22572
CONFIRM google — data_transfer_project
  A command injection vulerability found in quick game engine allows arbitrary remote code in quick app. Allows remote attacke0rs to gain arbitrary code execution in quick game engine 2022-04-01 not yet calculated CVE-2021-23247
MISC ipm — intelligent_power_manager
  The vulnerability exists due to insufficient validation of input of certain resources within the IPM software. This issue affects: Intelligent Power Manager (IPM 1) versions prior to 1.70. 2022-04-01 not yet calculated CVE-2021-23287
MISC ipp — inteligent_power_protector
  The vulnerability exists due to insufficient validation of input from certain resources by the IPP software. The attacker would need access to the local Subnet and an administrator interaction to compromise the system. This issue affects: Intelligent Power Protector versions prior to 1.69. 2022-04-01 not yet calculated CVE-2021-23288
MISC bosch — cpp_firmware
  A specially crafted TCP/IP packet may cause a camera recovery image telnet interface to crash. It may also cause a buffer overflow which could enable remote code execution. The recovery image can only be booted with administrative rights or with physical access to the camera and allows the upload of a new firmware in case of a damaged firmware. 2022-03-30 not yet calculated CVE-2021-23850
CONFIRM bosch — cpp_firmware
  A specially crafted TCP/IP packet may cause the camera recovery image web interface to crash. It may also cause a buffer overflow which could enable remote code execution. The recovery image can only be booted with administrative rights or with physical access to the camera and allows the upload of a new firmware in case of a damaged firmware. 2022-03-30 not yet calculated CVE-2021-23851
CONFIRM wpscan — wpscan
  The Social Sharing Plugin WordPress plugin before 3.3.40 does not escape the viewed post URL before outputting it back in onclick attributes when the “Enable ‘More’ icon” option is enabled (which is the default setting), leading to a Reflected Cross-Site Scripting issue. 2022-03-28 not yet calculated CVE-2021-24746
MISC wordpress — file_upload_free_and_pro
  The WordPress File Upload Free and Pro WordPress plugins before 4.16.3 allow users with a role as low as Contributor to perform path traversal via a shortcode argument, which can then be used to upload a PHP code disguised as an image inside the auto-loaded directory of the plugin, resulting in arbitrary code execution. 2022-03-28 not yet calculated CVE-2021-24962
MISC
CONFIRM wpscan — osmapper_wordpress_plugin
  The OSMapper WordPress plugin through 2.1.5 contains an AJAX action to delete a plugin related post type named ‘map’ and is registered with the wp_ajax_nopriv prefix, making it available to unauthenticated users. There is no authorisation, CSRF and checks in place to ensure that the post to delete is a map one. As a result, unauthenticated user can delete arbitrary posts from the blog 2022-03-28 not yet calculated CVE-2021-24978
MISC wpscan — pz-linkcard_wordpress
  The Pz-LinkCard WordPress plugin through 2.4.4.4 does not sanitise and escape multiple parameters before outputting them back in admin dashboard pages, leading to Reflected Cross-Site Scripting issues 2022-03-28 not yet calculated CVE-2021-25012
MISC wpscan — wow_countdowns_wordpress_plugin
  The Wow Countdowns WordPress plugin through 3.1.2 does not sanitize user input into the ‘did’ parameter and uses it in a SQL statement, leading to an authenticated SQL Injection. 2022-03-28 not yet calculated CVE-2021-25064
MISC wpscan — sync_woocommerce_product_feed
  The Sync WooCommerce Product feed to Google Shopping WordPress plugin through 1.2.4 uses the ‘feed_id’ POST parameter which is not properly sanitized for use in a SQL statement, leading to a SQL injection vulnerability in the admin dashboard 2022-03-28 not yet calculated CVE-2021-25068
MISC wpscan — black_bad_bots_wordpress_plugin
  The Block Bad Bots WordPress plugin before 6.88 does not properly sanitise and escape the User Agent before using it in a SQL statement to record logs, leading to an SQL Injection issue 2022-03-28 not yet calculated CVE-2021-25070
MISC wpscan — wordpress_plugin
  The WordPress plugin through 2.0.1 does not sanitise and escape the translation parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting 2022-03-28 not yet calculated CVE-2021-25071
MISC impresscms — impresscms
  ImpressCMS before 1.4.3 has Incorrect Access Control because include/findusers.php allows access by unauthenticated attackers (who are, by design, able to have a security token). 2022-03-28 not yet calculated CVE-2021-26598
MISC
MISC
MISC
MISC microsoft — bandzip
  A remote code execution vulnerability due to incomplete check for ‘xheader_decode_path_record’ function’s parameter length value in the ark library. Remote attackers can induce exploit malicious code using this function. 2022-04-01 not yet calculated CVE-2021-26623
MISC linux — escan_anti-virus_for_ linux
  An local privilege escalation vulnerability due to a “runasroot” command in eScan Anti-Virus. This vulnerability is due to invalid arguments and insufficient execution conditions related to “runasroot” command. This vulnerability can induce remote attackers to exploit root privileges by manipulating parameter values. 2022-04-01 not yet calculated CVE-2021-26624
MISC kaspersky — multiple_products
  A denial-of-service issue existed in one of modules that was incorporated in Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security. A local user could cause Windows crash by running a specially crafted binary module. The fix was delivered automatically. Credits: (Straghkov Denis, Kurmangaleev Shamil, Fedotov Andrey, Kuts Daniil, Mishechkin Maxim, Akolzin Vitaliy) @ ISPRAS 2022-04-01 not yet calculated CVE-2021-27223
MISC phillips — vue_pacs
  Philips Vue PACS versions 12.2.x.x and prior does not ensure or incorrectly ensures structured messages or data are well formed and that certain security properties are met before being read from an upstream component or sent to a downstream component. 2022-04-01 not yet calculated CVE-2021-27493
CONFIRM
CONFIRM phillips — vue_pacs
  Philips Vue PACS versions 12.2.x.x and prior does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product. 2022-04-01 not yet calculated CVE-2021-27497
CONFIRM
CONFIRM phillips — vue_pacs
  Philips Vue PACS versions 12.2.x.x and prior does not follow certain coding rules for development, which can lead to resultant weaknesses or increase the severity of the associated vulnerabilities. 2022-04-01 not yet calculated CVE-2021-27501
CONFIRM
CONFIRM arista — eos_platforms
  On Arista Strata family products which have “TCAM profile” feature enabled when Port IPv4 access-list has a rule which matches on “vxlan” as protocol then that rule and subsequent rules ( rules declared after it in ACL ) do not match on IP protocol field as expected. 2022-04-01 not yet calculated CVE-2021-28504
MISC snapdragon — multple_products
  Possible assertion due to improper validation of invalid NR CSI-IM resource configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile 2022-04-01 not yet calculated CVE-2021-30328
CONFIRM snapdragon — multple_products
  Possible assertion due to improper validation of TCI configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile 2022-04-01 not yet calculated CVE-2021-30329
CONFIRM snapdragon — multple_products
  Possible buffer overflow due to improper data validation of external commands sent via DIAG interface in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables 2022-04-01 not yet calculated CVE-2021-30331
CONFIRM snapdragon — multple_products
  Possible assertion due to improper validation of OTA configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile 2022-04-01 not yet calculated CVE-2021-30332
CONFIRM snapdragon — multple_products
  Improper validation of buffer size input to the EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables 2022-04-01 not yet calculated CVE-2021-30333
CONFIRM sick — sick
  Unauthenticated users can access sensitive web URLs through GET request, which should be restricted to maintenance users only. A malicious attacker could use this sensitive information’s to launch further attacks on the system. 2022-04-01 not yet calculated CVE-2021-32503
MISC mdt_software — mdt_autosave
  An attacker could leverage an API to pass along a malicious file that could then manipulate the process creation command line in MDT AutoSave versions prior to v6.02.06 and run a command line argument. This could then be leveraged to run a malicious process. 2022-04-01 not yet calculated CVE-2021-32933
CONFIRM mdt_software — mdt_autosave
  An attacker can gain knowledge of a session temporary working folder where the getfile and putfile commands are used in MDT AutoSave versions prior to v6.02.06. An attacker can leverage this knowledge to provide a malicious command to the working directory where the read and write activity can be initiated. 2022-04-01 not yet calculated CVE-2021-32937
CONFIRM mdt_software — mdt_autosave An attacker could decipher the encryption and gain access to MDT AutoSave versions prior to v6.02.06. 2022-04-01 not yet calculated CVE-2021-32945
CONFIRM mdt_software — mdt_autosave An attacker could utilize a function in MDT AutoSave versions prior to v6.02.06 that permits changing a designated path to another path and traversing the directory, allowing the replacement of an existing file with a malicious file. 2022-04-01 not yet calculated CVE-2021-32949
CONFIRM mdt_software — mdt_autosave An attacker could utilize SQL commands to create a new user MDT AutoSave versions prior to v6.02.06 and update the user’s permissions, granting the attacker the ability to login. 2022-04-01 not yet calculated CVE-2021-32953
CONFIRM mdt_software — mdt_autosave
  A function in MDT AutoSave versions prior to v6.02.06 is used to retrieve system information for a specific process, and this information collection executes multiple commands and summarizes the information into an XML. This function and subsequent process gives full path to the executable and is therefore vulnerable to binary hijacking. 2022-04-01 not yet calculated CVE-2021-32957
CONFIRM rockwell_automation — factorytalk_services_platform
  Rockwell Automation FactoryTalk Services Platform v6.11 and earlier, if FactoryTalk Security is enabled and deployed contains a vulnerability that may allow a remote, authenticated attacker to bypass FactoryTalk Security policies based on the computer name. If successfully exploited, this may allow an attacker to have the same privileges as if they were logged on to the client machine. 2022-04-01 not yet calculated CVE-2021-32960
CONFIRM
CONFIRM mdt_software — mdt_autosave
  A getfile function in MDT AutoSave versions prior to v6.02.06 enables a user to supply an optional parameter, resulting in the processing of a request in a special manner. This can result in the execution of an unzip command and place a malicious .exe file in one of the locations the function looks for and get execution capabilities. 2022-04-01 not yet calculated CVE-2021-32961
CONFIRM moxa — nport
  Two buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O Series firmware version 2.2 or earlier may allow a remote attacker to cause a denial-of-service condition. 2022-04-01 not yet calculated CVE-2021-32968
CONFIRM
CONFIRM moxa — nport Data can be copied without validation in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier, which may allow a remote attacker to cause denial-of-service conditions. 2022-04-01 not yet calculated CVE-2021-32970
CONFIRM
CONFIRM moxa — nport Improper input validation in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier may allow a remote attacker to execute commands. 2022-04-01 not yet calculated CVE-2021-32974
CONFIRM
CONFIRM moxa — nport Five buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier may allow a remote attacker to initiate a denial-of-service attack and execute arbitrary code. 2022-04-01 not yet calculated CVE-2021-32976
CONFIRM
CONFIRM phillips — vue_pacs
  The use of a broken or risky cryptographic algorithm in Philips Vue PACS versions 12.2.x.x and prior is an unnecessary risk that may result in the exposure of sensitive information. 2022-04-01 not yet calculated CVE-2021-33018
CONFIRM
CONFIRM phillips — vue_pacs
  Philips Vue PACS versions 12.2.x.x and prior uses a cryptographic key or password past its expiration date, which diminishes its safety significantly by increasing the timing window for cracking attacks against that key. 2022-04-01 not yet calculated CVE-2021-33020
CONFIRM
CONFIRM phillips — vue_pacs
  Philips Vue PACS versions 12.2.x.x and prior transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. 2022-04-01 not yet calculated CVE-2021-33022
CONFIRM
CONFIRM phillips — vue_pacs
  Philips Vue PACS versions 12.2.x.x and prior transmits or stores authentication credentials, but it uses an insecure method susceptible to unauthorized interception and/or retrieval. 2022-04-01 not yet calculated CVE-2021-33024
CONFIRM
CONFIRM blackarrow — mashzone_nextgen The “Register an Ehcache Configuration File” admin feature in MashZone NextGen through 10.7 GA allows XXE attacks via a malicious XML configuration file. 2022-03-30 not yet calculated CVE-2021-33208
MISC
MISC blackarrow — mashzone_nextgen
  MashZone NextGen through 10.7 GA allows a remote authenticated user, with access to the admin console, to upload a new JDBC driver that can execute arbitrary commands on the underlying host. This occurs in com.idsscheer.ppmmashup.business.jdbc.DriverUploadController. 2022-03-30 not yet calculated CVE-2021-33523
MISC
MISC blackarrow — mashzone_nextgen MashZone NextGen through 10.7 GA has an SSRF vulnerability that allows an attacker to interact with arbitrary TCP services, by abusing the feature to check the availability of a PPM connection. This occurs in com.idsscheer.ppmmashup.web.webservice.impl.ZPrestoAdminWebService. 2022-03-30 not yet calculated CVE-2021-33581
MISC
MISC sdl — sdl
  There is a heap overflow problem in video/SDL_pixels.c in SDL (Simple DirectMedia Layer) 2.x to 2.0.18 versions. By crafting a malicious .BMP file, an attacker can cause the application using this library to crash, denial of service or Code execution. 2022-04-01 not yet calculated CVE-2021-33657
MISC splunk — splunk_enterprise
  The lack of validation of a key-value field in the Splunk-to-Splunk protocol results in a denial-of-service in Splunk Enterprise instances configured to index Universal Forwarder traffic. The vulnerability impacts Splunk Enterprise versions before 7.3.9, 8.0 versions before 8.0.9, and 8.1 versions before 8.1.3. It does not impact Universal Forwarders. When Splunk forwarding is secured using TLS or a Token, the attack requires compromising the certificate or token, or both. Implementation of either or both reduces the severity to Medium. 2022-03-25 not yet calculated CVE-2021-3422
MISC
MISC wordpress — wpanel
  Multiple Remote Code Execution (RCE) vulnerabilities exist in WPanel 4 4.3.1 and below via a malicious PHP file upload to (1) Dashboard’s Avatar image, (2) Posts Folder image, (3) Pages Folder image and (4) Gallery Folder image. 2022-03-31 not yet calculated CVE-2021-34257
MISC
MISC foreman — salt_plugin
  An improper authorization handling flaw was found in Foreman. The Salt plugin for the smart-proxy allows foreman clients to execute actions that should be limited to the Foreman Server. This flaw allows an authenticated local attacker to access and delete limited resources and also causes a denial of service on the Foreman server. The highest threat from this vulnerability is to integrity and system availability. 2022-03-30 not yet calculated CVE-2021-3456
MISC keycloak — keycloak
  A flaw was found in keycloak where keycloak may fail to logout user session if the logout request comes from external SAML identity provider and Principal Type is set to Attribute [Name]. 2022-04-01 not yet calculated CVE-2021-3461
MISC snapdragon — multple_products
  Possible out of bound read due to improper validation of IE length during SSID IE parse when channel is DFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking 2022-04-01 not yet calculated CVE-2021-35088
CONFIRM snapdragon — snapdragon_auto Possible buffer overflow due to lack of input IB amount validation while processing the user command in Snapdragon Auto 2022-04-01 not yet calculated CVE-2021-35089
CONFIRM snapdragon — multple_products Possible out of bound write due to improper validation of number of timer values received from firmware while syncing timers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking 2022-04-01 not yet calculated CVE-2021-35103
CONFIRM snapdragon — multple_products Possible out of bounds access due to improper input validation during graphics profiling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables 2022-04-01 not yet calculated CVE-2021-35105
CONFIRM snapdragon — multple_products Possible out of bound read due to improper length calculation of WMI message. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables 2022-04-01 not yet calculated CVE-2021-35106
CONFIRM snapdragon — multple_products Possible buffer overflow to improper validation of hash segment of file while allocating memory in Snapdragon Connectivity, Snapdragon Mobile 2022-04-01 not yet calculated CVE-2021-35110
CONFIRM snapdragon — multple_products Improper handling of multiple session supported by PVM backend can lead to use after free in Snapdragon Auto, Snapdragon Mobile 2022-04-01 not yet calculated CVE-2021-35115
CONFIRM snapdragon — multple_products
  An Out of Bounds read may potentially occur while processing an IBSS beacon, in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music 2022-04-01 not yet calculated CVE-2021-35117
CONFIRM dolibarr — erp_crm An SQL Injection vulnerability exists in Dolibarr ERP/CRM 13.0.2 (fixed version is 14.0.0) via a POST request to the country_id parameter in an UPDATE statement. 2022-03-31 not yet calculated CVE-2021-36625
MISC dolibarr — erp_crm An Access Control vulnerability exists in Dolibarr ERP/CRM 13.0.2, fixed version is 14.0.0,in the forgot-password function becuase the application allows email addresses as usernames, which can cause a Denial of Service. 2022-03-31 not yet calculated CVE-2021-37517
MISC mandiant — rsa_archer
  In RSA Archer 6.x through 6.9 SP3 (6.9.3.0), an authenticated attacker can make a GET request to a REST API endpoint that is vulnerable to an Insecure Direct Object Reference (IDOR) issue and retrieve sensitive data. 2022-03-30 not yet calculated CVE-2021-38362
MISC
MISC
MISC linux — linux_kernel
  An unauthorized access to the execution of the setuid file with capabilities flaw in the Linux kernel OverlayFS subsystem was found in the way user copying a capable file from a nosuid mount into another mount. A local user could use this flaw to escalate their privileges on the system. 2022-04-01 not yet calculated CVE-2021-3847
MISC
MISC android — arraymap
  In ArrayMap, there is a possible leak of the content of SMS messages due to log information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-184525194 2022-03-30 not yet calculated CVE-2021-39739
MISC android — messaging
  In Messaging, there is a possible way to bypass attachment restrictions due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-209965112 2022-03-30 not yet calculated CVE-2021-39740
MISC android — keymaster
  In Keymaster, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-173567719 2022-03-30 not yet calculated CVE-2021-39741
MISC android — voicemail
  In Voicemail, there is a possible way to retrieve a trackable identifier due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-186405602 2022-03-30 not yet calculated CVE-2021-39742
MISC android — packagemanager
  In PackageManager, there is a possible way to update the last usage time of another package due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-201534884 2022-03-30 not yet calculated CVE-2021-39743
MISC android — devicepolicymanager
  In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-192369136 2022-03-30 not yet calculated CVE-2021-39744
MISC android — devicepolicymanager
  In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-206127671 2022-03-30 not yet calculated CVE-2021-39745
MISC android — permissioncontroller
  In PermissionController, there is a possible way to delete some local files due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-194696395 2022-03-30 not yet calculated CVE-2021-39746
MISC android — settings_provider
  In Settings Provider, there is a possible way to list values of non-readable global settings due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-208268457 2022-03-30 not yet calculated CVE-2021-39747
MISC android — inputmethodeditor
  In InputMethodEditor, there is a possible way to access some files accessible to Settings due to an unsafe PendingIntent. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-203777141 2022-03-30 not yet calculated CVE-2021-39748
MISC android — windowsmanager
  In WindowManager, there is a possible way to start non-exported and protected activities due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-205996115 2022-03-30 not yet calculated CVE-2021-39749
MISC android — packagemanager
  In PackageManager, there is a possible way to change the splash screen theme of other apps due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-206474016 2022-03-30 not yet calculated CVE-2021-39750
MISC android — settings
  In Settings, there is a possible way to read Bluetooth device names without proper permissions due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-172838801 2022-03-30 not yet calculated CVE-2021-39751
MISC android — bubbles
  In Bubbles, there is a possible way to interfere with Bubbles due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-202756848 2022-03-30 not yet calculated CVE-2021-39752
MISC android — domainverificationservice
  In DomainVerificationService, there is a possible way to access app domain verification information due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-200035185 2022-03-30 not yet calculated CVE-2021-39753
MISC android — contextlmpl
  In ContextImpl, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:Android ID: A-207133709 2022-03-30 not yet calculated CVE-2021-39754
MISC android — devicepolicymanager
  In DevicePolicyManager, there is a possible way to reveal the existence of an installed package without proper query permissions due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-204995407 2022-03-30 not yet calculated CVE-2021-39755
MISC android — framework
  In Framework, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-184354287 2022-03-30 not yet calculated CVE-2021-39756
MISC android — permissionconroller
  In PermissionController, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-176094662 2022-03-30 not yet calculated CVE-2021-39757
MISC android — windowmanager
  In WindowManager, there is a possible way to start a foreground activity from the background due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-205130886 2022-03-30 not yet calculated CVE-2021-39758
MISC android — libstagefright
  In libstagefright, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-180200830 2022-03-30 not yet calculated CVE-2021-39759
MISC android — audioservice
  In AudioService, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-194110526 2022-03-30 not yet calculated CVE-2021-39760
MISC android — media
  In Media, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-179783181 2022-03-30 not yet calculated CVE-2021-39761
MISC android — tremolo
  In tremolo, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-210625816 2022-03-30 not yet calculated CVE-2021-39762
MISC android — settings
  In Settings, there is a possible way to make the user enable WiFi due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-199176115 2022-03-30 not yet calculated CVE-2021-39763
MISC android — settings
  In Settings, there is a possible way to display an incorrect app name due to improper input validation. This could lead to local escalation of privilege via app spoofing with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-170642995 2022-03-30 not yet calculated CVE-2021-39764
MISC android — gallery
  In Gallery, there is a possible permission bypass due to a confused deputy. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-201535427 2022-03-30 not yet calculated CVE-2021-39765
MISC android — settings
  In Settings, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-198296421 2022-03-30 not yet calculated CVE-2021-39766
MISC android — miniadb
  In miniadb, there is a possible way to get read/write access to recovery system properties due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-201308542 2022-03-30 not yet calculated CVE-2021-39767
MISC android — settings
  In Settings, there is a possible way to add an auto-connect WiFi network without the user’s consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-202017876 2022-03-30 not yet calculated CVE-2021-39768
MISC android — device_policy In Device Policy, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-193663287 2022-03-30 not yet calculated CVE-2021-39769
MISC android — framework
  In Framework, there is a possible disclosure of the device owner package due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-193033501 2022-03-30 not yet calculated CVE-2021-39770
MISC android — settings
  In Settings, there is a possible way to misrepresent which app wants to add a wifi network due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-198661951 2022-03-30 not yet calculated CVE-2021-39771
MISC android — bluetooth
  In Bluetooth, there is a possible way to access the a2dp audio control switch due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-181962322 2022-03-30 not yet calculated CVE-2021-39772
MISC android — vpnmanagerservice
  In VpnManagerService, there is a possible disclosure of installed VPN packages due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-191276656 2022-03-30 not yet calculated CVE-2021-39773
MISC android — bluetooth
  In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-205989472 2022-03-30 not yet calculated CVE-2021-39774
MISC android — people
  In People, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-206465854 2022-03-30 not yet calculated CVE-2021-39775
MISC android — nfc
  In NFC, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-192614125 2022-03-30 not yet calculated CVE-2021-39776
MISC android — telephony
  In Telephony, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-194743207 2022-03-30 not yet calculated CVE-2021-39777
MISC android — telecomm
  In Telecomm, there is a possible way to determine whether an app is installed, without query permissions, due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-196406138 2022-03-30 not yet calculated CVE-2021-39778
MISC android — getcallstateusingpackage_of_telecom_service
  In getCallStateUsingPackage of Telecom Service, there is a missing permission check. This could lead to local information disclosure of the call state with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-190400974 2022-03-30 not yet calculated CVE-2021-39779
MISC android — traceur
  In Traceur, there is a possible bypass of developer settings requirements for capturing system traces due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-204992293 2022-03-30 not yet calculated CVE-2021-39780
MISC android — smscontroller 
  In SmsController, there is a possible information disclosure due to a permissions bypass. This could lead to local escalation of privilege and sending sms with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-195311502 2022-03-30 not yet calculated CVE-2021-39781
MISC android — telephony
  In Telephony, there is a possible unauthorized modification of the PLMN SIM file due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-202760015 2022-03-30 not yet calculated CVE-2021-39782
MISC android — rcsservice
  In rcsservice, there is a possible way to modify TTY mode due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-197960597 2022-03-30 not yet calculated CVE-2021-39783
MISC android — cellbroadcastreceiver
  In CellBroadcastReceiver, there is a possible path to enable specific cellular features due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-200163477 2022-03-30 not yet calculated CVE-2021-39784
MISC android — nfc
  In NFC, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-192551247 2022-03-30 not yet calculated CVE-2021-39786
MISC android — systemui
  In SystemUI, there is a possible arbitrary Activity launch due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-202506934 2022-03-30 not yet calculated CVE-2021-39787
MISC android — telecommanager In TelecomManager, there is a possible way to check if a particular self managed phone account was registered on the device due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-191768014 2022-03-30 not yet calculated CVE-2021-39788
MISC android — telecom
  In Telecom, there is a possible leak of TTY mode change due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-203880906 2022-03-30 not yet calculated CVE-2021-39789
MISC android — dialer
  In Dialer, there is a possible way to manipulate visual voicemail settings due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-186405146 2022-03-30 not yet calculated CVE-2021-39790
MISC android — wallpapermanagerservice
  In WallpaperManagerService, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-194112606 2022-03-30 not yet calculated CVE-2021-39791
MISC gitlab — gitlab
  In all versions of GitLab CE/EE since version 11.3, the endpoint for auto-completing Assignee discloses the members of private groups. 2022-03-28 not yet calculated CVE-2021-39876
MISC
CONFIRM
MISC gitlab — gitlab
  In all versions of GitLab CE/EE, certain Unicode characters can be abused to commit malicious code into projects without being noticed in merge request or source code viewer UI. 2022-04-01 not yet calculated CVE-2021-39908
MISC
CONFIRM
MISC oasys — oa_system
  An SQL Injection vulnerability exists in oasys oa_system as of 9/7/2021 in resources/mappers/notice-mapper.xml. 2022-03-30 not yet calculated CVE-2021-40644
MISC
MISC glorylion — jfinaloa
  An SQL Injection vulnerability exists in glorylion JFinalOA as of 9/7/2021 in the defkey parameter getHaveDoneTaskDataList method of the FlowTaskController. 2022-03-30 not yet calculated CVE-2021-40645
MISC
MISC rsa — archer
  In RSA Archer 6.9.SP1 P3, if some application functions are precluded by the Administrator, this can be bypassed by intercepting the API request at the /api/V2/internal/TaskPermissions/CheckTaskAccess endpoint. If the parameters of this request are replaced with empty fields, the attacker achieves access to the precluded functions. 2022-03-30 not yet calculated CVE-2021-41594
MISC
MISC gitlab — gitlab_ce_ee
  An issue has been discovered in GitLab CE/EE affecting versions 13.0 to 14.6.5, 14.7 to 14.7.4, and 14.8 to 14.8.2. Private GitLab instances with restricted sign-ups may be vulnerable to user enumeration to unauthenticated users through the GraphQL API. 2022-03-28 not yet calculated CVE-2021-4191
MISC
MISC
CONFIRM pixelimity — pixelimity
  A Cross Site Scripting vulnerabilty exists in Pixelimity 1.0 via the Site Description field in pixelimity/admin/setting.php 2022-03-31 not yet calculated CVE-2021-42866
MISC danpros — htmly
  A Cross Site Scripting (XSS) vulnerability exists in DanPros htmly 2.8.1 via the Description field in (1) admin/config, and (2) index.php pages. 2022-03-31 not yet calculated CVE-2021-42867
MISC
MISC chikista — patient_management_software
  A Cross Site Scripting (XSS) vulnerability exists in Chikista Patient Management Software 2.0.2 in the first_name parameter in (1) patient/insert, (2) patient_report, (3) appointment_report, (4) visit_report, and (5) bill_detail_report pages. . 2022-03-31 not yet calculated CVE-2021-42868
MISC
MISC chikista — patient_management_software
  A Cross Site Scripting (XSS) vulnerability exists in Chikista Patient Management Software 2.0.2 via the last_name parameter in the (1) patient/insert, (2) patient_report, (3) /appointment_report, (4) visit_report, and (5) /bill_detail_report pages. 2022-03-31 not yet calculated CVE-2021-42869
MISC
MISC draytek — vigor
  A Format String vulnerability exists in DrayTek Vigor 2960 <= 1.5.1.3, DrayTek Vigor 3900 <= 1.5.1.3, and DrayTek Vigor 300B <= 1.5.1.3 in the mainfunction.cgi file via a crafted HTTP message containing malformed QUERY STRING, which could let a remote malicious user execute arbitrary code. 2022-03-29 not yet calculated CVE-2021-42911
MISC htmly — htmly
  A Cross Site Scripting (XSS) vulnerability exists in htmly.2.8.1 via the Copyright field in the /admin/config page. 2022-03-31 not yet calculated CVE-2021-42946
MISC cbkhwx — cxuucms Cross Site Scripting (XSS) vulnerability exists in cxuucms v3 via the imgurl of /feedback/post/ content parameter. 2022-03-29 not yet calculated CVE-2021-42970
MISC diyhi — bbs
  An Archive Extraction (AKA “Zip Slip) vulnerability exists in bbs 5.3 in the UpgradeNow function in UpgradeManageAction.java, which unzips the arbitrary upladed zip file without checking filenames. The vulnerability is exploited using a specially crafted archive that holds directory traversal filenames (e.g. ../../evil.exe). 2022-03-28 not yet calculated CVE-2021-43099
MISC diyhi — bbs A File Upload vulnerability exists in bbs 5.3 is via TopicManageAction.java in a GetType function, which lets a remote malicious user execute arbitrary code. 2022-03-28 not yet calculated CVE-2021-43100
MISC technitium — dns_server
  A vulnerability in the bailiwick checking function in Technitium DNS Server <= v7.0 exists that allows specific malicious users to inject `NS` records of any domain (even TLDs) into the cache and conduct a DNS cache poisoning attack. 2022-03-28 not yet calculated CVE-2021-43105
MISC online_shopping_system — online_shopping_system An SQL Injection vulnerability exits in PuneethReddyHC online-shopping-system as of 11/01/2021 via the p parameter in product.php. 2022-03-29 not yet calculated CVE-2021-43109
MISC online_shopping_system — online_shopping_system An Access Conrol vulnerability exists in PuneethReddyHC online-shopping-system as of 11/01/2021 in add_products. 2022-03-29 not yet calculated CVE-2021-43110
MISC draytek — vigor
  A Remote Command Injection vulnerability exists in DrayTek Vigor 2960 1.5.1.3, DrayTek Vigor 3900 1.5.1.3, and DrayTek Vigor 300B 1.5.1.3 via a crafted HTTP message containing malformed QUERY STRING in mainfunction.cgi, which could let a remote malicious user execute arbitrary code. 2022-03-29 not yet calculated CVE-2021-43118
MISC joxsaxbeaninput — joxsaxbeaninput
  An XML External Entity (XXE) vulnerability exists in wuta jox 1.16 in the readObject method in JOXSAXBeanInput. 2022-03-30 not yet calculated CVE-2021-43142
MISC hoosk — hoosk
  A vulnerability exists in Hoosk 1.8.0 in /install/index.php, due to a failure to check if config.php already exists in the root directory, which could let a malicious user reinstall the website. 2022-03-31 not yet calculated CVE-2021-43478
MISC secretary — secretary
  A Remote Code Execution (RCE) vulnerability exists in The-Secretary 2.5 via install.php. 2022-03-31 not yet calculated CVE-2021-43479
MISC simple_client_management_system — simple_client_management_system 
  A Remote Code Execution (RCE) vulnerability exists in Simple Client Management System 1.0 in create.php due to the failure to validate the extension of the file being sent in a request. 2022-03-31 not yet calculated CVE-2021-43484
MISC ssocourcecodester — simple_client_management_system
  Multiple Cross Site Scripting (XSS) vulnerabilities exist in Ssourcecodester Simple Client Management System v1 via (1) Add new Client and (2) Add new invoice. 2022-03-31 not yet calculated CVE-2021-43505
MISC ssocourcecodester — simple_client_management_system
  An SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the password parameter in Login.php. 2022-03-31 not yet calculated CVE-2021-43506
MISC totolink — ex300
  totolink EX300_v2 V4.0.3c.140_B20210429 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /home.asp. 2022-03-31 not yet calculated CVE-2021-43661
MISC totolink — ex300 totolink EX300_v2, ver V4.0.3c.140_B20210429 and A720R ,ver V4.1.5cu.470_B20200911 have an issue which causes uncontrolled resource consumption. 2022-03-31 not yet calculated CVE-2021-43662
MISC totolink — ex300 totolink EX300_v2 V4.0.3c.140_B20210429 was discovered to contain a command injection vulnerability via the component cloudupdate_check. 2022-03-31 not yet calculated CVE-2021-43663
MISC totolink — ex300
  totolink EX300_v2 V4.0.3c.140_B20210429 was discovered to contain a command injection vulnerability via the component process&nbsp;forceugpo. 2022-03-30 not yet calculated CVE-2021-43664
MISC cszcms — cszcms CSZ CMS 1.2.9 has a Time and Boolean-based Blind SQL Injection vulnerability in the endpoint /admin/export/getcsv/article_db, via the fieldS[] and orderby parameters. 2022-03-29 not yet calculated CVE-2021-43701
MISC
MISC
MISC maccmspro — maccms
  Cross Site Scripting (XSS) vulnerability exists in Maccms v10 via link_Name parameter. 2022-03-31 not yet calculated CVE-2021-43707
MISC dlink — dir_645
  D-Link DIR-645 1.03 A1 is vulnerable to Buffer Overflow. The hnap_main function in the cgibin handler uses sprintf to format the soapaction header onto the stack and has no limit on the size. 2022-03-31 not yet calculated CVE-2021-43722
MISC
MISC open5gs — open5gs
  A buffer overflow vulnerability exists in the AMF of open5gs 2.1.4. When the length of MSIN in Supi exceeds 24 characters, it leads to AMF denial of service. 2022-03-29 not yet calculated CVE-2021-44081
MISC pentest — pentest
  textpattern 4.8.7 is vulnerable to Cross Site Scripting (XSS) via /textpattern/index.php,Body. A remote and unauthenticated attacker can use XSS to trigger remote code execution by uploading a webshell. To do so they must first steal the CSRF token before submitting a file upload request. 2022-03-29 not yet calculated CVE-2021-44082
MISC
MISC
MISC konga — konga
  Vertical Privilege Escalation in KONGA 0.14.9 allows attackers to higher privilege users to full administration access. The attack vector is a crafted condition, as demonstrated by the /api/user/{ID} at ADMIN parameter. 2022-03-28 not yet calculated CVE-2021-44103
MISC
MISC hiby — hiby
  Hiby Music Hiby OS R3 Pro 1.5 and 1.6 is vulnerable to Directory Traversal. The HTTP Server does not have enough input data sanitization when shown data from SD Card, an attacker can navigate through the device’s File System over HTTP. 2022-03-28 not yet calculated CVE-2021-44124
MISC
MISC pagekit — pagekit
  pagekit all versions, as of 15-10-2021, is vulnerable to SQL Injection via Comment listing. 2022-04-01 not yet calculated CVE-2021-44135
MISC firmware_analysis_and_comparison_tool — firmware_analysis_and_comparison_tool
  An issue was discovered in Firmware Analysis and Comparison Tool v3.2. With administrator privileges, the attacker could perform stored XSS attacks by inserting JavaScript and HTML code in user creation functionality. 2022-03-30 not yet calculated CVE-2021-44310
MISC firmware_analysis_and_comparison_tool — firmware_analysis_and_comparison_tool
  An issue was discovered in Firmware Analysis and Comparison Tool v3.2. Logged in administrators could be targeted by a CSRF attack through visiting a crafted web page. 2022-03-30 not yet calculated CVE-2021-44312
MISC kreado — kreasfero
  An SQL Injection vulnerabilty exists in Kreado Kreasfero 1.5 via the id parameter. 2022-03-29 not yet calculated CVE-2021-44581
MISC
MISC mepsan — usc
  A vulnerability in MEPSAN’s USC+ before version 3.0 has a weakness in login function which lets attackers to generate high privileged accounts passwords. 2022-03-30 not yet calculated CVE-2021-45031
CONFIRM 3cx — 3cx_client_for_windows The client applications in 3CX on Windows, the 3CX app for iOS, and the 3CX application for Android through 2022-03-17 lack SSL certificate validation. 2022-03-28 not yet calculated CVE-2021-45490
MISC
MISC sourcecodester — student_attendance_manageent_system A File Upload vulnerability exists in Sourcecodester Student Attendance Manageent System 1.0 via the file upload functionality. 2022-03-29 not yet calculated CVE-2021-45865
MISC vivoh — webinar_manager
  Vivoh Webinar Manager before 3.6.3.0 has improper API authentication. When a user logs in to the administration configuration web portlet, a VIVOH_AUTH cookie is assigned so that they can be uniquely identified. Certain APIs can be successfully executed without proper authentication. This can let an attacker impersonate as victim and make state changing requests on their behalf. 2022-03-30 not yet calculated CVE-2021-45900
MISC
MISC totolink — a3100r
  In Totolink A3100R V5.9c.4577, “test.asp” contains an API-like function, which is not authenticated. Using this function, an attacker can configure multiple settings without authentication. 2022-03-30 not yet calculated CVE-2021-46006
MISC
MISC
MISC totolink — a3100r totolink a3100r V5.9c.4577 is vulnerable to os command injection. The backend of a page is executing the “ping” command, and the input field does not adequately filter special symbols. This can lead to command injection attacks. 2022-03-30 not yet calculated CVE-2021-46007
MISC
MISC
MISC totolink — a3100r
  In totolink a3100r V5.9c.4577, the hard-coded telnet password can be discovered from official released firmware. An attacker, who has connected to the Wi-Fi, can easily telnet into the target with root shell if the telnet is function turned on. 2022-03-30 not yet calculated CVE-2021-46008
MISC
MISC
MISC totolink — a3100r
  In Totolink A3100R V5.9c.4577, multiple pages can be read by curl or Burp Suite without authentication. Additionally, admin configurations can be set without cookies. 2022-03-30 not yet calculated CVE-2021-46009
MISC
MISC
MISC totolink — a3100r
  Totolink A3100R V5.9c.4577 suffers from Use of Insufficiently Random Values via the web configuration. The SESSION_ID is predictable. An attacker can hijack a valid session and conduct further malicious operations. 2022-03-30 not yet calculated CVE-2021-46010
MISC
MISC
MISC fenom_template — fenom
  In fenom 2.12.1 and before, there is a way in fenom/src/Fenom/Template.php function getTemplateCode()to bypass sandbox to execute arbitrary PHP code when disable_native_funcs is true. 2022-03-28 not yet calculated CVE-2021-46433
MISC emqx — dashboard
  ** UNSUPPORTED WHEN ASSIGNED ** EMQ X Dashboard V3.0.0 is affected by username enumeration in the “/api /v3/auth” interface. When a user login, the application returns different results depending on whether the account is correct, that allowed an attacker to determine if a given username was valid. 2022-03-28 not yet calculated CVE-2021-46434
MISC firebase — php
  In Firebase PHP-JWT before 6.0.0, an algorithm-confusion issue (e.g., RS256 / HS256) exists via the kid (aka Key ID) header, when multiple types of keys are loaded in a key ring. This allows an attacker to forge tokens that validate under the incorrect key. NOTE: this provides a straightforward way to use the PHP-JWT library unsafely, but might not be considered a vulnerability in the library itself. 2022-03-29 not yet calculated CVE-2021-46743
MISC gitlab — gitlab
  An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, and between 14.6.0 and 14.6.1. GitLab does not validate SSL certificates for some of external CI services which makes it possible to perform MitM attacks on connections to these external services. 2022-03-28 not yet calculated CVE-2022-0123
CONFIRM
MISC gitlab — gitlab
  A vulnerability was discovered in GitLab versions 10.5 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14.7.1. GitLab was vulnerable to a blind SSRF attack through the Project Import feature. 2022-03-28 not yet calculated CVE-2022-0136
MISC
CONFIRM
MISC gitlab — gitlab
  A vulnerability was discovered in GitLab starting with version 12. GitLab was vulnerable to a blind SSRF attack since requests to shared address space were not blocked. 2022-03-28 not yet calculated CVE-2022-0249
MISC
MISC
CONFIRM gitlab — gitlab
  An issue has been discovered affecting GitLab versions prior to 13.5. An open redirect vulnerability was fixed in GitLab integration with Jira that a could cause the web application to redirect the request to the attacker specified URL. 2022-03-28 not yet calculated CVE-2022-0283
MISC
CONFIRM sophos — sophos_firewall
  An information disclosure vulnerability in Webadmin allows an unauthenticated remote attacker to read the device serial number in Sophos Firewall version v18.5 MR2 and older. 2022-03-29 not yet calculated CVE-2022-0331
CONFIRM zyxel — cgi_program
  An authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.20 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.32 through 5.20, VPN series firmware versions 4.30 through 5.20, and NSG series firmware versions V1.20 through V1.33 Patch 4, which could allow an attacker to bypass the web authentication and obtain administrative access of the device. 2022-03-28 not yet calculated CVE-2022-0342
CONFIRM android — android
  A local attacker, as a different local user, may be able to send a HTTP request to 127.0.0.1:10000 after the user (typically a developer) manually invoked the ./tools/run-dev-server script. It is recommended to upgrade to any version beyond 24.2 2022-03-29 not yet calculated CVE-2022-0343
MISC gitlab– gitlab
  An issue has been discovered in GitLab affecting all versions starting from 10.0 before 14.5.4, all versions starting from 10.1 before 14.6.4, all versions starting from 10.2 before 14.7.1. Private project paths can be disclosed to unauthorized users via system notes when an Issue is closed via a Merge Request and later moved to a public project 2022-03-28 not yet calculated CVE-2022-0344
MISC
CONFIRM
MISC github — github_repository
  Cross-site Scripting (XSS) – Stored in GitHub repository vanessa219/vditor prior to 3.8.13. 2022-03-31 not yet calculated CVE-2022-0350
MISC
CONFIRM gitlab — gitlab
  An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 before 14.5.4, all versions starting from 14.6 before 14.6.4, all versions starting from 14.7 before 14.7.1. GitLab search may allow authenticated users to search other users by their respective private emails even if a user set their email to private. 2022-03-28 not yet calculated CVE-2022-0371
MISC
CONFIRM gitlab — gitlab Improper access control in GitLab CE/EE versions 12.4 to 14.5.4, 14.5 to 14.6.4, and 12.6 to 14.7.1 allows project non-members to retrieve the service desk email address 2022-04-01 not yet calculated CVE-2022-0373
MISC
MISC
CONFIRM wpscan — interactive_medical_drawing_of_human_body
  The Interactive Medical Drawing of Human Body WordPress plugin through 1.0 does not sanitise and escape the Link field, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. 2022-03-28 not yet calculated CVE-2022-0388
MISC gitlab — gitlab
  Improper access control in Gitlab CE/EE versions 12.7 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14.7.1 allowed for project non-members to retrieve issue details when it was linked to an item from the vulnerability dashboard. 2022-04-01 not yet calculated CVE-2022-0390
CONFIRM
MISC
MISC wpscan — wpc_smart_wishlist_for_woocommerce_
wordpress_plugin The WPC Smart Wishlist for WooCommerce WordPress plugin before 2.9.4 does not sanitise and escape the key parameter before outputting it back in the wishlist_quickview AJAX action’s response (available to any authenticated user), leading to a Reflected Cross-Site Scripting 2022-03-28 not yet calculated CVE-2022-0397
MISC irker — irc_gateway_integration
  A DNS rebinding vulnerability in the Irker IRC Gateway integration in all versions of GitLab CE/EE since version 7.9 allows an attacker to trigger Server Side Request Forgery (SSRF) attacks. 2022-04-01 not yet calculated CVE-2022-0425
MISC
CONFIRM gitlab — jupyter_notebooks
  Missing sanitization of HTML attributes in Jupyter notebooks in all versions of GitLab CE/EE since version 14.5 allows an attacker to perform arbitrary HTTP POST requests on a user’s behalf leading to potential account takeover 2022-03-28 not yet calculated CVE-2022-0427
MISC
CONFIRM
MISC wpscan — menu_image
  The Menu Image, Icons made easy WordPress plugin before 3.0.8 does not have authorisation and CSRF checks when saving menu settings, and does not validate, sanitise and escape them. As a result, any authenticate users, such as subscriber can update the settings or arbitrary menu and put Cross-Site Scripting payloads in them which will be triggered in the related menu in the frontend 2022-03-28 not yet calculated CVE-2022-0450
MISC wpscan — popup_builder_wordpress_plugin
  The Popup Builder WordPress plugin before 4.1.1 does not sanitise and escape the sgpb-subscription-popup-id parameter before using it in a SQL statement in the All Subscribers admin dashboard, leading to a SQL injection, which could also be used to perform Reflected Cross-Site Scripting attack against a logged in admin opening a malicious link 2022-03-28 not yet calculated CVE-2022-0479
CONFIRM
MISC gitlab — gitlab
  An issue has been discovered in GitLab CE/EE affecting all versions starting with version 8.10. It was possible to trigger a timeout on a page with markdown by using a specific amount of block-quotes. 2022-03-28 not yet calculated CVE-2022-0488
CONFIRM
MISC gitlab — gitlab
  An issue has been discovered in GitLab CE/EE affecting all versions starting with 8.15 . It was possible to trigger a DOS by using the math feature with a specific formula in issue comments. 2022-04-01 not yet calculated CVE-2022-0489
MISC
MISC
CONFIRM wpscan — string_locator_wordpress_plugin The String locator WordPress plugin before 2.5.0 does not properly validate the path of the files to be searched, allowing high privilege users such as admin to query arbitrary files on the web server via a path traversal vector. Furthermore, due to a flaw in the search, allowing a pattern to be provided, which will be used to output the relevant matches from the matching file, all content of the file can be disclosed. 2022-03-28 not yet calculated CVE-2022-0493
MISC
CONFIRM wpscan — sermon_browser_wordpress_plugin
  The Sermon Browser WordPress plugin through 0.45.22 does not have CSRF checks in place when uploading Sermon files, and does not validate them in any way, allowing attackers to make a logged in admin upload arbitrary files such as PHP ones. 2022-03-28 not yet calculated CVE-2022-0499
MISC gitlab — gitlab
  An issue has been discovered in GitLab CE/EE affecting all versions before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Under certain conditions, GitLab REST API may allow unprivileged users to add other users to groups even if that is not possible to do through the Web UI. 2022-03-28 not yet calculated CVE-2022-0549
MISC
CONFIRM wpscan — narnoo_distributor_wordpress_plugin
  The Narnoo Distributor WordPress plugin through 2.5.1 fails to validate and sanitize the lib_path parameter before it is passed into a call to require() via the narnoo_distributor_lib_request AJAX action (available to both unauthenticated and authenticated users) which results in the disclosure of arbitrary files as the content of the file is then displayed in the response as JSON data. This could also lead to RCE with various tricks but depends on the underlying system and it’s configuration. 2022-03-28 not yet calculated CVE-2022-0679
MISC wpscan — plezi_wordpress_plugin
  The Plezi WordPress plugin before 1.0.3 has a REST endpoint allowing unauthenticated users to update the plz_configuration_tracker_enable option, which is then displayed in the admin panel without sanitisation and escaping, leading to a Stored Cross-Site Scripting issue 2022-03-28 not yet calculated CVE-2022-0680
MISC wpscan — amelia_wordpress_plugin
  The Amelia WordPress plugin before 1.0.47 does not have proper authorisation when managing appointments, allowing any customer to update other’s booking, as well as retrieve sensitive information about the bookings, such as the full name and phone number of the person who booked it. 2022-03-28 not yet calculated CVE-2022-0720
MISC gitlab — gitlab
  An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.10 before 14.6.5, all versions starting from 14.7 before 14.7.4, all versions starting from 14.8 before 14.8.2. An unauthorised user was able to steal runner registration tokens through an information disclosure vulnerability using quick actions commands. 2022-03-28 not yet calculated CVE-2022-0735
CONFIRM
MISC gitlab — gitlab
  An issue has been discovered in GitLab affecting all versions starting from 14.6 before 14.6.5, all versions starting from 14.7 before 14.7.4, all versions starting from 14.8 before 14.8.2. GitLab was leaking user passwords when adding mirrors with SSH credentials under specific conditions. 2022-03-28 not yet calculated CVE-2022-0738
MISC
CONFIRM gitlab — gitlab
  Improper input validation in all versions of GitLab CE/EE using sendmail to send emails allowed an attacker to steal environment variables via specially crafted email addresses. 2022-04-01 not yet calculated CVE-2022-0741
MISC
MISC
CONFIRM gitlab — gitlab
  Inaccurate display of Snippet files containing special characters in all versions of GitLab CE/EE allows an attacker to create Snippets with misleading content which could trick unsuspecting users into executing arbitrary commands 2022-03-28 not yet calculated CVE-2022-0751
MISC
CONFIRM
MISC wpscan — translate_wordpress_with_gtranslate_wordpress_plugin
  The Translate WordPress with GTranslate WordPress plugin before 2.9.9 does not have CSRF check in some files, and write debug data such as user’s cookies in a publicly accessible file if a specific parameter is used when requesting them. Combining those two issues, an attacker could gain access to a logged in admin cookies by making them open a malicious link or page 2022-03-28 not yet calculated CVE-2022-0770
MISC wpscan — title_experiements_free_wordpress_plugin
  The Title Experiments Free WordPress plugin before 9.0.1 does not sanitise and escape the id parameter before using it in a SQL statement via the wpex_titles AJAX action (available to unauthenticated users), leading to an unauthenticated SQL injection 2022-03-28 not yet calculated CVE-2022-0784
MISC wpscan — limit_login_attempts_wordpress_plugin
  The Limit Login Attempts (Spam Protection) WordPress plugin before 5.1 does not sanitise and escape some parameters before using them in SQL statements via AJAX actions (available to unauthenticated users), leading to SQL Injections 2022-03-28 not yet calculated CVE-2022-0787
MISC wpscan — woocommerce_affiliate_plugin_wordpress_plugin
  The WooCommerce Affiliate Plugin WordPress plugin before 4.16.4.5 does not have authorization and CSRF checks on a specific action handler, as well as does not sanitize its settings, which enables an unauthenticated attacker to inject malicious XSS payloads into the settings page of the plugin. 2022-03-28 not yet calculated CVE-2022-0818
MISC wpscan — church_admin_wordpress_plugin
  The Church Admin WordPress plugin before 3.4.135 does not have authorisation and CSRF in some of its action as well as requested files, allowing unauthenticated attackers to repeatedly request the “refresh-backup” action, and simultaneously keep requesting a publicly accessible temporary file generated by the plugin in order to disclose the final backup filename, which can then be fetched by the attacker to download the backup of the plugin’s DB data 2022-03-28 not yet calculated CVE-2022-0833
MISC wpscan — speakout!_email_petitions_wordpress_plugin
  The SpeakOut! Email Petitions WordPress plugin before 2.14.15.1 does not sanitise and escape the id parameter before using it in a SQL statement via the dk_speakout_sendmail AJAX action, leading to an SQL Injection exploitable by unauthenticated users 2022-03-28 not yet calculated CVE-2022-0846
MISC phillips — e_alert
  The software does not perform any authentication for critical system functionality. 2022-04-01 not yet calculated CVE-2022-0922
MISC deltaww — diaenergie
  Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability that exists in HandlerDialog_KID.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands. 2022-03-29 not yet calculated CVE-2022-0923
CONFIRM linux — linux_kernel 
  An integer overflow flaw was found in the Linux kernel’s virtio device driver code in the way a user triggers the vhost_vdpa_config_validate function. This flaw allows a local user to crash or potentially escalate their privileges on the system. 2022-03-30 not yet calculated CVE-2022-0998
MISC
MLIST rockwell_automation — isagraf
  When opening a malicious solution file provided by an attacker, the application suffers from an XML external entity vulnerability due to an unsafe call within a dynamic link library file. An attacker could exploit this to pass data from local files to a remote web server, leading to a loss of confidentiality. 2022-04-01 not yet calculated CVE-2022-1018
MISC crater_invoice — crater
  Insecure deserialization of not validated module file in GitHub repository crater-invoice/crater prior to 6.0.6. 2022-03-29 not yet calculated CVE-2022-1032
MISC
CONFIRM archive — archive
  Guest driver might execute HW commands when shared buffers are not yet allocated, potentially leading to a use-after-free condition. 2022-03-29 not yet calculated CVE-2022-1050
MISC linux — linux_kernel
  A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5 2022-03-29 not yet calculated CVE-2022-1055
CONFIRM
CONFIRM
CONFIRM libtiff — libtiff
  Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 46dc8fcd. 2022-03-28 not yet calculated CVE-2022-1056
MISC
CONFIRM
MISC modbus_tools — modbus_slave
  Modbus Tools Modbus Slave (versions 7.4.2 and prior) is vulnerable to a stack-based buffer overflow in the registration field. This may cause the program to crash when a long character string is used. 2022-04-01 not yet calculated CVE-2022-1068
CONFIRM automatic_question_paper_generator — automatic_question_paper_generator
  A vulnerability was found in Automatic Question Paper Generator 1.0. It has been declared as critical. An attack leads to privilege escalation. The attack can be launched remotely. 2022-03-29 not yet calculated CVE-2022-1073
MISC tem — flex
  A vulnerability has been found in TEM FLEX-1085 1.6.0 and classified as problematic. Using the input <h1>HTML Injection</h1> in the WiFi settings of the dashboard leads to html injection. 2022-03-29 not yet calculated CVE-2022-1074
MISC college_website_management_system — college_website_management_system
  A vulnerability was found in College Website Management System 1.0 and classified as problematic. Affected by this issue is the file /cwms/classes/Master.php?f=save_contact of the component Contact Handler. The manipulation leads to persistent cross site scripting. The attack may be launched remotely and requires authentication. 2022-03-29 not yet calculated CVE-2022-1075
MISC
MISC automatic_question_paper_generator — automatic_question_paper_generator
  A vulnerability was found in Automatic Question Paper Generator System 1.0. It has been classified as problematic. This affects the file /aqpg/users/login.php of the component My Account Page. The manipulation of the argument First Name/Middle Name/Last Name leads to cross site scripting. It is possible to initiate the attack remotely. 2022-03-29 not yet calculated CVE-2022-1076
MISC tem — flex
  A vulnerability was found in TEM FLEX-1080 and FLEX-1085 1.6.0. It has been declared as problematic. This vulnerability log.cgi of the component Log Handler. A direct request leads to information disclosure of hardware information. The attack can be initiated remotely and does not require any form of authentication. 2022-03-29 not yet calculated CVE-2022-1077
MISC sourcecodester — college_website_management_system
  A vulnerability was found in SourceCodester College Website Management System 1.0. It has been classified as critical. Affected is the file /cwms/admin/?page=articles/view_article/. The manipulation of the argument id with the input ‘ and (select * from(select(sleep(10)))Avx) and ‘abc’ = ‘abc with an unknown input leads to sql injection. It is possible to launch the attack remotely and without authentication. 2022-03-29 not yet calculated CVE-2022-1078
MISC sourcecodester — one_church_management_system
  A vulnerability classified as problematic has been found in SourceCodester One Church Management System. Affected are multiple files and parameters which are prone to to cross site scripting. It is possible to launch the attack remotely. 2022-03-29 not yet calculated CVE-2022-1079
MISC sourcecodester — one_church_management_system A vulnerability was found in SourceCodester One Church Management System 1.0. It has been declared as critical. This vulnerability affects code of the file attendancy.php as the manipulation of the argument search2 leads to sql injection. The attack can be initiated remotely. 2022-03-29 not yet calculated CVE-2022-1080
MISC sourcecodester — microfinance_management_system A vulnerability was found in SourceCodester Microfinance Management System 1.0. It has been declared as problematic. This vulnerability affects the file /mims/app/addcustomerHandler.php. The manipulation of the argument first_name, middle_name, and surname leads to cross site scripting. The attack can be initiated remotely. 2022-03-29 not yet calculated CVE-2022-1081
MISC sourcecodester — microfinance_management_system
  A vulnerability was found in SourceCodester Microfinance Management System 1.0. It has been rated as critical. This issue affects the file /mims/login.php of the Login Page. The manipulation of the argument username/password with the input ‘||1=1# leads to sql injection. The attack may be initiated remotely. 2022-03-29 not yet calculated CVE-2022-1082
MISC sourcecodester — microfinance_management_system
  A vulnerability classified as critical has been found in Microfinance Management System. The manipulation of arguments like customer_type_number/account_number/account_status_number/account_type_number with the input ‘ and (select * from(select(sleep(10)))Avx) and ‘abc’ = ‘abc leads to sql injection in multiple files. It is possible to launch the attack remotely. 2022-03-29 not yet calculated CVE-2022-1083
MISC sourcecodester — one_church_management_system
  A vulnerability classified as critical was found in SourceCodester One Church Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /one_church/userregister.php. The manipulation leads to authentication bypass. The attack can be launched remotely. 2022-03-29 not yet calculated CVE-2022-1084
MISC cltphp — cltphp
  A vulnerability was found in CLTPHP up to 6.0. It has been declared as problematic. Affected by this vulnerability is the POST Parameter Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. 2022-03-29 not yet calculated CVE-2022-1085
MISC dolphinphp — dolphinphp
  A vulnerability was found in DolphinPHP up to 1.5.0 and classified as problematic. Affected by this issue is the User Management Page. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. 2022-03-29 not yet calculated CVE-2022-1086
MISC
MISC htmly — htmly
  A vulnerability, which was classified as problematic, has been found in htmly 5.3 whis affects the component Edit Profile Module. The manipulation of the field Title with script tags leads to persistent cross site scripting. The attack may be initiated remotely and requires an authentication. A simple POC has been disclosed to the public and may be used. 2022-03-29 not yet calculated CVE-2022-1087
MISC
MISC
MISC deltaww — diaenergie
  Delta Electronics DIAEnergie (all versions prior to 1.8.02.004) are vulnerable to a DLL hijacking condition. When combined with the Incorrect Default Permissions vulnerability of 4.2.2 above, this makes it possible for an attacker to escalate privileges 2022-04-01 not yet calculated CVE-2022-1098
CONFIRM openjpeg2 — fedora
  A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service. 2022-03-29 not yet calculated CVE-2022-1122
MISC
FEDORA vim — vim
  Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. 2022-03-30 not yet calculated CVE-2022-1154
CONFIRM
MISC snipe — snipe
  Old sessions are not blocked by the login enable function. in GitHub repository snipe/snipe-it prior to 5.3.10. 2022-03-30 not yet calculated CVE-2022-1155
MISC
CONFIRM rockwell — automation_studio_5000_logix_designer
  Rockwell Automation Studio 5000 Logix Designer (all versions) are vulnerable when an attacker who achieves administrator access on a workstation running Studio 5000 Logix Designer could inject controller code undetectable to a user. 2022-04-01 not yet calculated CVE-2022-1159
CONFIRM vim — vim
  heap buffer overflow in get_one_sourceline in GitHub repository vim/vim prior to 8.2.4647. 2022-03-30 not yet calculated CVE-2022-1160
CONFIRM
MISC minewebs — minewebcms
  Cross-site Scripting (XSS) – Stored in GitHub repository mineweb/minewebcms prior to next. 2022-03-30 not yet calculated CVE-2022-1163
MISC
CONFIRM gpac — gpac
  Null Pointer Dereference Caused Segmentation Fault in GitHub repository gpac/gpac prior to 2.1.0-DEV. 2022-03-30 not yet calculated CVE-2022-1172
MISC
CONFIRM livehelperchat — livehelperchat
  Loose comparison causes IDOR on multiple endpoints in GitHub repository livehelperchat/livehelperchat prior to 3.96. 2022-03-31 not yet calculated CVE-2022-1176
CONFIRM
MISC openemr — openemr
  Accounting User Can Download Patient Reports in openemr in GitHub repository openemr/openemr prior to 6.1.0. 2022-03-30 not yet calculated CVE-2022-1177
CONFIRM
MISC openemr — openemr Stored Cross Site Scripting in GitHub repository openemr/openemr prior to 6.0.0.4. 2022-03-30 not yet calculated CVE-2022-1178
CONFIRM
MISC openemr — openemr
  Non-Privilege User Can Created New Rule and Lead to Stored Cross Site Scripting in GitHub repository openemr/openemr prior to 6.0.0.4. 2022-03-30 not yet calculated CVE-2022-1179
MISC
CONFIRM openemr — openemr
  Reflected Cross Site Scripting in GitHub repository openemr/openemr prior to 6.0.0.4. 2022-03-30 not yet calculated CVE-2022-1180
MISC
CONFIRM openemr — openemr
  Stored Cross Site Scripting in GitHub repository openemr/openemr prior to 6.0.0.2. 2022-03-30 not yet calculated CVE-2022-1181
MISC
CONFIRM livehelperchat — livehelperchat
  SSRF on index.php/cobrowse/proxycss/ in GitHub repository livehelperchat/livehelperchat prior to 3.96. 2022-03-31 not yet calculated CVE-2022-1191
CONFIRM
MISC mruby — mruby
  NULL Pointer Dereference in mrb_vm_exec with super in GitHub repository mruby/mruby prior to 3.2. This vulnerability is capable of making the mruby interpreter crash, thus affecting the availability of the system. 2022-04-02 not yet calculated CVE-2022-1201
CONFIRM
MISC radareorg — radare2
  Out-of-bounds read in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to read sensitive information from outside the allocated buffer boundary. 2022-04-01 not yet calculated CVE-2022-1207
MISC
CONFIRM android — incfs
  In incfs, there is a possible way of mounting on arbitrary paths due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-198657657 2022-03-30 not yet calculated CVE-2022-20002
MISC cocoapods — cocoapods
  The package cocoapods-downloader before 1.6.2 are vulnerable to Command Injection via hg argument injection. When calling the download function (when using hg), the url (and/or revision, tag, branch) is passed to the hg clone command in a way that additional flags can be set. The additional flags can be used to perform a command injection. 2022-04-01 not yet calculated CVE-2022-21223
MISC
MISC mastermind — vcs
  The package github.com/masterminds/vcs before 1.13.3 are vulnerable to Command Injection via argument injection. When hg is executed, argument strings are passed to hg in a way that additional flags can be set. The additional flags can be used to perform a command injection. 2022-04-01 not yet calculated CVE-2022-21235
MISC
MISC nvidia — cuda_toolkit_sdk
  NVIDIA CUDA Toolkit SDK contains an integer overflow vulnerability in cuobjdump.To exploit this vulnerability, a remote attacker would require a local user to download a specially crafted, corrupted file and locally execute cuobjdump against the file. Such an attack may lead to remote code execution that causes complete denial of service and an impact on data confidentiality and integrity. 2022-03-29 not yet calculated CVE-2022-21821
CONFIRM rocketchat — livechat
  A blind self XSS vulnerability exists in RocketChat LiveChat <v1.9 that could allow an attacker to trick a victim pasting malicious code in their chat instance. 2022-04-01 not yet calculated CVE-2022-21830
MISC rancher_desktop — suse_security_incidents
  A Improper Access Control vulnerability in Rancher Desktop of SUSE allows attackers in the local network to connect to the Dashboard API (steve) to carry out arbitrary actions. This issue affects: SUSE Rancher Desktop versions prior to V. 2022-04-01 not yet calculated CVE-2022-21947
CONFIRM ibm — ibm_security_vertify_access
  IBM Security Verify Access could allow a user, using man in the middle techniques, to obtain sensitive information or possibly change some information due to improper validiation of JWT tokens. 2022-03-31 not yet calculated CVE-2022-22311
CONFIRM
XF ibm — urbancode_deploy
  IBM UrbanCode Deploy (UCD) 7.0.5, 7.1.0, 7.1.1, and 7.1.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 218859. 2022-04-01 not yet calculated CVE-2022-22327
CONFIRM
XF ibm — sterlingpartner_engagement_manager
  IBM SterlingPartner Engagement Manager 6.2.0 could allow a malicious user to elevate their privileges and perform unintended operations to another users data. IBM X-Force ID: 218871. 2022-04-01 not yet calculated CVE-2022-22328
CONFIRM
XF ibm — sterlingpartner_engagement_manager
  IBM SterlingPartner Engagement Manager 6.2.0 could allow a remote authenticated attacker to obtain sensitive information or modify user details caused by an insecure direct object vulnerability (IDOR). IBM X-Force ID: 219130. 2022-04-01 not yet calculated CVE-2022-22331
CONFIRM
XF ibm — sterlingpartner_engagement_manager
  IBM Sterling Partner Engagement Manager 6.2.0 could allow an attacker to impersonate another user due to missing revocation mechanism for the JWT token. IBM X-Force ID: 219131. 2022-04-01 not yet calculated CVE-2022-22332
XF
CONFIRM app_connect_enterprise_certified_container_dashboard IBM App Connect Enterprise Certified Container Dashboard UI (IBM App Connect Enterprise Certified Container 1.5, 2.0, 2.1, 3.0, and 3.1) may be vulnerable to denial of service due to excessive rate limiting. 2022-04-01 not yet calculated CVE-2022-22404
XF
CONFIRM unifi — door_access_reader_lite
  A buffer overflow vulnerability found in the UniFi Door Access Reader Lite’s (UA Lite) firmware (Version 3.8.28.24 and earlier) allows a malicious actor who has gained access to a network to control all connected UA devices. This vulnerability is fixed in Version 3.8.31.13 and later. 2022-04-01 not yet calculated CVE-2022-22570
MISC tibco — managed_file_transfer_platform_server
  The cfsend, cfrecv, and CyberResp components of TIBCO Software Inc.’s TIBCO Managed File Transfer Platform Server for UNIX and TIBCO Managed File Transfer Platform Server for z/Linux contain a difficult to exploit Remote Code Execution (RCE) vulnerability that allows a low privileged attacker with network access to execute arbitrary code on the affected system. Affected releases are TIBCO Software Inc.’s TIBCO Managed File Transfer Platform Server for UNIX: versions 8.1.0 and below and TIBCO Managed File Transfer Platform Server for z/Linux: versions 8.1.0 and below. 2022-03-30 not yet calculated CVE-2022-22772
CONFIRM
CONFIRM saltstack — salt
  An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Salt Masters do not sign pillar data with the minion’s public key, which can result in attackers substituting arbitrary pillar data. 2022-03-29 not yet calculated CVE-2022-22934
MISC
MISC
MISC saltstack — salt
  An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. A minion authentication denial of service can cause a MiTM attacker to force a minion process to stop by impersonating a master. 2022-03-29 not yet calculated CVE-2022-22935
MISC
MISC
MISC saltstack — salt
  An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Job publishes and file server replies are susceptible to replay attacks, which can result in an attacker replaying job publishes causing minions to run old jobs. File server replies can also be re-played. A sufficient craft attacker could gain root access on minion under certain scenarios. 2022-03-29 not yet calculated CVE-2022-22936
MISC
MISC
MISC saltstack — salt
  An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. When configured as a Master-of-Masters, with a publisher_acl, if a user configured in the publisher_acl targets any minion connected to the Syndic, the Salt Master incorrectly interpreted no valid targets as valid, allowing configured users to target any of the minions connected to the syndic with their configured commands. This requires a syndic master combined with publisher_acl configured on the Master-of-Masters, allowing users specified in the publisher_acl to bypass permissions, publishing authorized commands to any configured minion. 2022-03-29 not yet calculated CVE-2022-22941
MISC
MISC
MISC vmware — vcenter_server
  The vCenter Server contains an information disclosure vulnerability due to improper permission of files. A malicious actor with non-administrative access to the vCenter Server may exploit this issue to gain access to sensitive information. 2022-03-29 not yet calculated CVE-2022-22948
MISC spring_by_vmware — spring_framework
  n Spring Framework versions 5.3.0 – 5.3.16 and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial of service condition. 2022-04-01 not yet calculated CVE-2022-22950
MISC spring_by_vmware — spring_cloud_function
  In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources. 2022-04-01 not yet calculated CVE-2022-22963
MISC
CISCO
CONFIRM spring_by_vmware — spring_framework
  A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it. 2022-04-01 not yet calculated CVE-2022-22965
MISC
CISCO
CONFIRM link — nippon_telegraph_and_telephone_east_corporation
  Netcommunity OG410X and OG810X series (Netcommunity OG410Xa, OG410Xi, OG810Xa, and OG810Xi firmware Ver.2.28 and earlier) allow an attacker on the adjacent network to execute an arbitrary OS command via a specially crafted config file. 2022-03-31 not yet calculated CVE-2022-22986
MISC
MISC
MISC westerndigital — g_raid
  The G-RAID 4/8 Software Utility setups for Windows were affected by a DLL hijacking vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the system user. 2022-03-30 not yet calculated CVE-2022-22996
MISC zte — home_gateway
  There is a stored XSS vulnerability in ZTE home gateway product. An attacker could modify the gateway name by inserting special characters and trigger an XSS attack when the user views the current topology of the device through the management page. 2022-03-30 not yet calculated CVE-2022-23136
MISC dell — wyse_management_suite
  Dell Wyse Management Suite versions 2.0 through 3.5.2 contain an unrestricted file upload vulnerability. A malicious user with admin privileges can exploit this vulnerability in order to execute arbitrary code on the system. 2022-04-01 not yet calculated CVE-2022-23155
CONFIRM dell — wyse_device_agent
  Wyse Device Agent version 14.6.1.4 and below contain an Improper Authentication vulnerability. A malicious user could potentially exploit this vulnerability by providing invalid input in order to obtain a connection to WMS server. 2022-04-01 not yet calculated CVE-2022-23156
CONFIRM dell — wyse_device_agent
  Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A authenticated malicious user could potentially exploit this vulnerability in order to view sensitive information from the WMS Server. 2022-04-01 not yet calculated CVE-2022-23157
CONFIRM dell — wyse_device_agent
  Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A local authenticated user with standard privilege could potentially exploit this vulnerability and provide incorrect port information and get connected to valid WMS server 2022-04-01 not yet calculated CVE-2022-23158
CONFIRM link — advanced_custom_fields
  Missing authorization vulnerability in Advanced Custom Fields versions prior to 5.12.1 and Advanced Custom Fields Pro versions prior to 5.12.1 allows a remote authenticated attacker to view the information on the database without the access permission. 2022-03-31 not yet calculated CVE-2022-23183
MISC
MISC
MISC joomla — joomla
  An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Extracting an specifilcy crafted tar package could write files outside of the intended path. 2022-03-30 not yet calculated CVE-2022-23793
MISC
MISC joomla — joomla
  An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Uploading a file name of an excess length causes the error. This error brings up the screen with the path of the source code of the web application. 2022-03-30 not yet calculated CVE-2022-23794
MISC joomla — joomla
  An issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0. A user row was not bound to a specific authentication mechanism which could under very special circumstances allow an account takeover. 2022-03-30 not yet calculated CVE-2022-23795
MISC joomla — joomla
  An issue was discovered in Joomla! 3.7.0 through 3.10.6. Lack of input validation could allow an XSS attack using com_fields. 2022-03-30 not yet calculated CVE-2022-23796
MISC joomla — joomla
  An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Inadequate filtering on the selected Ids on an request could resulted into an possible SQL injection. 2022-03-30 not yet calculated CVE-2022-23797
MISC joomla — joomla
  An issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0. Inadequate validation of URLs could result into an invalid check whether an redirect URL is internal or not. 2022-03-30 not yet calculated CVE-2022-23798
MISC joomla — joomla
  An issue was discovered in Joomla! 4.0.0 through 4.1.0. Under specific circumstances, JInput pollutes method-specific input bags with $_REQUEST data. 2022-03-30 not yet calculated CVE-2022-23799
MISC joomla — joomla
  An issue was discovered in Joomla! 4.0.0 through 4.1.0. Inadequate content filtering leads to XSS vulnerabilities in various components. 2022-03-30 not yet calculated CVE-2022-23800
MISC joomla — joomla
  An issue was discovered in Joomla! 4.0.0 through 4.1.0. Possible XSS atack vector through SVG embedding in com_media. 2022-03-30 not yet calculated CVE-2022-23801
MISC ruoyi — ruoyi
  RuoYi v4.7.2 contains a CSV injection vulnerability through ruoyi-admin when a victim opens .xlsx log file. 2022-03-30 not yet calculated CVE-2022-23868
MISC ruoyi — ruoyi
  In RuoYi v4.7.2 through the WebUI, user test1 does not have permission to reset the password of user test3, but the password of user test3 can be reset through the /system/user/resetPwd request. 2022-03-30 not yet calculated CVE-2022-23869
MISC mojang — bedrock_dedicated_server
  Mojang Bedrock Dedicated Server 1.18.2 is affected by an integer overflow leading to a bound check bypass caused by PurchaseReceiptPacket::_read (packet deserializer). 2022-03-28 not yet calculated CVE-2022-23884
MISC src/dfa/dead_rules.cc — src/dfa/dead_rules.cc
  A stack overflow re2c 2.2 exists due to infinite recursion issues in src/dfa/dead_rules.cc. 2022-03-29 not yet calculated CVE-2022-23901
MISC wind_riverr — vxworks
  In Wind River VxWorks 6.9 and 7, a specific crafted packet may lead to an out-of-bounds read during an IKE initial exchange scenario. 2022-03-29 not yet calculated CVE-2022-23937
MISC
MISC snyk — snyk
  The package simple-git before 3.5.0 are vulnerable to Command Injection due to an incomplete fix of [CVE-2022-24433](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-2421199) which only patches against the git fetch attack vector. A similar use of the –upload-pack feature of git is also supported for git clone, which the prior fix didn’t cover. 2022-04-01 not yet calculated CVE-2022-24066
CONFIRM
CONFIRM
CONFIRM
CONFIRM douphp — douphp
  DouPHP v1.6 Release 20220121 is affected by Cross Site Scripting (XSS) through /admin/login.php in the background, which will lead to JavaScript code execution. 2022-03-30 not yet calculated CVE-2022-24131
MISC phpshe — phpshe
  phpshe V1.8 is affected by a denial of service (DoS) attack in the registry’s verification code, which can paralyze the target service. 2022-03-30 not yet calculated CVE-2022-24132
MISC qingscan — qingscan
  QingScan 1.3.0 is affected by Cross Site Scripting (XSS) vulnerability in all search functions. 2022-03-30 not yet calculated CVE-2022-24135
MISC hospital_management_system — hospital_management_system
  Hospital Management System v1.0 is affected by an unrestricted upload of dangerous file type vulerability in treatmentrecord.php. To exploit, an attacker can upload any PHP file, and then execute it. 2022-03-31 not yet calculated CVE-2022-24136
MISC pkp — pkp_lib
  Cross-site scripting (XSS) via Host Header injection in PKP Open Journals System 2.4.8 >= 3.3 allows remote attackers to inject arbitary code via the X-Forwarded-Host Header. 2022-04-01 not yet calculated CVE-2022-24181
MISC pfsense — pfsense
  Improper input validation vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01) allows a remote attacker with the privilege to change OpenVPN client or server settings to execute an arbitrary command. 2022-03-31 not yet calculated CVE-2022-24299
MISC
MISC dell — command
  Dell Command | Update, Dell Update, and Alienware Update versions prior to 4.5 contain a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. A local malicious user could potentially exploit this vulnerability, leading to privilege escalation. 2022-04-01 not yet calculated CVE-2022-24426
CONFIRM cocoapods-downloader — cocoapods-downloader
  The package cocoapods-downloader before 1.6.0, from 1.6.2 and before 1.6.3 are vulnerable to Command Injection via git argument injection. When calling the Pod::Downloader.preprocess_options function and using git, both the git and branch parameters are passed to the git ls-remote subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection. 2022-04-01 not yet calculated CVE-2022-24440
MISC
MISC
MISC baicells — nova436
  Baicells Nova436Q and Neutrino 430 devices with firmware through QRTB 2.7.8 have hardcoded credentials that are easily discovered, and can be used by remote attackers to authenticate via ssh. (The credentials are stored in the firmware, encrypted by the crypt function.) 2022-03-30 not yet calculated CVE-2022-24693
MISC
MISC
MISC jupyter — notebook
  The Jupyter notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.9, unauthorized actors can access sensitive information from server logs. Anytime a 5xx error is triggered, the auth cookie and other header values are recorded in Jupyter server logs by default. Considering these logs do not require root access, an attacker can monitor these logs, steal sensitive auth/cookie information, and gain access to the Jupyter server. Jupyter notebook version 6.4.x contains a patch for this issue. There are currently no known workarounds. 2022-03-31 not yet calculated CVE-2022-24758
CONFIRM pjsip — pjsip
  PJSIP is a free and open source multimedia communication library written in the C language. Versions 2.12 and prior contain a denial-of-service vulnerability that affects PJSIP users that consume PJSIP’s XML parsing in their apps. Users are advised to update. There are no known workarounds. 2022-03-30 not yet calculated CVE-2022-24763
CONFIRM
MISC orckestra — cms_foundation
  C1 CMS is an open-source, .NET based Content Management System (CMS). Versions prior to 6.12 allow an authenticated user to exploit Server Side Request Forgery (SSRF) by causing the server to make arbitrary GET requests to other servers in the local network or on localhost. The attacker may also truncate arbitrary files to zero size (effectively delete them) leading to denial of service (DoS) or altering application logic. The authenticated user may unknowingly perform the actions by visiting a specially crafted site. Patched in C1 CMS v6.12, no known workarounds exist. 2022-03-28 not yet calculated CVE-2022-24789
MISC
CONFIRM puma — puma
  Puma is a simple, fast, multi-threaded, parallel HTTP 1.1 server for Ruby/Rack applications. When using Puma behind a proxy that does not properly validate that the incoming HTTP request matches the RFC7230 standard, Puma and the frontend proxy may disagree on where a request starts and ends. This would allow requests to be smuggled via the front-end proxy to Puma. The vulnerability has been fixed in 5.6.4 and 4.3.12. Users are advised to upgrade as soon as possible. Workaround: when deploying a proxy in front of Puma, turning on any and all functionality to make sure that the request matches the RFC7230 standard. 2022-03-30 not yet calculated CVE-2022-24790
MISC
CONFIRM bytecodealliance — wasmtime
  Wasmtime is a standalone JIT-style runtime for WebAssembly, using Cranelift. There is a use after free vulnerability in Wasmtime when both running Wasm that uses externrefs and enabling epoch interruption in Wasmtime. If you are not explicitly enabling epoch interruption (it is disabled by default) then you are not affected. If you are explicitly disabling the Wasm reference types proposal (it is enabled by default) then you are also not affected. The use after free is caused by Cranelift failing to emit stack maps when there are safepoints inside cold blocks. Cold blocks occur when epoch interruption is enabled. Cold blocks are emitted at the end of compiled functions, and change the order blocks are emitted versus defined. This reordering accidentally caused Cranelift to skip emitting some stack maps because it expected to emit the stack maps in block definition order, rather than block emission order. When Wasmtime would eventually collect garbage, it would fail to find live references on the stack because of the missing stack maps, think that they were unreferenced garbage, and therefore reclaim them. Then after the collection ended, the Wasm code could use the reclaimed-too-early references, which is a use after free. Patches have been released in versions 0.34.2 and 0.35.2, which fix the vulnerability. All Wasmtime users are recommended to upgrade to these patched versions. If upgrading is not an option for you at this time, you can avoid the vulnerability by either: disabling the Wasm reference types proposal, config.wasm_reference_types(false); or by disabling epoch interruption if you were previously enabling it. config.epoch_interruption(false). 2022-03-31 not yet calculated CVE-2022-24791
CONFIRM
MISC express_openid — express_openid
  Express OpenID Connect is an Express JS middleware implementing sign on for Express web apps using OpenID Connect. Users of the `requiresAuth` middleware, either directly or through the default `authRequired` option, are vulnerable to an Open Redirect when the middleware is applied to a catch all route. If all routes under `example.com` are protected with the `requiresAuth` middleware, a visit to `http://example.com//google.com` will be redirected to `google.com` after login because the original url reported by the Express framework is not properly sanitized. This vulnerability affects versions prior to 2.7.2. Users are advised to upgrade. There are no known workarounds. 2022-03-31 not yet calculated CVE-2022-24794
MISC
CONFIRM raspberrymatic — raspberrymatic
  RaspberryMatic is a free and open-source operating system for running a cloud-free smart-home using the homematicIP / HomeMatic hardware line of IoT devices. A Remote Code Execution (RCE) vulnerability in the file upload facility of the WebUI interface of RaspberryMatic exists. Missing input validation/sanitization in the file upload mechanism allows remote, unauthenticated attackers with network access to the WebUI interface to achieve arbitrary operating system command execution via shell metacharacters in the HTTP query string. Injected commands are executed as root, thus leading to a full compromise of the underlying system and all its components. Versions after `2.31.25.20180428` and prior to `3.63.8.20220330` are affected. Users are advised to update to version `3.63.8.20220330` or newer. There are currently no known workarounds to mitigate the security impact and users are advised to update to the latest version available. 2022-03-31 not yet calculated CVE-2022-24796
CONFIRM
MISC pomerium — pomerium
  Pomerium is an identity-aware access proxy. In distributed service mode, Pomerium’s Authenticate service exposes pprof debug and prometheus metrics handlers to untrusted traffic. This can leak potentially sensitive environmental information or lead to limited denial of service conditions. This issue is patched in version v0.17.1 Workarounds: Block access to `/debug` and `/metrics` paths on the authenticate service. This can be done with any L7 proxy, including Pomerium’s own proxy service. 2022-03-31 not yet calculated CVE-2022-24797
CONFIRM
MISC
MISC irrdnet — irrd
  Internet Routing Registry daemon version 4 is an IRR database server, processing IRR objects in the RPSL format. IRRd did not always filter password hashes in query responses relating to `mntner` objects and database exports. This may have allowed adversaries to retrieve some of these hashes, perform a brute-force search for the clear-text passphrase, and use these to make unauthorised changes to affected IRR objects. This issue only affected instances that process password hashes, which means it is limited to IRRd instances that serve authoritative databases. IRRd instances operating solely as mirrors of other IRR databases are not affected. This has been fixed in IRRd 4.2.3 and the main branch. Versions in the 4.1.x series never were affected. Users of the 4.2.x series are strongly recommended to upgrade. There are no known workarounds for this issue. 2022-03-31 not yet calculated CVE-2022-24798
MISC
CONFIRM
MISC deepmerge-ts — deepmerge-ts
  deepmerge-ts is a typescript library providing functionality to deep merging of javascript objects. deepmerge-ts is vulnerable to Prototype Pollution via file deepmerge.ts, function defaultMergeRecords(). This issue has been patched in version 4.0.2. There are no known workarounds for this issue. 2022-04-01 not yet calculated CVE-2022-24802
CONFIRM
MISC
MISC asciidoctor — asciidoctor
  Asciidoctor-include-ext is Asciidoctor’s standard include processor reimplemented as an extension. Versions prior to 0.4.0, when used to render user-supplied input in AsciiDoc markup, may allow an attacker to execute arbitrary system commands on the host operating system. This attack is possible even when `allow-uri-read` is disabled! The problem has been patched in the referenced commits. 2022-04-01 not yet calculated CVE-2022-24803
MISC
MISC
CONFIRM shopware — b2b_suite
  An issue was discovered in Shopware B2B-Suite through 4.4.1. The sort-by parameter of the search functionality of b2border and b2borderlist allows SQL injection. Possible techniques are boolean-based blind, time-based blind, and potentially stacked queries. The vulnerability allows a remote authenticated attacker to dump the underlying database. 2022-03-29 not yet calculated CVE-2022-24956
MISC
MISC dhc — vision_eqms
  DHC Vision eQMS through 5.4.8.322 has Persistent XSS due to insufficient encoding of untrusted input/output. To exploit the vulnerability, the attacker has to create or edit a new information object and use the XSS payload as the name. Any user that opens the object’s version or history tab will be attacked. 2022-03-29 not yet calculated CVE-2022-24957
MISC
MISC totolink — ex300
  totolink EX300_v2 V4.0.3c.140_B20210429 and EX1200T V4.1.2cu.5230_B20210706 does not contain an authentication mechanism. 2022-03-30 not yet calculated CVE-2022-25008
MISC hitron — chita Hitron CHITA 7.2.2.0.3b6-CD devices contain a command injection vulnerability via the Device/DDNS ddnsUsername field. 2022-04-01 not yet calculated CVE-2022-25017
MISC mitsubishi — electric_melsec
  Use of Password Hash Instead of Password for Authentication vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5U(C) CPU all versions and Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU all versions allows a remote unauthenticated attacker to login to the product by replaying an eavesdropped password hash. 2022-04-01 not yet calculated CVE-2022-25155
MISC
MISC
MISC mitsubishi — electric_melsec
  Use of Weak Hash vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5U(C) CPU all versions and Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU all versions allows a remote unauthenticated attacker to login to the product by using a password reversed from a previously eavesdropped password hash. 2022-04-01 not yet calculated CVE-2022-25156
MISC
MISC
MISC mitsubishi — electric_melsec
  Use of Password Hash Instead of Password for Authentication vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5U(C) CPU all versions and Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU all versions allows a remote unauthenticated attacker to disclose or tamper with the information in the product by using an eavesdropped password hash. 2022-04-01 not yet calculated CVE-2022-25157
MISC
MISC
MISC mitsubishi — electric_melsec
  Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5U(C) CPU all versions and Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU all versions allows a remote attacker to disclose or tamper with a file in which password hash is saved in cleartext. 2022-04-01 not yet calculated CVE-2022-25158
MISC
MISC
MISC mitsubishi — electric_melsec
  Authentication Bypass by Capture-replay vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5U(C) CPU all versions and Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU all versions allows a remote unauthenticated attacker to login to the product by replay attack. 2022-04-01 not yet calculated CVE-2022-25159
MISC
MISC
MISC mitsubishi — electric_melsec
  Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5U(C) CPU all versions and Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU all versions allows a remote unauthenticated attacker to disclose a file in a legitimate user’s product by using previously eavesdropped cleartext information and to counterfeit a legitimate user’s system. 2022-04-01 not yet calculated CVE-2022-25160
MISC
MISC
MISC deltaww — diaenergie
  Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) is vulnerable to path traversal attacks, which may allow an attacker to write arbitrary files to locations on the file system. 2022-03-29 not yet calculated CVE-2022-25347
CONFIRM hibara — attachecase
  Untrusted search path vulnerability in AttacheCase ver.4.0.2.7 and earlier allows an attacker to gain privileges and execute arbitrary code via a Trojan horse DLL in an unspecified directory. 2022-03-31 not yet calculated CVE-2022-25348
MISC
MISC ntt — resonate_incorporated_goo_blog_app_web_application
  NTT Resonant Incorporated goo blog App Web Application 1.0 is vulnerable to CLRF injection. This vulnerability allows attackers to execute arbitrary code via a crafted HTTP request. 2022-03-29 not yet calculated CVE-2022-25420
MISC unno — unno
  UNNO v03.11.00 was discovered to contain access control issue. 2022-03-29 not yet calculated CVE-2022-25521
MISC
MISC apache — dolphinscheduler
  Apache DolphinScheduler user registration is vulnerable to Regular express Denial of Service (ReDoS) attacks, Apache DolphinScheduler users should upgrade to version 2.0.5 or higher. 2022-03-30 not yet calculated CVE-2022-25598
MISC sambabox — sambabox
  Improper Neutralization of Special Elements used in a Command (‘Command Injection’) vulnerability in ping tool of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause run arbitrary code. This issue affects: Profelis IT Consultancy SambaBox 4.0 version 4.0 and prior versions on x86. 2022-03-30 not yet calculated CVE-2022-25619
CONFIRM sambabox — sambabox
  Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Group Functionality of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause execute arbitrary codes on the vulnerable server. This issue affects: Profelis IT Consultancy SambaBox 4.0 version 4.0 and prior versions on x86. 2022-03-30 not yet calculated CVE-2022-25620
CONFIRM apache — apisix
  In Apache APISIX before 2.13.0, when decoding JSON with duplicate keys, lua-cjson will choose the last occurred value as the result. By passing a JSON with a duplicate key, the attacker can bypass the body_schema validation in the request-validation plugin. For example, `{“string_payload”:”bad”,”string_payload”:”good”}` can be used to hide the “bad” input. Systems satisfy three conditions below are affected by this attack: 1. use body_schema validation in the request-validation plugin 2. upstream application uses a special JSON library that chooses the first occurred value, like jsoniter or gojay 3. upstream application does not validate the input anymore. The fix in APISIX is to re-encode the validated JSON input back into the request body at the side of APISIX. Improper Input Validation vulnerability in __COMPONENT__ of Apache APISIX allows an attacker to __IMPACT__. This issue affects Apache APISIX Apache APISIX version 2.12.1 and prior versions. 2022-03-28 not yet calculated CVE-2022-25757
CONFIRM
MLIST elecom — lan_routers
  Improper access control vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, WRC-1750GSV firmware v2.11 and prior, WRC-1900GST firmware v1.03 and prior, WRC-2533GST firmware v1.03 and prior, WRC-2533GSTA firmware v1.03 and prior, WRC-2533GST2 firmware v1.25 and prior, WRC-2533GST2SP firmware v1.25 and prior, WRC-2533GST2-G firmware v1.25 and prior, and EDWRC-2533GST2 firmware v1.25 and prior) allows a network-adjacent authenticated attacker to bypass access restriction and to access the management screen of the product via unspecified vectors. 2022-03-31 not yet calculated CVE-2022-25915
MISC
MISC omcron — cx_position
  Omron CX-Position (versions 2.5.3 and prior) is vulnerable to memory corruption while processing a specific project file, which may allow an attacker to execute arbitrary code. 2022-04-01 not yet calculated CVE-2022-25959
CONFIRM pfsense — pfsense
  Improper access control vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01) allows a remote attacker with the privilege to change NTP GPS settings to rewrite existing files on the file system, which may result in arbitrary command execution. 2022-03-31 not yet calculated CVE-2022-26019
MISC
MISC omron — cx_position
  Omron CX-Position (versions 2.5.3 and prior) is vulnerable to an out-of-bounds write while processing a specific project file, which may allow an attacker to execute arbitrary code. 2022-04-01 not yet calculated CVE-2022-26022
CONFIRM hms — hms
  A stored cross-site scripting (XSS) vulnerability in Hospital Patient Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the “special” field. 2022-03-30 not yet calculated CVE-2022-26244
MISC
MISC falcon — falcon_pulse
  Falcon-plus v0.3 was discovered to contain a SQL injection vulnerability via the parameter grpName in /config/service/host.go. 2022-03-27 not yet calculated CVE-2022-26245
MISC wowonder — ultimate_php_social_network_platform
  WoWonder The Ultimate PHP Social Network Platform v4.0.0 was discovered to contain an access control issue which allows unauthenticated attackers to arbitrarily change group ID names. 2022-03-27 not yet calculated CVE-2022-26254
MISC microsoft — clash
  Clash for Windows v0.19.8 was discovered to allow arbitrary code execution via a crafted payload injected into the Proxies name column. 2022-03-28 not yet calculated CVE-2022-26255
MISC xiongmai — dvr_devices
  A buffer over flow in Xiongmai DVR devices NBD80X16S-KL, NBD80X09S-KL, NBD80X08S-KL, NBD80X09RA-KL, AHB80X04R-MH, AHB80X04R-MH-V2, AHB80X04-R-MH-V3, AHB80N16T-GS, AHB80N32F4-LME, and NBD90S0VT-QW allows attackers to cause a Denial of Service (DoS) via a crafted RSTP request. 2022-03-28 not yet calculated CVE-2022-26259
MISC
MISC suzuki– connect
  Suzuki Connect v1.0.15 allows attackers to tamper with displayed messages via spoofed CAN messages. 2022-03-29 not yet calculated CVE-2022-26269
MISC
MISC
MISC tenda — ac9
  Tenda AC9 v15.03.2.21_cn was discovered to contain a stack overflow via the time parameter in the PowerSaveSet function. 2022-03-28 not yet calculated CVE-2022-26278
MISC libarchive — libarchive
  Libarchive v3.6.0 was discovered to contain an out-of-bounds read via the component zipx_lzma_alone_init. 2022-03-28 not yet calculated CVE-2022-26280
MISC lrzip — lrzip
  lrzip v0.641 was discovered to contain a multiple concurrency use-after-free between the functions zpaq_decompress_buf() and clear_rulist(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted Irz file. 2022-03-28 not yet calculated CVE-2022-26291
MISC riscv-boom — riscv-boom
  BOOM: The Berkeley Out-of-Order RISC-V Processor commit d77c2c3 was discovered to allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. 2022-03-28 not yet calculated CVE-2022-26296
MISC omron — cx-position
  Omron CX-Position (versions 2.5.3 and prior) is vulnerable to a use after free memory condition while processing a specific project file, which may allow an attacker to execute arbitrary code. 2022-04-01 not yet calculated CVE-2022-26417
CONFIRM omron — cx-position
  Omron CX-Position (versions 2.5.3 and prior) is vulnerable to multiple stack-based buffer overflow conditions while parsing a specific project file, which may allow an attacker to locally execute arbitrary code. 2022-04-01 not yet calculated CVE-2022-26419
CONFIRM hms — hms
  Hospital Management System v1.0 was discovered to lack an authorization component, allowing attackers to access sensitive information and obtain the admin password. 2022-03-31 not yet calculated CVE-2022-26546
MISC
MISC kopano — core
  An issue in provider/libserver/ECKrbAuth.cpp of Kopano-Core v11.0.2.51 contains an issue which allows attackers to authenticate even if the user account or password is expired. 2022-04-01 not yet calculated CVE-2022-26562
MISC
MISC totaljs — totaljs
  A cross-site scripting (XSS) vulnerability in Totaljs commit 95f54a5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Page Name text field when creating a new page. 2022-04-01 not yet calculated CVE-2022-26565
MISC tp-link — tp-link TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the DNSServers parameter. 2022-03-28 not yet calculated CVE-2022-26639
MISC tp-link — tp-link TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the minAddress parameter. 2022-03-28 not yet calculated CVE-2022-26640
MISC tp-link — tp-link
  TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the httpRemotePort parameter. 2022-03-28 not yet calculated CVE-2022-26641
MISC tp-link — tp-link
  TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the X_TP_ClonedMACAddress parameter. 2022-03-28 not yet calculated CVE-2022-26642
MISC sourcecodester — online_banking_system_protect Online Banking System Protect v1.0 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via parameters on user profile, system_info and accounts management. 2022-03-30 not yet calculated CVE-2022-26644
MISC
MISC sourcecodester — online_banking_system_protect A remote code execution (RCE) vulnerability in Online Banking System Protect v1.0 allows attackers to execute arbitrary code via a crafted PHP file uploaded through the Upload Image function. 2022-03-30 not yet calculated CVE-2022-26645
MISC
MISC sourcecodester — online_banking_system_protect Online Banking System Protect v1.0 was discovered to contain a local file inclusion (LFI) vulnerability via the pages parameter. 2022-03-30 not yet calculated CVE-2022-26646
MISC
MISC deltaww — diaenergie
  Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) is vulnerable to an incorrect default permission in the DIAEnergie application, which may allow an attacker to plant new files (such as DLLs) or replace existing executable files. 2022-03-29 not yet calculated CVE-2022-26839
CONFIRM trend_micro — apex_central
  An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution. 2022-03-29 not yet calculated CVE-2022-26871
MISC
MISC
MISC
MISC
MISC archerirm_community — archer Archer 6.x through 6.9 SP3 (6.9.3.0) contains a reflected XSS vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability by tricking a victim application user into supplying malicious HTML or JavaScript code to the vulnerable web application; the malicious code is then reflected back to the victim and gets executed by the web browser in the context of the vulnerable web application. 2022-03-30 not yet calculated CVE-2022-26947
MISC
MISC archerirm_community — rss_feed
  The Archer RSS feed integration for Archer 6.x through 6.9 SP1 (6.9.1.0) is affected by an insecure credential storage vulnerability. A malicious attacker may obtain access to credential information to use it in further attacks. 2022-03-30 not yet calculated CVE-2022-26948
MISC
MISC archerirm_community — archer
  Archer 6.x through 6.9 SP2 P1 (6.9.2.1) contains an improper access control vulnerability on attachments. A remote authenticated malicious user could potentially exploit this vulnerability to gain access to files that should only be allowed by extra privileges. 2022-03-30 not yet calculated CVE-2022-26949
MISC
MISC archerirm_community — archer
  Archer 6.x through 6.9 P2 (6.9.0.2) is affected by an open redirect vulnerability. A remote unprivileged attacker may potentially redirect legitimate users to arbitrary web sites and conduct phishing attacks. The attacker could then steal the victims’ credentials and silently authenticate them to the Archer application without the victims realizing an attack occurred. 2022-03-30 not yet calculated CVE-2022-26950
MISC
MISC archerirm_community — archer
  Archer 6.x through 6.10 (6.10.0.0) contains a reflected XSS vulnerability. A remote SAML-unauthenticated malicious Archer user could potentially exploit this vulnerability by tricking a victim application user into supplying malicious HTML or JavaScript code to the vulnerable web application; the malicious code is then reflected back to the victim and gets executed by the web browser in the context of the vulnerable web application. 2022-03-30 not yet calculated CVE-2022-26951
MISC
MISC teampass — teampass
  Teampass 2.1.26 allows reflected XSS via the index.php PATH_INFO. 2022-03-28 not yet calculated CVE-2022-26980
MISC
MISC raidrive — raidrive
  Raidrive before v2021.12.35 allows attackers to arbitrarily move log files by pre-creating a mountpoint and log files before Raidrive is installed. 2022-03-31 not yet calculated CVE-2022-27049
MISC bitcomet — bitcomet
  BitComet Service for Windows before version 1.8.6 contains an unquoted service path vulnerability which allows attackers to escalate privileges to the system level. 2022-03-31 not yet calculated CVE-2022-27050
MISC freeftpd — freetpd
  FreeFtpd version 1.0.13 and below contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges. 2022-03-31 not yet calculated CVE-2022-27052
MISC netflix — security_bulletins
  A Python format string issue leading to information disclosure and potentially remote code execution in ConsoleMe for all versions prior to 1.2.2 2022-04-01 not yet calculated CVE-2022-27177
MISC icehrm — pluck_cms
  A Cross-Site Request Forgery (CSRF) in Pluck CMS v4.7.15 allows attackers to change the password of any given user by exploiting this feature leading to account takeover. 2022-03-30 not yet calculated CVE-2022-27432
MISC
MISC zero-channel_bbs_plus — zero-channel_bbs_plus Cross-site scripting vulnerability in Zero-channel BBS Plus v0.7.4 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors. 2022-03-31 not yet calculated CVE-2022-27496
MISC
MISC kaspersky — anti-virus
  Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security with antivirus databases released before 12 March 2022 had a bug in a data parsing module that potentially allowed an attacker to execute arbitrary code. The fix was delivered automatically. Credits: Georgy Zaytsev (Positive Technologies). 2022-04-01 not yet calculated CVE-2022-27534
MISC sap — innovation_management
  Under certain conditions, SAP Innovation management – version 2.0, allows an attacker to access information which could lead to information gathering for further exploits and attacks. 2022-03-28 not yet calculated CVE-2022-27658
MISC
MISC springframework — springframework
  ** UNSUPPORTED WHEN ASSIGNED ** spring-boot versions prior to version v2.2.11.RELEASE was vulnerable to temporary directory hijacking. This vulnerability impacted the org.springframework.boot.web.server.AbstractConfigurableWebServerFactory.createTempDir method. NOTE: This vulnerability only affects products and/or versions that are no longer supported by the maintainer. 2022-03-30 not yet calculated CVE-2022-27772
MISC waycrate — swhkd
  SWHKD 1.1.5 unsafely uses the /tmp/swhkd.pid pathname. There can be an information leak or denial of service. 2022-03-30 not yet calculated CVE-2022-27815
MISC
MISC waycrate — swhkd
  SWHKD 1.1.5 unsafely uses the /tmp/swhks.pid pathname. There can be data loss or a denial of service. 2022-03-30 not yet calculated CVE-2022-27816
MISC
MISC sonatype — nexus_repository_manager
  Sonatype Nexus Repository Manager 3.x before 3.38.0 allows SSRF. 2022-03-30 not yet calculated CVE-2022-27907
MISC
MISC tesla — tesla
  ** DISPUTED ** Certain Tesla vehicles through 2022-03-26 allow attackers to open the charging port via a 315 MHz RF signal containing a fixed sequence of approximately one hundred symbols. NOTE: the vendor’s perspective is that the behavior is as intended. 2022-03-27 not yet calculated CVE-2022-27948
MISC
MISC
MISC linux — linux_kernel
  In drivers/hid/hid-elo.c in the Linux kernel before 5.16.11, a memory leak exists for a certain hid_parse error condition. 2022-03-28 not yet calculated CVE-2022-27950
MISC
MISC
MISC
MISC netsarang — xftp
  Xftp 7.0.0088p and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file. 2022-03-31 not yet calculated CVE-2022-27963
MISC
MISC netsarang — xmanager
  Xmanager v7.0.0096 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file. 2022-03-31 not yet calculated CVE-2022-27964
MISC
MISC netsarang — xlpd
  Xlpd v7.0.0094 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file. 2022-03-31 not yet calculated CVE-2022-27965
MISC
MISC netsarang — xshell Xshell v7.0.0099 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file. 2022-03-31 not yet calculated CVE-2022-27966
MISC
MISC hibara_software — attachecase Untrusted search path vulnerability in AttacheCase ver.3.6.1.0 and earlier allows an attacker to gain privileges and execute arbitrary code via a Trojan horse DLL in an unspecified directory. 2022-03-31 not yet calculated CVE-2022-28128
MISC
MISC jenkins — bitbucket_server_integration_plugin
  Jenkins Bitbucket Server Integration Plugin 3.1.0 and earlier does not limit URL schemes for callback URLs on OAuth consumers, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create BitBucket Server consumers. 2022-03-29 not yet calculated CVE-2022-28133
CONFIRM
MLIST jenkins — bitbucket_server_integration_plugin
  Jenkins Bitbucket Server Integration Plugin 3.1.0 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to create, view, and delete BitBucket Server consumers. 2022-03-29 not yet calculated CVE-2022-28134
CONFIRM
MLIST jenkins — instant-messaging_plugin
  Jenkins instant-messaging Plugin 1.41 and earlier stores passwords for group chats unencrypted in the global configuration file of plugins based on Jenkins instant-messaging Plugin on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system. 2022-03-29 not yet calculated CVE-2022-28135
CONFIRM
MLIST jenkins — jiratestresultreporter_plugin
  A cross-site request forgery (CSRF) vulnerability in Jenkins JiraTestResultReporter Plugin 165.v817928553942 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials. 2022-03-29 not yet calculated CVE-2022-28136
CONFIRM
MLIST jenkins — jiratestresultreporter_plugin
  A missing permission check in Jenkins JiraTestResultReporter Plugin 165.v817928553942 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials. 2022-03-29 not yet calculated CVE-2022-28137
CONFIRM
MLIST jenkins — rocketchat_notifier_plugin A cross-site request forgery (CSRF) vulnerability in Jenkins RocketChat Notifier Plugin 1.4.10 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credential. 2022-03-29 not yet calculated CVE-2022-28138
CONFIRM
MLIST jenkins — rocketchat_notifier_plugin
  A missing permission check in Jenkins RocketChat Notifier Plugin 1.4.10 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials. 2022-03-29 not yet calculated CVE-2022-28139
CONFIRM
MLIST jenkins — flaky_test_handler_plugin
  Jenkins Flaky Test Handler Plugin 1.2.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. 2022-03-29 not yet calculated CVE-2022-28140
CONFIRM
MLIST jenkins — proxmos_plugin Jenkins Proxmox Plugin 0.5.0 and earlier stores the Proxmox Datacenter password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. 2022-03-29 not yet calculated CVE-2022-28141
CONFIRM
MLIST jenkins — proxmos_plugin Jenkins Proxmox Plugin 0.6.0 and earlier disables SSL/TLS certificate validation globally for the Jenkins controller JVM when configured to ignore SSL/TLS issues. 2022-03-29 not yet calculated CVE-2022-28142
CONFIRM
MLIST jenkins — proxmos_plugin A cross-site request forgery (CSRF) vulnerability in Jenkins Proxmox Plugin 0.7.0 and earlier allows attackers to connect to an attacker-specified host using attacker-specified username and password (perform a connection test), disable SSL/TLS validation for the entire Jenkins controller JVM as part of the connection test (see CVE-2022-28142), and test a rollback with attacker-specified parameters. 2022-03-29 not yet calculated CVE-2022-28143
CONFIRM
MLIST jenkins — proxmos_plugin
  Jenkins Proxmox Plugin 0.7.0 and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified host using attacker-specified username and password (perform a connection test), disable SSL/TLS validation for the entire Jenkins controller JVM as part of the connection test (see CVE-2022-28142), and test a rollback with attacker-specified parameters. 2022-03-29 not yet calculated CVE-2022-28144
CONFIRM
MLIST jenkins — continuous_integration_with_toad_edge_plugin
  Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier does not apply Content-Security-Policy headers to report files it serves, resulting in a stored cross-site scripting (XSS) exploitable by attackers with Item/Configure permission or otherwise able to control report contents. 2022-03-29 not yet calculated CVE-2022-28145
CONFIRM
MLIST jenkins — continuous_integration_with_toad_edge_plugin
  Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier allows attackers with Item/Configure permission to read arbitrary files on the Jenkins controller by specifying an input folder on the Jenkins controller as a parameter to its build steps. 2022-03-29 not yet calculated CVE-2022-28146
CONFIRM
MLIST jenkins — continuous_integration_with_toad_edge_plugin
  A missing permission check in Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. 2022-03-29 not yet calculated CVE-2022-28147
CONFIRM
MLIST jenkins — continuous_integration_with_toad_edge_plugin The file browser in Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier may interpret some paths to files as absolute on Windows, resulting in a path traversal vulnerability allowing attackers with Item/Read permission to obtain the contents of arbitrary files on Windows controllers. 2022-03-29 not yet calculated CVE-2022-28148
CONFIRM
MLIST jenkins — job_and_node_ownership_plugin
  Jenkins Job and Node ownership Plugin 0.13.0 and earlier does not escape the names of the secondary owners, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. 2022-03-29 not yet calculated CVE-2022-28149
CONFIRM
MLIST jenkins — job_and_node_ownership_plugin
  A cross-site request forgery (CSRF) vulnerability in Jenkins Job and Node ownership Plugin 0.13.0 and earlier allows attackers to change the owners and item-specific permissions of a job. 2022-03-29 not yet calculated CVE-2022-28150
CONFIRM
MLIST jenkins — job_and_node_ownership_plugin
  A missing permission check in Jenkins Job and Node ownership Plugin 0.13.0 and earlier allows attackers with Item/Read permission to change the owners and item-specific permissions of a job. 2022-03-29 not yet calculated CVE-2022-28151
CONFIRM
MLIST jenkins — job_and_node_ownership_plugin
  A cross-site request forgery (CSRF) vulnerability in Jenkins Job and Node ownership Plugin 0.13.0 and earlier allows attackers to restore the default ownership of a job. 2022-03-29 not yet calculated CVE-2022-28152
CONFIRM
MLIST jenkins — sitemonitor_plugin
  Jenkins SiteMonitor Plugin 0.6 and earlier does not escape URLs of sites to monitor in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. 2022-03-29 not yet calculated CVE-2022-28153
CONFIRM
MLIST jenkins — coverage_complexity_scatter_plot_plugin Jenkins Coverage/Complexity Scatter Plot Plugin 1.1.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. 2022-03-29 not yet calculated CVE-2022-28154
CONFIRM
MLIST jenkins — pipeline_phonenix_autotest_plugin
  Jenkins Pipeline: Phoenix AutoTest Plugin 1.3 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. 2022-03-29 not yet calculated CVE-2022-28155
CONFIRM
MLIST jenkins — pipeline_phonenix_autotest_plugin
  Jenkins Pipeline: Phoenix AutoTest Plugin 1.3 and earlier allows attackers with Item/Configure permission to copy arbitrary files and directories from the Jenkins controller to the agent workspace. 2022-03-29 not yet calculated CVE-2022-28156
CONFIRM
MLIST jenkins — pipeline_phonenix_autotest_plugin
  Jenkins Pipeline: Phoenix AutoTest Plugin 1.3 and earlier allows attackers with Item/Configure permission to upload arbitrary files from the Jenkins controller via FTP to an attacker-specified FTP server. 2022-03-29 not yet calculated CVE-2022-28157
CONFIRM
MLIST jenkins — pipeline_phonenix_autotest_plugin
  A missing permission check in Jenkins Pipeline: Phoenix AutoTest Plugin 1.3 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. 2022-03-29 not yet calculated CVE-2022-28158
CONFIRM
MLIST jenkins — tests_selector_plugin
  Jenkins Tests Selector Plugin 1.3.3 and earlier does not escape the Properties File Path option for Choosing Tests parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. 2022-03-29 not yet calculated CVE-2022-28159
CONFIRM
MLIST jenkins — tests_selector_plugin
  Jenkins Tests Selector Plugin 1.3.3 and earlier allows users with Item/Configure permission to read arbitrary files on the Jenkins controller. 2022-03-29 not yet calculated CVE-2022-28160
CONFIRM
MLIST mediawiki  — mediawiki
  An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The widthheight, widthheightpage, and nbytes properties of messages are not escaped when used in galleries or Special:RevisionDelete. 2022-03-30 not yet calculated CVE-2022-28202
MISC mediawiki  — mediawiki An issue was discovered in MediaWiki through 1.37.1. The CentralAuth extension mishandles a ttl issue for groups expiring in the future. 2022-03-30 not yet calculated CVE-2022-28205
MISC
CONFIRM mediawiki  — mediawiki An issue was discovered in MediaWiki through 1.37.1. ImportPlanValidator.php in the FileImporter extension mishandles the check for edit rights. 2022-03-30 not yet calculated CVE-2022-28206
MISC
MISC mediawiki  — mediawiki
  An issue was discovered in Mediawiki through 1.37.1. The check for the override-antispoof permission in the AntiSpoof extension is incorrect. 2022-03-30 not yet calculated CVE-2022-28209
MISC
MISC tekon — kio
  Tekon KIO devices through 2022-03-30 allow an authenticated admin user to escalate privileges to root by uploading a malicious Lua plugin. 2022-03-30 not yet calculated CVE-2022-28223
MISC weechat — weechat
  WeeChat (aka Wee Enhanced Environment for Chat) 3.2 to 3.4 before 3.4.1 does not properly verify the TLS certificate of the server, after certain GnuTLS options are changed, which allows man-in-the-middle attackers to spoof a TLS chat server via an arbitrary certificate. NOTE: this only affects situations where weechat.network.gnutls_ca_system or weechat.network.gnutls_ca_user is changed without a WeeChat restart. 2022-04-02 not yet calculated CVE-2022-28352
MISC
MISC scala.js — scala.js
  randomUUID in Scala.js before 1.10.0 generates predictable values. 2022-04-02 not yet calculated CVE-2022-28355
MISC
MISC linux — linux_kernel
  In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c. 2022-04-02 not yet calculated CVE-2022-28356
MISC
MISC