| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-2004 | Hig | 0.49 | 7.5 | 0.01 | Aug 31, 2022 | AutomationDirect DirectLOGIC is vulnerable to a a specially crafted packet can be sent continuously to the PLC to prevent access from DirectSoft and other devices, causing a denial-of-service condition. This issue affects: AutomationDirect DirectLOGIC D0-06 series CPUs D0-06DD1… | ||
| CVE-2022-2003 | Hig | 0.50 | 7.7 | 0.01 | Aug 31, 2022 | AutomationDirect DirectLOGIC is vulnerable to a specifically crafted serial message to the CPU serial port that will cause the PLC to respond with the PLC password in cleartext. This could allow an attacker to access and make unauthorized changes. This issue affects:… | ||
| CVE-2022-1976 | Hig | 0.51 | 7.8 | 0.00 | Aug 31, 2022 | A flaw was found in the Linux kernel’s implementation of IO-URING. This flaw allows an attacker with local executable permission to create a string of requests that can cause a use-after-free flaw within the kernel. This issue leads to memory corruption and possible privilege… | ||
| CVE-2022-1888 | Hig | 0.51 | 7.8 | 0.00 | Aug 31, 2022 | Alpha7 PC Loader (All versions) is vulnerable to a stack-based buffer overflow while processing a specifically crafted project file, which may allow an attacker to execute arbitrary code. | ||
| CVE-2022-1552 | Hig | 0.58 | 8.8 | 0.12 | Aug 31, 2022 | A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck commands activated relevant… | ||
| CVE-2022-1405 | Hig | 0.51 | 7.8 | 0.02 | Aug 31, 2022 | CNCSoft: All versions prior to 1.01.32 does not properly sanitize input while processing a specific project file, allowing a possible stack-based buffer overflow condition. | ||
| CVE-2022-1319 | Hig | 0.00 | 7.5 | 0.01 | Aug 31, 2022 | A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse flag set even though JBoss EAP closes the connection. A failure occurs when the connection is reused after a 400 by CPING since it reads in… | ||
| CVE-2022-1271 | Hig | 0.58 | 8.8 | 0.04 | Aug 31, 2022 | An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to… | ||
| CVE-2022-1259 | Hig | 0.49 | 7.5 | 0.01 | Aug 31, 2022 | A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server. This flaw exists because of an incomplete fix for CVE-2021-3629. | ||
| CVE-2022-1247 | Hig | 0.46 | 7.0 | 0.00 | Aug 31, 2022 | An issue found in linux-kernel that leads to a race condition in rose_connect(). The rose driver uses rose_neigh->use to represent how many objects are using the rose_neigh. When a user wants to delete a rose_route via rose_ioctl(), the rose driver calls rose_del_node() and… | ||
| CVE-2022-36035 | Hig | 0.43 | 7.7 | 0.00 | Aug 31, 2022 | Flux is a tool for keeping Kubernetes clusters in sync with sources of configuration (like Git repositories), and automating updates to configuration when there is new code to deploy. Flux CLI allows users to deploy Flux components into a Kubernetes cluster via command-line. The… | ||
| CVE-2022-37022 | — | Hig | 0.57 | 8.8 | 0.01 | Aug 31, 2022 | Apache Geode versions up to 1.12.2 and 1.13.2 are vulnerable to a deserialization of untrusted data flaw when using JMX over RMI on Java 11. Any user wishing to protect against deserialization attacks involving JMX or RMI should upgrade to Apache Geode 1.15. Use of 1.15 on Java… | |
| CVE-2022-39047 | Hig | 0.57 | 8.8 | 0.01 | Aug 31, 2022 | Freeciv before 2.6.7 and before 3.0.3 is prone to a buffer overflow vulnerability in the Modpack Installer utility's handling of the modpack URL. | ||
| CVE-2022-39046 | Hig | 0.49 | 7.5 | 0.02 | Aug 31, 2022 | An issue was discovered in the GNU C Library (glibc) 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the… | ||
| CVE-2022-27563 | Hig | 0.49 | 7.5 | 0.01 | Aug 30, 2022 | An unauthenticated user can overload a part of HCL VersionVault Express and cause a denial of service. | ||
| CVE-2022-3037 | Hig | 0.00 | 7.8 | 0.01 | Aug 30, 2022 | Use After Free in GitHub repository vim/vim prior to 9.0.0322. | ||
| CVE-2022-37173 | Hig | 0.51 | 7.8 | 0.00 | Aug 30, 2022 | An issue in the installer of gvim 9.0.0000 allows authenticated attackers to execute arbitrary code via a binary hijacking attack on C:\Program.exe. | ||
| CVE-2022-37172 | Hig | 0.51 | 7.8 | 0.00 | Aug 30, 2022 | Incorrect access control in the install directory (C:\msys64) of Msys2 v20220603 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory. | ||
| CVE-2022-36565 | Hig | 0.57 | 8.8 | 0.01 | Aug 30, 2022 | Incorrect access control in the install directory (C:\Wamp64) of Wamp v3.2.6 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory. | ||
| CVE-2022-36564 | Hig | 0.57 | 8.8 | 0.01 | Aug 30, 2022 | Incorrect access control in the install directory (C:\Strawberry) of StrawberryPerl v5.32.1.1 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory. | ||
| CVE-2022-36563 | Hig | 0.57 | 8.8 | 0.01 | Aug 30, 2022 | Incorrect access control in the install directory (C:\RailsInstaller) of Rubyinstaller2 v3.1.2 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory. | ||
| CVE-2022-36562 | Hig | 0.57 | 8.8 | 0.01 | Aug 30, 2022 | Incorrect access control in the install directory (C:\Ruby31-x64) of Rubyinstaller2 v3.1.2 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory. | ||
| CVE-2022-34375 | Hig | 0.57 | 8.8 | 0.01 | Aug 30, 2022 | Dell Container Storage Modules 1.2 contains a path traversal vulnerability in goiscsi and gobrick libraries. A remote authenticated malicious user with low privileges could exploit this vulnerability leading to unintentional access to path outside of restricted directory. | ||
| CVE-2022-34374 | Hig | 0.57 | 8.8 | 0.01 | Aug 30, 2022 | Dell Container Storage Modules 1.2 contains an OS command injection in goiscsi and gobrick libraries. A remote authenticated malicious user with low privileges could exploit this vulnerability leading to to execute arbitrary OS commands on the affected system. | ||
| CVE-2022-31232 | Hig | 0.56 | 8.6 | 0.01 | Aug 30, 2022 | SmartFabric storage software version 1.0.0 contains a Command-Injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to gain access and perform actions on the affected system. | ||
| CVE-2022-37237 | Hig | 0.49 | 7.5 | 0.01 | Aug 30, 2022 | An attacker can send malicious RTMP requests to make the ZLMediaKit server crash remotely. Affected version is below commit 7d8b212a3c3368bc2f6507cb74664fc419eb9327. | ||
| CVE-2022-36552 | Hig | 0.49 | 7.5 | 0.01 | Aug 30, 2022 | Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains an issue in the component /cgi-bin/DownloadFlash which allows attackers to steal all data such as source code and system files via a crafted GET request. | ||
| CVE-2022-39028 | Hig | 0.49 | 7.5 | 0.02 | Aug 30, 2022 | telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. In a typical installation, the telnetd application would crash but the telnet service would remain available through inetd. However,… | ||
| CVE-2022-38118 | Hig | 0.57 | 8.8 | 0.01 | Aug 30, 2022 | OAKlouds Portal website’s Meeting Room has insufficient validation for user input. A remote attacker with general user privilege can perform SQL-injection to access, modify, delete database, perform system operations and disrupt service. | ||
| CVE-2022-25857 | — | Hig | 0.42 | 7.5 | 0.02 | Aug 30, 2022 | The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections. | |
| CVE-2022-24107 | Hig | 0.51 | 7.8 | 0.00 | Aug 30, 2022 | Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc. | ||
| CVE-2022-24106 | Hig | 0.51 | 7.8 | 0.00 | Aug 30, 2022 | In Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc. | ||
| CVE-2022-38784 | Hig | 0.51 | 7.8 | 0.01 | Aug 30, 2022 | Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the… | ||
| CVE-2022-38625 | Hig | 0.57 | 8.8 | 0.00 | Aug 29, 2022 | Patlite NH-FB v1.46 and below was discovered to contain insufficient firmware validation during the upgrade firmware file upload process. This vulnerability allows authenticated attackers to create and upload their own custom-built firmware and inject malicious code. NOTE: the… | ||
| CVE-2022-37681 | Hig | 0.49 | 7.5 | 0.01 | Aug 29, 2022 | Hitachi Kokusai Electric Newtork products for monitoring system (Camera, Decoder and Encoder) and below allows attckers to perform a directory traversal via a crafted GET request to the endpoint /ptippage.cgi. Security information ID hitachi-sec-2022-001 contains fixes for the… | ||
| CVE-2022-37680 | Hig | 0.49 | 7.5 | 0.01 | Aug 29, 2022 | An improper authentication for critical function issue in Hitachi Kokusai Electric Network products for monitoring system (Camera, Decoder and Encoder) and bellow allows attckers to remotely reboot the device via a crafted POST request to the endpoint /ptipupgrade.cgi. Security… | ||
| CVE-2022-38772 | Hig | 0.63 | 8.8 | 0.78 | Aug 29, 2022 | Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution in the NMAP feature. | ||
| CVE-2022-37177 | Hig | 0.49 | 7.5 | 0.00 | Aug 29, 2022 | HireVue Hiring Platform V1.0 suffers from Use of a Broken or Risky Cryptographic Algorithm. NOTE: this is disputed by the vendor for multiple reasons, e.g., it is inconsistent with CVE ID assignment rules for cloud services, and no product with version V1.0 exists. Furthermore,… | ||
| CVE-2020-26938 | — | Hig | 0.47 | 7.2 | 0.01 | Aug 29, 2022 | In oauth2-server (aka node-oauth2-server) through 3.1.1, the value of the redirect_uri parameter received during the authorization and token request is checked against an incorrect URI pattern ("[a-zA-Z][a-zA-Z0-9+.-]+:") before making a redirection. This allows a malicious… | |
| CVE-2022-2559 | Hig | 0.47 | 7.2 | 0.01 | Aug 29, 2022 | The Fluent Support WordPress plugin before 1.5.8 does not properly sanitise, validate and escape various parameters before using them in an SQL statement, leading to an SQL Injection vulnerability exploitable by high privilege users | ||
| CVE-2022-2261 | Hig | 0.47 | 7.2 | 0.01 | Aug 29, 2022 | The WPIDE WordPress plugin before 3.0 does not sanitize and validate the filename parameter before using it in a require statement in the admin dashboard, leading to a Local File Inclusion issue. | ||
| CVE-2022-1123 | Hig | 0.47 | 7.2 | 0.01 | Aug 29, 2022 | The Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps) WordPress plugin before 3.12.5 does not properly sanitize some parameters before inserting them into SQL queries. As a result, high privilege users could perform SQL injection attacks. | ||
| CVE-2022-36034 | Hig | 0.49 | 7.5 | 0.01 | Aug 29, 2022 | nitrado.js is a type safe wrapper for the Nitrado API. Possible ReDoS with lib input of `{{` and with many repetitions of `{{|`. This issue has been patched in all versions above `0.2.5`. There are currently no known workarounds. | ||
| CVE-2022-27546 | Hig | 0.54 | 8.3 | 0.01 | Aug 29, 2022 | HCL iNotes is susceptible to a Reflected Cross-site Scripting (XSS) vulnerability caused by improper validation of user-supplied input supplied with a form POST request. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a… | ||
| CVE-2022-36200 | Hig | 0.49 | 7.5 | 0.02 | Aug 29, 2022 | In FiberHome VDSL2 Modem HG150-Ub_V3.0, Credentials of Admin are submitted in URL, which can be logged/sniffed. | ||
| CVE-2022-35962 | Hig | 0.52 | 8.0 | 0.01 | Aug 29, 2022 | Zulip is an open source team chat and Zulip Mobile is an app for iOS and Andriod users. In Zulip Mobile through version 27.189, a crafted link in a message sent by an authenticated user could lead to credential disclosure if a user follows the link. A patch was released in… | ||
| CVE-2022-2961 | Hig | 0.46 | 7.0 | 0.00 | Aug 29, 2022 | A use-after-free flaw was found in the Linux kernel’s PLP Rose functionality in the way a user triggers a race condition by calling bind while simultaneously triggering the rose_bind() function. This flaw allows a local user to crash or potentially escalate their privileges on… | ||
| CVE-2022-1199 | Hig | 0.00 | 7.5 | 0.02 | Aug 29, 2022 | A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability. | ||
| CVE-2022-1117 | Hig | 0.00 | 8.4 | 0.00 | Aug 29, 2022 | A vulnerability was found in fapolicyd. The vulnerability occurs due to an assumption on how glibc names the runtime linker, a build time regular expression may not correctly detect the runtime linker. The consequence is that the pattern detection for applications launched by… | ||
| CVE-2022-1043 | Hig | 0.03 | 8.8 | 0.04 | Aug 29, 2022 | A flaw was found in the Linux kernel’s io_uring implementation. This flaw allows an attacker with a local account to corrupt system memory, crash the system or escalate privileges. |
- risk 0.49cvss 7.5epss 0.01
AutomationDirect DirectLOGIC is vulnerable to a a specially crafted packet can be sent continuously to the PLC to prevent access from DirectSoft and other devices, causing a denial-of-service condition. This issue affects: AutomationDirect DirectLOGIC D0-06 series CPUs D0-06DD1…
- risk 0.50cvss 7.7epss 0.01
AutomationDirect DirectLOGIC is vulnerable to a specifically crafted serial message to the CPU serial port that will cause the PLC to respond with the PLC password in cleartext. This could allow an attacker to access and make unauthorized changes. This issue affects:…
- risk 0.51cvss 7.8epss 0.00
A flaw was found in the Linux kernel’s implementation of IO-URING. This flaw allows an attacker with local executable permission to create a string of requests that can cause a use-after-free flaw within the kernel. This issue leads to memory corruption and possible privilege…
- risk 0.51cvss 7.8epss 0.00
Alpha7 PC Loader (All versions) is vulnerable to a stack-based buffer overflow while processing a specifically crafted project file, which may allow an attacker to execute arbitrary code.
- risk 0.58cvss 8.8epss 0.12
A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck commands activated relevant…
- risk 0.51cvss 7.8epss 0.02
CNCSoft: All versions prior to 1.01.32 does not properly sanitize input while processing a specific project file, allowing a possible stack-based buffer overflow condition.
- risk 0.00cvss 7.5epss 0.01
A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse flag set even though JBoss EAP closes the connection. A failure occurs when the connection is reused after a 400 by CPING since it reads in…
- risk 0.58cvss 8.8epss 0.04
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to…
- risk 0.49cvss 7.5epss 0.01
A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server. This flaw exists because of an incomplete fix for CVE-2021-3629.
- risk 0.46cvss 7.0epss 0.00
An issue found in linux-kernel that leads to a race condition in rose_connect(). The rose driver uses rose_neigh->use to represent how many objects are using the rose_neigh. When a user wants to delete a rose_route via rose_ioctl(), the rose driver calls rose_del_node() and…
- risk 0.43cvss 7.7epss 0.00
Flux is a tool for keeping Kubernetes clusters in sync with sources of configuration (like Git repositories), and automating updates to configuration when there is new code to deploy. Flux CLI allows users to deploy Flux components into a Kubernetes cluster via command-line. The…
- risk 0.57cvss 8.8epss 0.01
Apache Geode versions up to 1.12.2 and 1.13.2 are vulnerable to a deserialization of untrusted data flaw when using JMX over RMI on Java 11. Any user wishing to protect against deserialization attacks involving JMX or RMI should upgrade to Apache Geode 1.15. Use of 1.15 on Java…
- risk 0.57cvss 8.8epss 0.01
Freeciv before 2.6.7 and before 3.0.3 is prone to a buffer overflow vulnerability in the Modpack Installer utility's handling of the modpack URL.
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in the GNU C Library (glibc) 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the…
- risk 0.49cvss 7.5epss 0.01
An unauthenticated user can overload a part of HCL VersionVault Express and cause a denial of service.
- risk 0.00cvss 7.8epss 0.01
Use After Free in GitHub repository vim/vim prior to 9.0.0322.
- risk 0.51cvss 7.8epss 0.00
An issue in the installer of gvim 9.0.0000 allows authenticated attackers to execute arbitrary code via a binary hijacking attack on C:\Program.exe.
- risk 0.51cvss 7.8epss 0.00
Incorrect access control in the install directory (C:\msys64) of Msys2 v20220603 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory.
- risk 0.57cvss 8.8epss 0.01
Incorrect access control in the install directory (C:\Wamp64) of Wamp v3.2.6 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory.
- risk 0.57cvss 8.8epss 0.01
Incorrect access control in the install directory (C:\Strawberry) of StrawberryPerl v5.32.1.1 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory.
- risk 0.57cvss 8.8epss 0.01
Incorrect access control in the install directory (C:\RailsInstaller) of Rubyinstaller2 v3.1.2 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory.
- risk 0.57cvss 8.8epss 0.01
Incorrect access control in the install directory (C:\Ruby31-x64) of Rubyinstaller2 v3.1.2 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory.
- risk 0.57cvss 8.8epss 0.01
Dell Container Storage Modules 1.2 contains a path traversal vulnerability in goiscsi and gobrick libraries. A remote authenticated malicious user with low privileges could exploit this vulnerability leading to unintentional access to path outside of restricted directory.
- risk 0.57cvss 8.8epss 0.01
Dell Container Storage Modules 1.2 contains an OS command injection in goiscsi and gobrick libraries. A remote authenticated malicious user with low privileges could exploit this vulnerability leading to to execute arbitrary OS commands on the affected system.
- risk 0.56cvss 8.6epss 0.01
SmartFabric storage software version 1.0.0 contains a Command-Injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to gain access and perform actions on the affected system.
- risk 0.49cvss 7.5epss 0.01
An attacker can send malicious RTMP requests to make the ZLMediaKit server crash remotely. Affected version is below commit 7d8b212a3c3368bc2f6507cb74664fc419eb9327.
- risk 0.49cvss 7.5epss 0.01
Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains an issue in the component /cgi-bin/DownloadFlash which allows attackers to steal all data such as source code and system files via a crafted GET request.
- risk 0.49cvss 7.5epss 0.02
telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. In a typical installation, the telnetd application would crash but the telnet service would remain available through inetd. However,…
- risk 0.57cvss 8.8epss 0.01
OAKlouds Portal website’s Meeting Room has insufficient validation for user input. A remote attacker with general user privilege can perform SQL-injection to access, modify, delete database, perform system operations and disrupt service.
- risk 0.42cvss 7.5epss 0.02
The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.
- risk 0.51cvss 7.8epss 0.00
Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc.
- risk 0.51cvss 7.8epss 0.00
In Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc.
- risk 0.51cvss 7.8epss 0.01
Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the…
- risk 0.57cvss 8.8epss 0.00
Patlite NH-FB v1.46 and below was discovered to contain insufficient firmware validation during the upgrade firmware file upload process. This vulnerability allows authenticated attackers to create and upload their own custom-built firmware and inject malicious code. NOTE: the…
- risk 0.49cvss 7.5epss 0.01
Hitachi Kokusai Electric Newtork products for monitoring system (Camera, Decoder and Encoder) and below allows attckers to perform a directory traversal via a crafted GET request to the endpoint /ptippage.cgi. Security information ID hitachi-sec-2022-001 contains fixes for the…
- risk 0.49cvss 7.5epss 0.01
An improper authentication for critical function issue in Hitachi Kokusai Electric Network products for monitoring system (Camera, Decoder and Encoder) and bellow allows attckers to remotely reboot the device via a crafted POST request to the endpoint /ptipupgrade.cgi. Security…
- risk 0.63cvss 8.8epss 0.78
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution in the NMAP feature.
- risk 0.49cvss 7.5epss 0.00
HireVue Hiring Platform V1.0 suffers from Use of a Broken or Risky Cryptographic Algorithm. NOTE: this is disputed by the vendor for multiple reasons, e.g., it is inconsistent with CVE ID assignment rules for cloud services, and no product with version V1.0 exists. Furthermore,…
- risk 0.47cvss 7.2epss 0.01
In oauth2-server (aka node-oauth2-server) through 3.1.1, the value of the redirect_uri parameter received during the authorization and token request is checked against an incorrect URI pattern ("[a-zA-Z][a-zA-Z0-9+.-]+:") before making a redirection. This allows a malicious…
- risk 0.47cvss 7.2epss 0.01
The Fluent Support WordPress plugin before 1.5.8 does not properly sanitise, validate and escape various parameters before using them in an SQL statement, leading to an SQL Injection vulnerability exploitable by high privilege users
- risk 0.47cvss 7.2epss 0.01
The WPIDE WordPress plugin before 3.0 does not sanitize and validate the filename parameter before using it in a require statement in the admin dashboard, leading to a Local File Inclusion issue.
- risk 0.47cvss 7.2epss 0.01
The Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps) WordPress plugin before 3.12.5 does not properly sanitize some parameters before inserting them into SQL queries. As a result, high privilege users could perform SQL injection attacks.
- risk 0.49cvss 7.5epss 0.01
nitrado.js is a type safe wrapper for the Nitrado API. Possible ReDoS with lib input of `{{` and with many repetitions of `{{|`. This issue has been patched in all versions above `0.2.5`. There are currently no known workarounds.
- risk 0.54cvss 8.3epss 0.01
HCL iNotes is susceptible to a Reflected Cross-site Scripting (XSS) vulnerability caused by improper validation of user-supplied input supplied with a form POST request. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a…
- risk 0.49cvss 7.5epss 0.02
In FiberHome VDSL2 Modem HG150-Ub_V3.0, Credentials of Admin are submitted in URL, which can be logged/sniffed.
- risk 0.52cvss 8.0epss 0.01
Zulip is an open source team chat and Zulip Mobile is an app for iOS and Andriod users. In Zulip Mobile through version 27.189, a crafted link in a message sent by an authenticated user could lead to credential disclosure if a user follows the link. A patch was released in…
- risk 0.46cvss 7.0epss 0.00
A use-after-free flaw was found in the Linux kernel’s PLP Rose functionality in the way a user triggers a race condition by calling bind while simultaneously triggering the rose_bind() function. This flaw allows a local user to crash or potentially escalate their privileges on…
- risk 0.00cvss 7.5epss 0.02
A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability.
- risk 0.00cvss 8.4epss 0.00
A vulnerability was found in fapolicyd. The vulnerability occurs due to an assumption on how glibc names the runtime linker, a build time regular expression may not correctly detect the runtime linker. The consequence is that the pattern detection for applications launched by…
- risk 0.03cvss 8.8epss 0.04
A flaw was found in the Linux kernel’s io_uring implementation. This flaw allows an attacker with a local account to corrupt system memory, crash the system or escalate privileges.