CISA Bulletins - Vulnerability Summary for the Week of November 28, 2022

  • Welcome to ITBible, we're your #1 resource for enterprise or homelab IT problems (or just a place to show off your stuff).
C

CISA

Guest
Original release date: December 5, 2022



High Vulnerabilities​

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
acer -- aspire_a315-22g_firmware​
Vulnerability in the HQSwSmiDxe DXE driver on some consumer Acer Notebook devices may allow an attacker with elevated privileges to modify UEFI Secure Boot settings by modifying an NVRAM variable.​
2022-11-28​
8.2
CVE-2022-4020
MISC
adrotate_banner_manager_project -- adrotate_banner_manager​
Cross-Site Request Forgery (CSRF) in AdRotate Banner Manager Plugin <= 5.9 on WordPress.​
2022-11-30​
8.8
CVE-2022-26366
MISC
aerocms_project -- aerocms​
AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the Search parameter. This vulnerability allows attackers to access database information.​
2022-11-29​
7.5
CVE-2022-45329
MISC
apache -- fineract​
Apache Fineract allowed an authenticated user to perform remote code execution due to a path traversal vulnerability in a file upload component of Apache Fineract, allowing an attacker to run remote code. This issue affects Apache Fineract version 1.8.0 and prior versions. We recommend users to upgrade to 1.8.1.​
2022-11-29​
8.8
CVE-2022-44635
MISC
MLIST
automotive_shop_management_system_project -- automotive_shop_management_system​
Automotive Shop Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /asms/products/view_product.php.​
2022-11-25​
7.2
CVE-2022-44858
MISC
automotive_shop_management_system_project -- automotive_shop_management_system​
Automotive Shop Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /asms/admin/products/manage_product.php.​
2022-11-25​
7.2
CVE-2022-44859
MISC
automotive_shop_management_system_project -- automotive_shop_management_system​
Automotive Shop Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/transactions/update_status.php.​
2022-11-25​
7.2
CVE-2022-44860
MISC
avs4you -- avs_audio_converter​
AVS Audio Converter 10.3 is vulnerable to Buffer Overflow.​
2022-11-28​
9.8
CVE-2022-44283
MISC
belden -- hirschmann_bat-c2_firmware​
The web server of Hirschmann BAT-C2 before 09.13.01.00R04 allows authenticated command injection. This allows an authenticated attacker to pass commands to the shell of the system because the dir parameter of the FsCreateDir Ajax function is not sufficiently sanitized. The vendor's ID is BSECV-2022-21.​
2022-11-25​
8.8
CVE-2022-40282
MISC
FULLDISC
MISC
book_store_management_system_project -- book_store_management_system​
A vulnerability classified as critical was found in SourceCodester Book Store Management System 1.0. This vulnerability affects unknown code of the file /bsms_ci/index.php. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214588.​
2022-11-30​
9.8
CVE-2022-4229
MISC
MISC
book_store_management_system_project -- book_store_management_system​
Book Store Management System v1.0 was discovered to contain hardcoded credentials which allows attackers to escalate privileges and access the admin panel.​
2022-11-30​
9.8
CVE-2022-44097
MISC
book_store_management_system_project -- book_store_management_system​
A vulnerability classified as problematic has been found in SourceCodester Book Store Management System 1.0. This affects an unknown part of the file /bsms_ci/index.php/user/edit_user/. The manipulation of the argument password leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-214587.​
2022-11-30​
7.5
CVE-2022-4228
MISC
MISC
botan_project -- botan​
In Botan before 2.19.3, it is possible to forge OCSP responses due to a certificate verification error. This issue was introduced in Botan 1.11.34 (November 2016).​
2022-11-27​
9.1
CVE-2022-43705
MISC
CONFIRM
canteen_management_system_project -- canteen_management_system​
A vulnerability was found in SourceCodester Canteen Management System. It has been rated as critical. This issue affects the function query of the file ajax_invoice.php of the component POST Request Handler. The manipulation of the argument search leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-214523.​
2022-11-30​
9.8
CVE-2022-4222
MISC
MISC
church_management_system_project -- church_management_system​
Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_members.php.​
2022-11-30​
7.2
CVE-2022-45328
MISC
contec -- solarview_compact_firmware​
SolarView Compact 4.0 and 5.0 is vulnerable to Unrestricted File Upload via a crafted php file.​
2022-11-29​
9.8
CVE-2022-44354
MISC
decode-uri-component_project -- decode-uri-component​
decode-uri-component 0.2.0 is vulnerable to Improper Input Validation resulting in DoS.​
2022-11-28​
7.5
CVE-2022-38900
MISC
MISC
discourse -- discourse_bbcode​
discourse-bbcode is the official BBCode plugin for Discourse. Prior to commit 91478f5, CSS injection can occur when rendering content generated with the discourse-bccode plugin. This vulnerability only affects sites which have the discourse-bbcode plugin installed and enabled. This issue is patched in commit 91478f5. As a workaround, ensure that the Content Security Policy is enabled and monitor any posts that contain bbcode.​
2022-11-30​
9.8
CVE-2022-46162
MISC
CONFIRM
dlink -- dnr-322l_firmware​
Data Integrity Failure in 'Backup Config' in D-Link DNR-322L <= 2.60B15 allows an authenticated attacker to execute OS level commands on the device.​
2022-11-29​
8.8
CVE-2022-40799
MISC
drachtio -- drachtio-server​
drachtio-server 0.8.18 has a heap-based buffer over-read via a long Request-URI in an INVITE request.​
2022-11-26​
9.1
CVE-2022-45909
MISC
dwbooster -- appointment_hour_booking​
The Appointment Hour Booking Plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.3.72. This makes it possible for unauthenticated attackers to embed untrusted input into content during booking creation that may be exported as a CSV file when a site's administrator exports booking details. This can result in code execution when these files are downloaded and opened on a local system with a vulnerable configuration.​
2022-11-29​
7.8
CVE-2022-4034
MISC
MISC
epson -- tm-c3500_firmware​
The WebConfig functionality of Epson TM-C3500 and TM-C7500 devices with firmware version WAM31500 allows authentication bypass.​
2022-11-25​
9.1
CVE-2022-36133
MISC
MISC
etm-s -- ondiskplayeragent​
Remote code execution vulnerability due to insufficient verification of URLs, etc. in OndiskPlayerAgent. A remote attacker could exploit the vulnerability to cause remote code execution by causing an arbitrary user to download and execute malicious code.​
2022-11-25​
7.8
CVE-2022-41156
MISC
event_registration_system_project -- event_registration_system​
A vulnerability, which was classified as critical, was found in SourceCodester Event Registration System 1.0. Affected is an unknown function. The manipulation of the argument cmd leads to unrestricted upload. It is possible to launch the attack remotely. VDB-214590 is the identifier assigned to this vulnerability.​
2022-11-30​
9.8
CVE-2022-4232
MISC
eyoom -- eyoom_builder​
Remote code execution vulnerability can be achieved by using cookie values as paths to a file by this builder program. A remote attacker could exploit the vulnerability to execute or inject malicious code.​
2022-11-25​
9.8
CVE-2022-41158
MISC
f-secure -- elements_endpoint_protection​
In F-Secure Endpoint Protection for Windows and macOS before channel with Capricorn database 2022-11-22_07, the aerdl.dll unpacker handler crashes. This can lead to a scanning engine crash, triggerable remotely by an attacker for denial of service.​
2022-11-25​
7.5
CVE-2022-38166
MISC
festo -- multiple_products
In multiple products by Festo a remote unauthenticated attacker could use functions of an undocumented protocol which could lead to a complete loss of confidentiality, integrity and availability.​
2022-12-01​
9.8
CVE-2022-3270
MISC
ff4j -- ff4j​
ff4j 1.8.1 is vulnerable to Remote Code Execution (RCE).​
2022-12-01​
9.8
CVE-2022-44262
MISC
freeamigos -- manage_notification_e-mails​
Cross-Site Request Forgery (CSRF) in Virgial Berveling's Manage Notification E-mails plugin <= 1.8.2 on WordPress.​
2022-11-28​
8.8
CVE-2022-34654
MISC
fusionauth -- fusionauth​
FusionAuth before 1.41.3 allows a file outside of the application root to be viewed or retrieved using an HTTP request. To be specific, an attacker may be able to view or retrieve any file readable by the user running the FusionAuth process.​
2022-11-28​
7.5
CVE-2022-45921
MISC
MISC
gnu -- emacs​
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags *" command (suggested in the ctags documentation) in a situation where the current working directory has contents that depend on untrusted input.​
2022-11-28​
7.8
CVE-2022-45939
MISC
gnu -- libredwg​
LibreDWG v0.12.4.4643 was discovered to contain a heap buffer overflow via the function decode_preR13_section_hdr at decode_r11.c.​
2022-11-30​
7.8
CVE-2022-45332
MISC
google -- chrome​
Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)​
2022-11-25​
9.6
CVE-2022-4135
MISC
MISC
google -- chrome​
Type confusion in V8 in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)​
2022-11-30​
8.8
CVE-2022-4174
MISC
MISC
google -- chrome​
Use after free in Camera Capture in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)​
2022-11-30​
8.8
CVE-2022-4175
MISC
MISC
google -- chrome​
Out of bounds write in Lacros Graphics in Google Chrome on Chrome OS and Lacros prior to 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interactions. (Chromium security severity: High)​
2022-11-30​
8.8
CVE-2022-4176
MISC
MISC
google -- chrome​
Use after free in Extensions in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install an extension to potentially exploit heap corruption via a crafted Chrome Extension and UI interaction. (Chromium security severity: High)​
2022-11-30​
8.8
CVE-2022-4177
MISC
MISC
google -- chrome​
Use after free in Mojo in Google Chrome prior to 108.0.5359.71 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)​
2022-11-30​
8.8
CVE-2022-4178
MISC
MISC
google -- chrome​
Use after free in Audio in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)​
2022-11-30​
8.8
CVE-2022-4179
MISC
MISC
google -- chrome​
Use after free in Mojo in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)​
2022-11-30​
8.8
CVE-2022-4180
MISC
MISC
google -- chrome​
Use after free in Forms in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)​
2022-11-30​
8.8
CVE-2022-4181
MISC
MISC
google -- chrome​
Insufficient data validation in Directory in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. (Chromium security severity: Medium)​
2022-11-30​
8.8
CVE-2022-4190
MISC
MISC
google -- chrome​
Use after free in Sign-In in Google Chrome prior to 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via profile destruction. (Chromium security severity: Medium)​
2022-11-30​
8.8
CVE-2022-4191
MISC
MISC
google -- chrome​
Use after free in Live Caption in Google Chrome prior to 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via UI interaction. (Chromium security severity: Medium)​
2022-11-30​
8.8
CVE-2022-4192
MISC
MISC
google -- chrome​
Insufficient policy enforcement in File System API in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. (Chromium security severity: Medium)​
2022-11-30​
8.8
CVE-2022-4193
MISC
MISC
google -- chrome​
Use after free in Accessibility in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)​
2022-11-30​
8.8
CVE-2022-4194
MISC
MISC
gpac -- gpac​
A vulnerability, which was classified as problematic, was found in GPAC 2.1-DEV-rev490-g68064e101-master. Affected is the function lsr_translate_coords of the file laser/lsr_dec.c. The manipulation leads to integer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-214518 is the identifier assigned to this vulnerability.​
2022-11-29​
8.8
CVE-2022-4202
N/A
N/A
gpac -- gpac​
GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to contain a stack overflow via the function dimC_box_read at isomedia/box_code_3gpp.c.​
2022-11-29​
7.8
CVE-2022-45202
MISC
gpac -- gpac​
GPAC v2.1-DEV-rev478-g696e6f868-master was discovered to contain a heap use-after-free via the Q_IsTypeOn function at /gpac/src/bifs/unquantize.c.​
2022-11-29​
7.8
CVE-2022-45343
MISC
ibericode -- html_forms​
The HTML Forms WordPress plugin before 1.3.25 does not properly properly escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users​
2022-11-28​
7.2
CVE-2022-3689
MISC
jeecg -- jeecg_boot​
Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/duplicate/check.​
2022-11-25​
9.8
CVE-2022-45206
MISC
MISC
jeecg -- jeecg_boot​
Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component updateNullByEmptyString.​
2022-11-25​
9.8
CVE-2022-45207
MISC
MISC
kakaocorp -- potplayer​
A vulnerability classified as problematic has been found in Kakao PotPlayer. This affects an unknown part of the component MID File Handler. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-214623.​
2022-12-01​
7.5
CVE-2022-4246
N/A
N/A
N/A
kubeview_project -- kubeview​
KubeView through 0.1.31 allows attackers to obtain control of a Kubernetes cluster because api/scrape/kube-system does not require authentication, and retrieves certificate files that can be used for authentication as kube-admin. NOTE: the vendor's position is that KubeView was a "fun side project and a learning exercise," and not "very secure."​
2022-11-27​
9.8
CVE-2022-45933
MISC
linecorp -- line​
LINE client for iOS before 12.17.0 might be crashed by sharing an invalid shared key of e2ee in group chat.​
2022-11-29​
7.5
CVE-2022-41568
MISC
linux -- linux_kernel​
An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets.​
2022-11-27​
7.8
CVE-2022-45934
MISC
linux -- linux_kernel​
An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops.​
2022-11-25​
7
CVE-2022-45884
MISC
MISC
linux -- linux_kernel​
An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a use-after-free when a device is disconnected.​
2022-11-25​
7
CVE-2022-45885
MISC
MISC
linux -- linux_kernel​
An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free.​
2022-11-25​
7
CVE-2022-45886
MISC
MISC
linux -- linux_kernel​
An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event.​
2022-11-27​
7
CVE-2022-45919
MISC
linuxfoundation -- opendaylight​
A SQL injection issue was discovered in AAA in OpenDaylight (ODL) before 0.16.5. The aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/DomainStore.java deleteDomain function is affected for the /auth/v1/domains/ API interface.​
2022-11-27​
7.5
CVE-2022-45930
MISC
MISC
linuxfoundation -- opendaylight​
A SQL injection issue was discovered in AAA in OpenDaylight (ODL) before 0.16.5. The aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/UserStore.java deleteUser function is affected when the API interface /auth/v1/users/ is used.​
2022-11-27​
7.5
CVE-2022-45931
MISC
MISC
linuxfoundation -- opendaylight​
A SQL injection issue was discovered in AAA in OpenDaylight (ODL) before 0.16.5. The aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/RoleStore.java deleteRole function is affected when the API interface /auth/v1/roles/ is used.​
2022-11-27​
7.5
CVE-2022-45932
MISC
MISC
linuxfoundation -- pytorch​
In PyTorch before trunk/89695, torch.jit.annotations.parse_type_line can cause arbitrary code execution because eval is used unsafely.​
2022-11-26​
9.8
CVE-2022-45907
MISC
MISC
mitsubishielectric -- gx_works3​
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions allows a remote unauthenticated attacker to disclose or tamper with sensitive information. As a result, unauthorized users may obtain information about project files illegally.​
2022-11-25​
9.1
CVE-2022-29830
MISC
MISC
mitsubishielectric -- gx_works3​
Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GX Works3 all versions and Mitsubishi Electric MX OPC UA Module Configurator-R all versions allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthorized users can gain unauthorized access to the CPU module and the OPC UA server module.​
2022-11-25​
7.5
CVE-2022-25164
MISC
MISC
mitsubishielectric -- gx_works3​
Use of Hard-coded Password vulnerability in Mitsubishi Electric GX Works3 all versions allows an unauthenticated attacker to disclose sensitive information. As a result, unauthorized users may view or execute programs illegally.​
2022-11-25​
7.5
CVE-2022-29825
MISC
MISC
mitsubishielectric -- gx_works3​
Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GX Works3 versions 1.086Q and prior allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthorized users may view or execute programs illegally.​
2022-11-25​
7.5
CVE-2022-29826
MISC
MISC
mitsubishielectric -- gx_works3​
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthorized users may view or execute programs illegally.​
2022-11-25​
7.5
CVE-2022-29827
MISC
MISC
mitsubishielectric -- gx_works3​
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthorized users may view or execute programs illegally.​
2022-11-25​
7.5
CVE-2022-29828
MISC
MISC
mitsubishielectric -- gx_works3​
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions allows a remote unauthenticated attacker to disclose sensitive information . As a result, unauthorized users may view or execute programs illegally.​
2022-11-25​
7.5
CVE-2022-29829
MISC
MISC
mitsubishielectric -- gx_works3​
Use of Hard-coded Password vulnerability in Mitsubishi Electric Corporation GX Works3 versions 1.015R and later allows a remote unauthorized attacker to obtain information about the project file for MELSEC safety CPU modules.​
2022-11-25​
7.5
CVE-2022-29831
MISC
MISC
moodle -- moodle​
A blind Server-Side Request Forgery (SSRF) vulnerability was found in Moodle. This flaw exists due to insufficient validation of user-supplied input in LTI provider library. The library does not utilise Moodle's inbuilt cURL helper, which resulted in a blind SSRF risk. An attacker can send a specially crafted HTTP request and trick the application to initiate requests to arbitrary systems. This vulnerability allows a remote attacker to perform SSRF attacks.​
2022-11-25​
9.1
CVE-2022-45152
MISC
MISC
MISC
movie_ticket_booking_system_project -- movie_ticket_booking_system​
A vulnerability classified as critical was found in Movie Ticket Booking System. This vulnerability affects unknown code of the file booking.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214624.​
2022-12-01​
9.8
CVE-2022-4247
N/A
N/A
movie_ticket_booking_system_project -- movie_ticket_booking_system​
A vulnerability, which was classified as critical, has been found in Movie Ticket Booking System. This issue affects some unknown processing of the file editBooking.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-214625 was assigned to this vulnerability.​
2022-12-01​
9.8
CVE-2022-4248
N/A
N/A
moxa -- uc-2101-lx_firmware​
UC-8100A-ME-T System Image: Versions v1.0 to v1.6, UC-2100 System Image: Versions v1.0 to v1.12, UC-2100-W System Image: Versions v1.0 to v 1.12, UC-3100 System Image: Versions v1.0 to v1.6, UC-5100 System Image: Versions v1.0 to v1.4, UC-8100 System Image: Versions v3.0 to v3.5, UC-8100-ME-T System Image: Versions v3.0 and v3.1, UC-8100A-ME-T System Image: Versions v1.0 to v1.6, UC-8200 System Image: v1.0 to v1.5, AIG-300 System Image: v1.0 to v1.4, UC-8410A with Debian 9 System Image: Versions v4.0.2 and v4.1.2, UC-8580 with Debian 9 System Image: Versions v2.0 and v2.1, UC-8540 with Debian 9 System Image: Versions v2.0 and v2.1, and DA-662C-16-LX (GLB) System Image: Versions v1.0.2 to v1.1.2 of Moxa's ARM-based computers have an execution with unnecessary privileges vulnerability, which could allow an attacker with user-level privileges to gain root privileges.​
2022-11-28​
7.8
CVE-2022-3088
MISC
msi -- center​
An issue in the component MSI.TerminalServer.exe of MSI Center v1.0.41.0 allows attackers to escalate privileges via a crafted TCP packet.​
2022-11-28​
8.8
CVE-2022-31877
MISC
MISC
muhammara_project -- muhammara​
Muhammara is a node module with c/cpp bindings to modify PDF with JavaScript for node or electron. The package muhammara before 2.6.2 and from 3.0.0 and before 3.3.0, as well as all versions of muhammara's predecessor package hummus, are vulnerable to Denial of Service (DoS) when supplied with a maliciously crafted PDF file to be parsed. The issue has been patched in muhammara version 3.4.0 and the fix has been backported to version 2.6.2. As a workaround, do not process files from untrusted sources. If using hummus, replace the package with muhammara.​
2022-11-28​
7.5
CVE-2022-41957
MISC
CONFIRM
MISC
octopus -- octopus_server​
In affected versions of Octopus Server it is possible for target discovery to print certain values marked as sensitive to log files in plaint-text in when verbose logging is enabled.​
2022-11-25​
7.5
CVE-2022-2721
MISC
online-shopping-system-advanced_project -- online-shopping-system-advanced​
Online-shopping-system-advanced 1.0 was discovered to contain a SQL injection vulnerability via the p parameter at /shopping/product.php.​
2022-11-29​
9.8
CVE-2022-42109
MISC
MISC
online_tours_\&travels_management_system_project -- online_tours\&_travels_management_system​
Online Tours & Travels Management System v1.0 contains an arbitrary file upload vulnerability via /tour/admin/file.php.​
2022-11-28​
9.8
CVE-2022-44401
MISC
op-tee -- op-tee_os​
OP-TEE Trusted OS is the secure side implementation of OP-TEE project, a Trusted Execution Environment. Versions prior to 3.19.0, contain an Improper Validation of Array Index vulnerability. The function cleanup_shm_refs() is called by both entry_invoke_command() and entry_open_session(). The commands OPTEE_MSG_CMD_OPEN_SESSION and OPTEE_MSG_CMD_INVOKE_COMMAND can be executed from the normal world via an OP-TEE SMC. This function is not validating the num_params argument, which is only limited to OPTEE_MSG_MAX_NUM_PARAMS (127) in the function get_cmd_buffer(). Therefore, an attacker in the normal world can craft an SMC call that will cause out-of-bounds reading in cleanup_shm_refs and potentially freeing of fake-objects in the function mobj_put(). A normal-world attacker with permission to execute SMC instructions may exploit this flaw. Maintainers believe this problem permits local privilege escalation from the normal world to the secure world. Version 3.19.0 contains a fix for this issue. There are no known workarounds.​
2022-11-29​
8.8
CVE-2022-46152
MISC
MISC
MISC
CONFIRM
orchardcore -- orchard_cms​
Orchardproject Orchard CMS 1.10.3 is vulnerable to Cross Site Scripting (XSS). When a low privileged user such as an author or publisher, injects a crafted html and javascript payload in a blog post, leading to full admin account takeover or privilege escalation when the malicious blog post is loaded in the victim's browser.​
2022-11-25​
9
CVE-2022-37720
MISC
MISC
MISC
owncast_project -- owncast​
SQL Injection in GitHub repository owncast/owncast prior to 0.0.13.​
2022-11-29​
9.8
CVE-2022-3751
CONFIRM
MISC
paddlepaddle -- paddlepaddle​
In PaddlePaddle before 2.4, paddle.audio.functional.get_window is vulnerable to code injection because it calls eval on a user-supplied winstr. This may lead to arbitrary code execution.​
2022-11-26​
9.8
CVE-2022-45908
MISC
MISC
perfsonar -- perfsonar​
An issue in the graphData.cgi component of perfSONAR v4.4.5 and prior allows attackers to access sensitive data and execute Server-Side Request Forgery (SSRF) attacks.​
2022-11-30​
8.6
CVE-2022-41412
MISC
MISC
phpgurukul_blood_donor_management_system_project -- phpgurukul_blood_donor_management_system​
PHPGurukul Blood Donor Management System 1.0 does not properly restrict access to admin/dashboard.php, which allows attackers to access all data of users, delete the users, add and manage Blood Group, and Submit Report.​
2022-11-25​
8.1
CVE-2022-38813
MISC
MISC
MISC
MISC
piwebsolution -- export_customers_list_csv_for_woocommerce​
The Export customers list csv for WooCommerce, WordPress users csv, export Guest customer list WordPress plugin before 2.0.69 does not validate data when outputting it back in a CSV file, which could lead to CSV injection.​
2022-11-28​
9.8
CVE-2022-3603
MISC
poultry_farm_management_system_project -- poultry_farm_management_system​
Poultry Farm Management System v1.0 contains a SQL injection vulnerability via the del parameter at /Redcock-Farm/farm/category.php.​
2022-11-28​
9.8
CVE-2022-44399
MISC
prometheus -- exporter_toolkit​
Prometheus Exporter Toolkit is a utility package to build exporters. Prior to versions 0.7.2 and 0.8.2, i someone has access to a Prometheus web.yml file and users' bcrypted passwords, they can bypass security by poisoning the built-in authentication cache. Versions 0.7.2 and 0.8.2 contain a fix for the issue. There is no workaround, but attacker must have access to the hashed password to use this functionality.​
2022-11-29​
8.8
CVE-2022-46146
CONFIRM
MISC
MLIST
MLIST
MLIST
purchase_order_management_system_project -- purchase_order_management_system​
Purchase Order Management System v1.0 contains a file upload vulnerability via /purchase_order/admin/?page=system_info.​
2022-11-28​
9.8
CVE-2022-44400
MISC
pyrocms -- pyrocms​
PyroCMS 3.9 is vulnerable to a stored Cross Site Scripting (XSS_ when a low privileged user such as an author, injects a crafted html and javascript payload in a blog post, leading to full admin account takeover or privilege escalation.​
2022-11-25​
9
CVE-2022-37721
MISC
MISC
qs_project -- qs​
qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that is used to visit the application, such as a[proto]=b&a[proto]&a[length]=100000000. The fix was backported to qs 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, and 6.2.4 (and therefore Express 4.17.3, which has "deps: [email protected]" in its release description, is not vulnerable).​
2022-11-26​
7.5
CVE-2022-24999
MISC
CONFIRM
CONFIRM
raidenmaild -- raidenmaild​
A remote attacker with general user privilege can inject malicious code in the form content of Raiden MAILD Mail Server website. Other users export form content as CSV file can trigger arbitrary code execution and allow the attacker to perform arbitrary system operation or disrupt service on the user side.​
2022-11-29​
8
CVE-2022-41675
MISC
russound -- xsourceplayer_777d_firmware​
Russound XSourcePlayer 777D v06.08.03 was discovered to contain a remote code execution vulnerability via the scriptRunner.cgi component.​
2022-11-29​
9.8
CVE-2022-44038
MISC
saml_project -- saml​
The crewjam/saml go library prior to version 0.4.9 is vulnerable to an authentication bypass when processing SAML responses containing multiple Assertion elements. This issue has been corrected in version 0.4.9. There are no workarounds other than upgrading to a fixed version.​
2022-11-28​
9.8
CVE-2022-41912
MISC
CONFIRM
samtools -- htsjdk​
The package com.github.samtools:htsjdk before 3.0.1 are vulnerable to Creation of Temporary File in Directory with Insecure Permissions due to the createTempDir() function in util/IOUtil.java not checking for the existence of the temporary directory before attempting to create it.​
2022-11-29​
7.8
CVE-2022-21126
MISC
MISC
MISC
sanitization_management_system_project -- sanitization_management_system​
Sanitization Management System v1.0 was discovered to contain hardcoded credentials which allows attackers to escalate privileges and access the admin panel.​
2022-11-30​
9.8
CVE-2022-44096
MISC
sanitization_management_system_project -- sanitization_management_system​
Simple Inventory Management System v1.0 is vulnerable to SQL Injection via /ims/login.php.​
2022-11-30​
9.8
CVE-2022-44151
MISC
sanitization_management_system_project -- sanitization_management_system​
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/classes/Master.php?f=delete_product.​
2022-12-02​
7.2
CVE-2022-44277
MISC
sanitization_management_system_project -- sanitization_management_system​
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/?page=services/manage_service&id=.​
2022-11-30​
7.2
CVE-2022-44294
MISC
sanitization_management_system_project -- sanitization_management_system​
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/orders/assign_team.php?id=.​
2022-11-30​
7.2
CVE-2022-44295
MISC
sanitization_management_system_project -- sanitization_management_system​
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/quotes/manage_remark.php?id=.​
2022-11-30​
7.2
CVE-2022-44296
MISC
sanitization_management_system_project -- sanitization_management_system​
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/?page=quotes/view_quote&id=.​
2022-12-02​
7.2
CVE-2022-44345
MISC
sanitization_management_system_project -- sanitization_management_system​
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/?page=inquiries/view_inquiry&id=.​
2022-12-02​
7.2
CVE-2022-44347
MISC
sanitization_management_system_project -- sanitization_management_system​
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/orders/update_status.php?id=.​
2022-12-02​
7.2
CVE-2022-44348
MISC
sapido -- br270n_firmware​
A vulnerability was found in Sapido BR270n, BRC76n, GR297 and RB1732 and classified as critical. Affected by this issue is some unknown functionality of the file ip/syscmd.htm. The manipulation leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214592.​
2022-11-30​
8.8
CVE-2021-4242
MISC
MISC
MISC
school_management_system_project -- school_management_system​
SQL injection in School Management System 1.0 allows remote attackers to modify or delete data, causing persistent changes to the application's content or behavior by using malicious SQL queries.​
2022-11-28​
9.8
CVE-2022-36193
MISC
MISC
simple-press -- simple\​
The Simple:press plugin for WordPress is vulnerable to Path Traversal in versions up to, and including, 6.8 via the 'file' parameter which can be manipulated during user avatar deletion. This makes it possible with attackers, with minimal permissions such as a subscriber, to supply paths to arbitrary files on the server that will subsequently be deleted. This can be used to delete the wp-config.php file that can allow an attacker to configure the site and achieve remote code execution.​
2022-11-29​
8.1
CVE-2022-4030
MISC
MISC
sinatrarb -- sinatra​
Sinatra is a domain-specific language for creating web applications in Ruby. An issue was discovered in Sinatra 2.0 before 2.2.3 and 3.0 before 3.0.4. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a response when the filename is derived from user-supplied input. Version 2.2.3 and 3.0.4 contain patches for this issue.​
2022-11-28​
8.8
CVE-2022-45442
MISC
MISC
CONFIRM
MISC
snyk -- snyk_security​
The package snyk before 1.1064.0 are vulnerable to Code Injection when analyzing a project. An attacker who can convince a user to scan a malicious project can include commands in a build file such as build.gradle or gradle-wrapper.jar, which will be executed with the privileges of the application. This vulnerability may be triggered when running the the CLI tool directly, or when running a scan with one of the IDE plugins that invoke the Snyk CLI. Successful exploitation of this issue would likely require some level of social engineering - to coerce an untrusted project to be downloaded and analyzed via the Snyk CLI or opened in an IDE where a Snyk IDE plugin is installed and enabled. Additionally, if the IDE has a Trust feature then the target folder must be marked as ‘trusted’ in order to be vulnerable. NOTE: This issue is independent of the one reported in CVE-2022-40764, and upgrading to a fixed version for this addresses that issue as well. The affected IDE plugins and versions are: - VS Code - Affected: <=1.8.0, Fixed: 1.9.0 - IntelliJ - Affected: <=2.4.47, Fixed: 2.4.48 - Visual Studio - Affected: <=1.1.30, Fixed: 1.1.31 - Eclipse - Affected: <=v20221115.132308, Fixed: All subsequent versions - Language Server - Affected: <=v20221109.114426, Fixed: All subsequent versions​
2022-11-30​
8.8
CVE-2022-24441
MISC
MISC
MISC
MISC
MISC
MISC
MISC
solarwinds -- orion_platform​
SolarWinds Platform was susceptible to Improper Input Validation. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to escalate user privileges.​
2022-11-29​
8.8
CVE-2022-36960
MISC
MISC
solarwinds -- orion_platform​
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to execute arbitrary commands.​
2022-11-29​
8.8
CVE-2022-36964
MISC
MISC
solarwinds -- orion_platform​
SolarWinds Platform was susceptible to Command Injection. This vulnerability allows a remote adversary with complete control over the SolarWinds database to execute arbitrary commands.​
2022-11-29​
7.2
CVE-2022-36962
MISC
MISC
sophos -- xg_firewall_firmware​
A stored XSS vulnerability allows admin to super-admin privilege escalation in the Webadmin import group wizard of Sophos Firewall older than version 19.5 GA.​
2022-12-01​
8.4
CVE-2022-3709
CONFIRM
spatie -- browsershot​
Browsershot version 3.57.2 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate the URL protocol passed to the Browsershot::url method.​
2022-11-25​
8.2
CVE-2022-41706
MISC
MISC
squirrly -- seo_plugin_by_squirrly_seo​
Auth. (contributor+) Arbitrary File Upload in SEO Plugin by Squirrly SEO plugin <= 12.1.10 on WordPress.​
2022-11-28​
8.8
CVE-2022-38140
MISC
static-dev-server_project -- static-dev-server​
This affects all versions of package static-dev-server. This is because when paths from users to the root directory are joined, the assets for the path accessed are relative to that of the root directory.​
2022-11-29​
7.5
CVE-2022-25848
MISC
MISC
super_xray_project -- super_xray​
super-xray is a web vulnerability scanning tool. Versions prior to 0.7 assumed trusted input for the program config which is stored in a yaml file. An attacker with local access to the file could exploit this and compromise the program. This issue has been addressed in commit 4d0d5966 and will be included in future releases. Users are advised to upgrade. There are no known workarounds for this issue.​
2022-11-25​
7.8
CVE-2022-41958
MISC
CONFIRM
sz-fujia -- ourphoto​
The user_id and device_id on the Ourphoto App version 1.4.1 /device/* end-points both suffer from insecure direct object reference vulnerabilities. Other end-users user_id and device_id values can be enumerated by incrementing or decrementing id numbers. The impact of this vulnerability allows an attacker to discover sensitive information such as end-user email addresses, and their unique frame_token value of all other Ourphoto App end-users.​
2022-11-28​
7.5
CVE-2022-24187
MISC
MISC
sz-fujia -- ourphoto​
The /device/signin end-point for the Ourphoto App version 1.4.1 discloses clear-text password information for functionality within the picture frame devices. The deviceVideoCallPassword and mqttPassword are returned in clear-text. The lack of sessions management and presence of insecure direct object references allows to return password information for other end-users devices. Many of the picture frame devices offer video calling, and it is likely this information can be used to abuse that functionality.​
2022-11-28​
7.5
CVE-2022-24188
MISC
sz-fujia -- ourphoto​
The /device/acceptBind end-point for Ourphoto App version 1.4.1 does not require authentication or authorization. The user_token header is not implemented or present on this end-point. An attacker can send a request to bind their account to any users picture frame, then send a POST request to accept their own bind request, without the end-users approval or interaction.​
2022-11-28​
7.5
CVE-2022-24190
MISC
telos -- alliance_omnia_mpx_node_firmware​
An Insecure Direct Object Reference (IDOR) vulnerability in the password reset function of Telos Alliance Omnia MPX Node 1.0.0-1.4.[*] allows attackers to arbitrarily change user and Administrator account passwords.​
2022-11-29​
7.5
CVE-2022-43326
MISC
tenda -- tx9_pro_firmware​
Tenda TX9 Pro v22.03.02.10 was discovered to contain a stack overflow via the list parameter at /goform/SetIpMacBind.​
2022-11-30​
7.5
CVE-2022-45337
MISC
themehigh -- checkout_field_editor_for_woocommerce​
The Checkout Field Editor (Checkout Manager) for WooCommerce WordPress plugin before 1.8.0 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present​
2022-11-28​
7.2
CVE-2022-3490
MISC
thinkcmf -- thinkcmf​
ThinkCMF version 6.0.7 is affected by a Cross Site Request Forgery (CSRF) vulnerability that allows a Super Administrator user to be injected into administrative users.​
2022-12-01​
8.8
CVE-2022-40489
MISC
tiny_file_manager_project -- tiny_file_manager​
Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to execute arbitrary code remotely on the server. This is possible because the application is vulnerable to CSRF, processes uploaded files server-side (instead of just returning them for download), and allows unauthenticated users to access uploaded files.​
2022-11-25​
8.8
CVE-2022-23044
MISC
MISC
tiny_file_manager_project -- tiny_file_manager​
Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to execute arbitrary code remotely on the server. This is possible because the application is vulnerable to CSRF, processes uploaded files server-side (instead of just returning them for download), and allows unauthenticated users to access uploaded files.​
2022-11-25​
8.8
CVE-2022-45475
MISC
MISC
tiny_file_manager_project -- tiny_file_manager​
Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to execute arbitrary code remotely on the server. This is possible because the application is vulnerable to CSRF, processes uploaded files server-side (instead of just returning them for download), and allows unauthenticated users to access uploaded files.​
2022-11-25​
8.8
CVE-2022-45476
MISC
MISC
totolink -- a7100ru_firmware​
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the port parameter in the setting/setOpenVpnClientCfg function.​
2022-11-25​
9.8
CVE-2022-44843
MISC
totolink -- a7100ru_firmware​
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the pass parameter in the setting/setOpenVpnCfg function.​
2022-11-25​
9.8
CVE-2022-44844
MISC
tribalsystems -- zenario​
Zenario CMS 9.3.57186 is vulnerable to Remote Code Excution (RCE).​
2022-11-30​
9.8
CVE-2022-44136
MISC
uatech -- badaso​
Badaso version 2.6.3 allows an unauthenticated remote attacker to execute arbitrary code remotely on the server. This is possible because the application does not properly validate the data uploaded by users.​
2022-11-25​
9.8
CVE-2022-41705
MISC
MISC
ujsoftware -- owm_weather​
The OWM Weather WordPress plugin before 5.6.9 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as contributor​
2022-11-28​
8.8
CVE-2022-3769
MISC
MISC
ultimatemember -- ultimate_member​
The Ultimate Member plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 2.5.0 via the get_option_value_from_callback function that accepts user supplied input and passes it through call_user_func(). This makes it possible for authenticated attackers, with administrative capabilities, to execute code on the server.​
2022-11-29​
7.2
CVE-2022-3383
MISC
MISC
MISC
MISC
ultimatemember -- ultimate_member​
The Ultimate Member plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 2.5.0 via the populate_dropdown_options function that accepts user supplied input and passes it through call_user_func(). This is restricted to non-parameter PHP functions like phpinfo(); since user supplied parameters are not passed through the function. This makes it possible for authenticated attackers, with administrative privileges, to execute code on the server.​
2022-11-29​
7.2
CVE-2022-3384
MISC
MISC
MISC
MISC
velneo -- vclient​
Velneo vClient on its 28.1.3 version, could allow an attacker with knowledge of the victims's username and hashed password to spoof the victim's id against the server.​
2022-11-28​
7.4
CVE-2021-45036
CONFIRM
MISC
MISC
MISC
MISC
MISC
MISC
vim -- vim​
Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command.​
2022-11-25​
7.8
CVE-2022-4141
CONFIRM
MISC
wavlink -- wl-wn531g3_firmware​
WAVLINK Quantum D4G (WL-WN531G3) running firmware versions M31G3.V5030.201204 and M31G3.V5030.200325 has an access control issue which allows unauthenticated attackers to download configuration data and log files.​
2022-11-29​
7.5
CVE-2022-44356
MISC
wbce -- wbce_cms​
An arbitrary file upload vulnerability in the Server Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary code via a crafted PHP file.​
2022-11-25​
7.2
CVE-2022-45039
MISC
web_based_quiz_system_project -- web_based_quiz_system​
Web Based Quiz System v1.0 transmits user passwords in plaintext during the authentication process, allowing attackers to obtain users' passwords via a bruteforce attack.​
2022-11-25​
7.5
CVE-2022-44411
MISC
webcash -- serp_server_2.0​
A specific file on the sERP server if Kyungrinara(ERP solution) has a fixed password with the SYSTEM authority. This vulnerability could allow attackers to leak or steal sensitive information or execute malicious commands.​
2022-11-25​
9.8
CVE-2022-41157
MISC
windriver -- vxworks​
An issue was discovered in Wind River VxWorks 6.9 and 7, that allows a specifically crafted packet sent by a Radius server, may cause Denial of Service during the IP Radius access procedure.​
2022-11-25​
7.5
CVE-2022-38767
MISC
MISC
wp_user_merger_project -- wp_user_merger​
The WP User Merger WordPress plugin before 1.5.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin​
2022-11-28​
8.8
CVE-2022-3848
MISC
MISC
wp_user_merger_project -- wp_user_merger​
The WP User Merger WordPress plugin before 1.5.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin​
2022-11-28​
8.8
CVE-2022-3849
MISC
MISC
wp_user_merger_project -- wp_user_merger​
The WP User Merger WordPress plugin before 1.5.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin​
2022-11-28​
8.8
CVE-2022-3865
MISC
MISC
wpsmartcontracts -- wpsmartcontracts​
The WPSmartContracts WordPress plugin before 1.3.12 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as author​
2022-11-28​
8.8
CVE-2022-3768
MISC
MISC
Back to top



Medium Vulnerabilities​

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
airtable -- airtable​
Airtable.js is the JavaScript client for Airtable. Prior to version 0.11.6, Airtable.js had a misconfigured build script in its source package. When the build script is run, it would bundle environment variables into the build target of a transpiled bundle. Specifically, the AIRTABLE_API_KEY and AIRTABLE_ENDPOINT_URL environment variables are inserted during Browserify builds due to being referenced in Airtable.js code. This only affects copies of Airtable.js built from its source, not those installed via npm or yarn. Airtable API keys set in users’ environments via the AIRTABLE_API_KEY environment variable may be bundled into local copies of Airtable.js source code if all of the following conditions are met: 1) the user has cloned the Airtable.js source onto their machine, 2) the user runs the npm prepare script, and 3) the user' has the AIRTABLE_API_KEY environment variable set. If these conditions are met, a user’s local build of Airtable.js would be modified to include the value of the AIRTABLE_API_KEY environment variable, which could then be accidentally shipped in the bundled code. Users who do not meet all three of these conditions are not impacted by this issue. Users should upgrade to Airtable.js version 0.11.6 or higher; or, as a workaround unset the AIRTABLE_API_KEY environment variable in their shell and/or remove it from your .bashrc, .zshrc, or other shell configuration files. Users should also regenerate any Airtable API keys they use, as the keysy may be present in bundled code.​
2022-11-29​
6.4
CVE-2022-46155
CONFIRM
MISC
MISC
amasty -- amasty_blog_pro​
The blog-post creation functionality in the Amasty Blog Pro 2.10.3 plugin for Magento 2 allows injection of JavaScript code in the short_content and full_content fields, leading to XSS attacks against admin panel users via posts/preview or posts/save.​
2022-11-29​
6.1
CVE-2022-36433
MISC
MISC
analytics_for_wp_project -- analytics_for_wp​
The Analytics for WP WordPress plugin through 1.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).​
2022-11-28​
4.8
CVE-2022-3839
MISC
apereo -- opencast​
Opencast is a free, open-source platform to support the management of educational audio and video content. Prior to Opencast 12.5, Opencast's Paella authentication page could be used to redirect to an arbitrary URL for authenticated users. The vulnerability allows attackers to redirect users to sites outside of one's Opencast install, potentially facilitating phishing attacks or other security issues. This issue is fixed in Opencast 12.5 and newer.​
2022-11-28​
6.1
CVE-2022-41965
CONFIRM
MISC
axiell -- iguana​
A reflected XSS vulnerability has been found in Axiell Iguana CMS, allowing an attacker to execute code in a victim's browser. The title parameter on the twitter.php endpoint does not properly neutralise user input, resulting in the vulnerability.​
2022-12-01​
6.1
CVE-2022-45050
MISC
basercms -- basercms​
BaserCMS is a content management system with a japanese language focus. In affected versions there is a cross-site scripting vulnerability on the management system of baserCMS. This is a vulnerability that needs to be addressed when the management system is used by an unspecified number of users. Users of baserCMS are advised to upgrade as soon as possible. There are no known workarounds for this vulnerability.​
2022-11-25​
6.1
CVE-2022-39325
CONFIRM
MISC
MISC
beautiful-cookie-banner -- beautiful_cookie_consent_banner​
The Beautiful Cookie Consent Banner WordPress plugin before 2.9.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).​
2022-11-28​
4.8
CVE-2022-3823
MISC
book_store_management_system_project -- book_store_management_system​
Book Store Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in /bsms_ci/index.php/book. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the book_title parameter.​
2022-11-25​
6.1
CVE-2022-45225
MISC
bosscms -- bosscms​
Bosscms v2.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Add function under the Administrator List module.​
2022-11-28​
6.5
CVE-2022-44937
MISC
callback -- cbfs_filter​
A null pointer dereference vulnerability exists in the handle_ioctl_83150 functionality of Callback technologies CBFS Filter 20.0.8317. A specially-crafted I/O request packet (IRP) can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability.​
2022-11-28​
5.5
CVE-2022-43588
MISC
callback -- cbfs_filter​
A null pointer dereference vulnerability exists in the handle_ioctl_8314C functionality of Callback technologies CBFS Filter 20.0.8317. A specially-crafted I/O request packet (IRP) can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability.​
2022-11-28​
5.5
CVE-2022-43589
MISC
callback -- cbfs_filter​
A null pointer dereference vulnerability exists in the handle_ioctl_0x830a0_systembuffer functionality of Callback technologies CBFS Filter 20.0.8317. A specially-crafted I/O request packet (IRP) can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability.​
2022-11-28​
5.5
CVE-2022-43590
MISC
canteen_management_system_project -- canteen_management_system​
A vulnerability was found in SourceCodester Canteen Management System. It has been classified as problematic. This affects the function query of the file food.php. The manipulation of the argument product_name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-214359.​
2022-11-25​
6.1
CVE-2022-4091
MISC
MISC
canteen_management_system_project -- canteen_management_system​
A vulnerability was found in SourceCodester Canteen Management System. It has been rated as problematic. This issue affects the function builtin_echo of the file youthappam/brand.php. The manipulation of the argument brand_name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-214595.​
2022-11-30​
6.1
CVE-2022-4234
MISC
MISC
canteen_management_system_project -- canteen_management_system​
A vulnerability was found in SourceCodester Canteen Management System. It has been classified as problematic. This affects the function builtin_echo of the file categories.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-214629 was assigned to this vulnerability.​
2022-12-01​
6.1
CVE-2022-4252
N/A
N/A
canteen_management_system_project -- canteen_management_system​
A vulnerability was found in SourceCodester Canteen Management System. It has been declared as problematic. This vulnerability affects the function builtin_echo of the file customer.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-214630 is the identifier assigned to this vulnerability.​
2022-12-01​
5.4
CVE-2022-4253
N/A
N/A
chocolatey -- chocolatey_azure-pipelines-agent​
Insecure permissions in Chocolatey Azure-Pipelines-Agent package v2.211.1 and below grants all users in the Authenticated Users group write privileges for the subfolder C:\agent and all files located in that folder.​
2022-11-29​
4.3
CVE-2022-45306
MISC
chocolatey -- chocolatey_cmder​
Insecure permissions in Chocolatey Cmder package v1.3.20 and below grants all users in the Authenticated Users group write privileges for the path C:\tools\Cmder and all files located in that folder.​
2022-11-29​
4.3
CVE-2022-45304
MISC
chocolatey -- chocolatey_php​
Insecure permissions in Chocolatey PHP package v8.1.12 and below grants all users in the Authenticated Users group write privileges for the subfolder C:\tools\php81 and all files located in that folder.​
2022-11-29​
4.3
CVE-2022-45307
MISC
chocolatey -- chocolatey_python3​
Insecure permissions in Chocolatey Python3 package v3.11.0 and below grants all users in the Authenticated Users group write privileges for the subfolder C:\Python311 and all files located in that folder.​
2022-11-29​
4.3
CVE-2022-45305
MISC
chocolatey -- chocolatey_ruby​
Insecure permissions in Chocolatey Ruby package v3.1.2.1 and below grants all users in the Authenticated Users group write privileges for the path C:\tools\ruby31 and all files located in that folder.​
2022-11-29​
4.3
CVE-2022-45301
MISC
churchcrm -- churchcrm​
ChurchCRM Version 4.4.5 has XSS vulnerabilities that allow attackers to store XSS via location input Deposit Comment.​
2022-11-29​
4.8
CVE-2022-36136
MISC
MISC
churchcrm -- churchcrm​
ChurchCRM Version 4.4.5 has XSS vulnerabilities that allow attackers to store XSS via location input sHeader.​
2022-11-29​
4.8
CVE-2022-36137
MISC
MISC
contect -- solarview_compact_firmware​
SolarView Compact 7.0 is vulnerable to Cross-site Scripting (XSS) via /network_test.php.​
2022-11-29​
6.1
CVE-2022-44355
MISC
dinstar -- dag2000-16o_firmware​
Dinstar FXO Analog VoIP Gateway DAG2000-16O is vulnerable to Cross Site Scripting (XSS).​
2022-11-28​
5.4
CVE-2022-44284
MISC
discourse -- discourse​
Discourse is an open-source messaging platform. In versions 2.8.10 and prior on the stable branch and versions 2.9.0.beta11 and prior on the beta and tests-passed branches, users composing malicious messages and navigating to drafts page could self-XSS. This vulnerability can lead to a full XSS on sites which have modified or disabled Discourse’s default Content Security Policy. This issue is patched in the latest stable, beta and tests-passed versions of Discourse.​
2022-11-29​
5.4
CVE-2022-46148
CONFIRM
discourse -- discourse​
Discourse is an open-source discussion platform. Prior to version 2.9.0.beta13, users can post chat messages of an unlimited length, which can cause a denial of service for other users when posting huge amounts of text. Users should upgrade to version 2.9.0.beta13, where a limit has been introduced. No known workarounds are available.​
2022-11-28​
4.3
CVE-2022-41921
CONFIRM
MISC
discourse -- discourse​
Discourse is an open-source discussion platform. In stable versions prior to 2.8.12 and beta or tests-passed versions prior to 2.9.0.beta.13, under certain conditions, a user can see notifications for topics they no longer have access to. If there is sensitive information in the topic title, it will therefore have been exposed. This issue is patched in stable version 2.8.12, beta version 2.9.0.beta13, and tests-passed version 2.9.0.beta13. There are no workarounds available.​
2022-11-28​
4.3
CVE-2022-41944
MISC
CONFIRM
discourse -- discourse​
Discourse is an open-source discussion platform. Prior to version 2.8.13 of the stable branch and version 2.9.0.beta14 of the beta and tests-passed branches, unauthorized users may learn of the existence of hidden tags and that they have been applied to topics that they have access to. This issue is patched in version 2.8.13 of the stable branch and version 2.9.0.beta14 of the beta and tests-passed branches. As a workaround, use the disable_email site setting to disable all emails to non-staff users.​
2022-11-29​
4.3
CVE-2022-46150
CONFIRM
MISC
dwbooster -- appointment_hour_booking​
The Appointment Hour Booking plugin for WordPress is vulnerable to iFrame Injection via the ‘email’ or general field parameters in versions up to, and including, 1.3.72 due to insufficient input sanitization and output escaping that makes injecting iFrame tags possible. This makes it possible for unauthenticated attackers to inject iFrames when submitting a booking that will execute whenever a user accesses the injected booking details page.​
2022-11-29​
6.1
CVE-2022-4035
MISC
MISC
dwbooster -- appointment_hour_booking​
The Appointment Hour Booking plugin for WordPress is vulnerable to CAPTCHA bypass in versions up to, and including, 1.3.72. This is due to the use of insufficiently strong hashing algorithm on the CAPTCHA secret that is also displayed to the user via a cookie.​
2022-11-29​
5.3
CVE-2022-4036
MISC
MISC
electronic_shelf_label_protocol_project -- electronic_shelf_label_protocol​
The ESL (Electronic Shelf Label) protocol, as implemented by (for example) the OV80e934802 RF transceiver on the ETAG-2130-V4.3 20190629 board, does not use authentication, which allows attackers to change label values via 433 MHz RF signals, as demonstrated by disrupting the organization of a hospital storage unit, or changing retail pricing.​
2022-11-27​
5.3
CVE-2022-45914
MISC
event_registration_system_project -- event_registration_system​
A vulnerability has been found in SourceCodester Event Registration System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /event/admin/?page=user/list. The manipulation of the argument First Name/Last Name leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-214591.​
2022-11-30​
6.1
CVE-2022-4233
MISC
expresstech -- quiz_and_survey_master​
The Quiz and Survey Master plugin for WordPress is vulnerable to iFrame Injection via the 'question[id]' parameter in versions up to, and including, 8.0.4 due to insufficient input sanitization and output escaping that allowed iframe tags to be injected. This makes it possible for unauthenticated attackers to inject iFrames in pages that will execute whenever a user accesses an injected page.​
2022-11-29​
6.1
CVE-2022-4032
MISC
MISC
expresstech -- quiz_and_survey_master​
The Quiz and Survey Master plugin for WordPress is vulnerable to input validation bypass via the 'question[id]' parameter in versions up to, and including, 8.0.4 due to insufficient input validation that allows attackers to inject content other than the specified value (i.e. a number, file path, etc..). This makes it possible attackers to submit values other than the intended input type.​
2022-11-29​
5.3
CVE-2022-4033
MISC
MISC
find_and_replace_all_project -- find_and_replace_all​
The Find and Replace All WordPress plugin before 1.3 does not sanitize and escape some parameters from its setting page before outputting them back to the user, leading to a Reflected Cross-Site Scripting issue.​
2022-11-28​
6.1
CVE-2022-2311
MISC
find_and_replace_all_project -- find_and_replace_all​
The Find and Replace All WordPress plugin before 1.3 does not have CSRF check when replacing string, which could allow attackers to make a logged admin replace arbitrary string in database tables via a CSRF attack​
2022-11-28​
4.3
CVE-2022-3850
MISC
frappe -- frappe​
Frappe version 14.10.0 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not correctly validate the information injected by the user in the import_file parameter.​
2022-11-25​
6.5
CVE-2022-41712
MISC
MISC
garage_management_system_project -- garage_management_system​
Garage Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via /garage/php_action/createBrand.php.​
2022-11-29​
6.1
CVE-2022-44279
MISC
getawesomesupport -- awesome_support​
The Awesome Support WordPress plugin before 6.1.2 does not ensure that the exported tickets archive to be downloaded belongs to the user making the request, allowing a low privileged user, such as subscriber to download arbitrary exported tickets via an IDOR vector​
2022-11-28​
6.5
CVE-2022-3511
MISC
google -- chrome​
Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 108.0.5359.71 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. (Chromium security severity: Medium)​
2022-11-30​
6.5
CVE-2022-4187
MISC
MISC
google -- chrome​
Inappropriate implementation in Fenced Frames in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass fenced frame restrictions via a crafted HTML page. (Chromium security severity: Medium)​
2022-11-30​
4.3
CVE-2022-4182
MISC
MISC
google -- chrome​
Insufficient policy enforcement in Popup Blocker in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)​
2022-11-30​
4.3
CVE-2022-4183
MISC
MISC
google -- chrome​
Insufficient policy enforcement in Autofill in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass autofill restrictions via a crafted HTML page. (Chromium security severity: Medium)​
2022-11-30​
4.3
CVE-2022-4184
MISC
MISC
google -- chrome​
Inappropriate implementation in Navigation in Google Chrome on iOS prior to 108.0.5359.71 allowed a remote attacker to spoof the contents of the modal dialogue via a crafted HTML page. (Chromium security severity: Medium)​
2022-11-30​
4.3
CVE-2022-4185
MISC
MISC
google -- chrome​
Insufficient validation of untrusted input in Downloads in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass Downloads restrictions via a crafted HTML page. (Chromium security severity: Medium)​
2022-11-30​
4.3
CVE-2022-4186
MISC
MISC
google -- chrome​
Insufficient validation of untrusted input in CORS in Google Chrome on Android prior to 108.0.5359.71 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)​
2022-11-30​
4.3
CVE-2022-4188
MISC
MISC
google -- chrome​
Insufficient policy enforcement in DevTools in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: Medium)​
2022-11-30​
4.3
CVE-2022-4189
MISC
MISC
google -- chrome​
Insufficient policy enforcement in Safe Browsing in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass Safe Browsing warnings via a malicious file. (Chromium security severity: Medium)​
2022-11-30​
4.3
CVE-2022-4195
MISC
MISC
google_forms_project -- google_forms​
The Google Forms WordPress plugin through 0.95 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).​
2022-11-28​
4.8
CVE-2022-3834
MISC
gpac -- gpac​
GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to contain a memory leak via the function dimC_box_read at isomedia/box_code_3gpp.c.​
2022-11-29​
5.5
CVE-2022-45204
MISC
human_resource_management_system_project -- human_resource_management_system​
Human Resource Management System v1.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability. This vulnerability is triggered via a crafted payload injected into an authentication error message.​
2022-11-25​
6.1
CVE-2022-45218
MISC
MISC
ibm -- maximo_application_suite​
IBM Maximo Mobile 8.7 and 8.8 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 237407.​
2022-11-28​
5.5
CVE-2022-41732
MISC
MISC
image_hover_effects_css3_project -- image_hover_effects_css3​
The Image Hover Effects Css3 WordPress plugin through 4.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).​
2022-11-28​
4.8
CVE-2022-3601
MISC
jeecg -- jeecg_boot​
Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/dict/queryTableData.​
2022-11-25​
5.3
CVE-2022-45205
MISC
MISC
jeecg -- jeecg_boot​
Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/user/putRecycleBin.​
2022-11-25​
4.3
CVE-2022-45208
MISC
MISC
jeecg -- jeecg_boot​
Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/user/deleteRecycleBin.​
2022-11-25​
4.3
CVE-2022-45210
MISC
MISC
jeeng_push_notifications_project -- jeeng_push_notifications​
The Jeeng Push Notifications WordPress plugin before 2.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)​
2022-11-28​
4.8
CVE-2022-3610
MISC
klik_project -- klik​
KLiK SocialMediaWebsite Version 1.0.1 has XSS vulnerabilities that allow attackers to store XSS via location Forum Subject input.​
2022-11-29​
5.4
CVE-2022-42099
MISC
MISC
klik_project -- klik​
KLiK SocialMediaWebsite Version 1.0.1 has XSS vulnerabilities that allow attackers to store XSS via location input reply-form.​
2022-11-29​
5.4
CVE-2022-42100
MISC
MISC
lepton_project -- lepton​
A loop with an unreachable exit condition can be triggered by passing a crafted JPEG file to the Lepton image compression tool, resulting in a denial-of-service.​
2022-11-28​
5.5
CVE-2022-4104
MISC
linux -- layer_2_tunneling_protocol​
A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service.​
2022-11-28​
5.5
CVE-2022-4129
MISC
MISC
FEDORA
FEDORA
FEDORA
linux -- linux_kernel​
An issue was discovered in the Linux kernel through 6.0.9. drivers/char/xillybus/xillyusb.c has a race condition and use-after-free during physical removal of a USB device.​
2022-11-25​
6.4
CVE-2022-45888
MISC
linux -- linux_kernel​
A NULL pointer dereference issue was discovered in the Linux kernel in io_files_update_with_index_alloc. A local user could use this flaw to potentially crash the system causing a denial of service.​
2022-11-28​
5.5
CVE-2022-4127
MISC
MISC
linux -- linux_kernel​
A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualisation and the TDP MMU are enabled.​
2022-11-30​
4.7
CVE-2022-45869
MISC
linux -- linux_kernel​
An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call.​
2022-11-25​
4.7
CVE-2022-45887
MISC
MISC
linux -- mptcp_protocol​
A NULL pointer dereference issue was discovered in the Linux kernel in the MPTCP protocol when traversing the subflow list at disconnect time. A local user could use this flaw to potentially crash the system causing a denial of service.​
2022-11-28​
5.5
CVE-2022-4128
MISC
MISC
m-files -- m-files_server​
Error in parser function in M-Files Server versions before 22.6.11534.1 and before 22.6.11505.0 allowed unauthenticated access to some information of the underlying operating system.​
2022-11-30​
5.3
CVE-2022-1911
MISC
m-files -- m-files_server​
Incorrect privilege assignment in M-Files Server versions before 22.3.11164.0 and before 22.3.11237.1 allows user to read unmanaged objects.​
2022-11-30​
4.3
CVE-2022-1606
MISC
metagauss -- download_plugin​
The Download Plugin WordPress plugin before 2.0.0 does not properly validate a user has the required privileges to access a backup's nonce identifier, which may allow any users with an account on the site (such as subscriber) to download a full copy of the website.​
2022-11-28​
4.3
CVE-2021-25059
MISC
microfocus -- netiq_advanced_authentication​
This update resolves a multi-factor authentication bypass attack​
2022-11-28​
6.3
CVE-2022-38753
MISC
microweber -- microweber​
Microweber version 1.3.1 allows an unauthenticated user to perform an account takeover via an XSS on the 'select-file' parameter.​
2022-11-25​
6.1
CVE-2022-0698
MISC
MISC
mitsubishielectric -- gx_works3​
Cleartext Storage of Sensitive Information in Memory vulnerability in Mitsubishi Electric Corporation GX Works3 versions 1.015R and later allows a remote unauthorized attacker to disclose sensitive information. As a result, unauthorized users could obtain information about the project file for MELSEC safety CPU modules.​
2022-11-25​
6.5
CVE-2022-29832
MISC
MISC
mitsubishielectric -- gx_works3​
Insufficiently Protected Credentials vulnerability in Mitsubishi Electric Corporation GX Works3 versions 1.015R and later allows a remote unauthorized attacker to disclose sensitive information. As a result, unauthorized users could access to MELSEC safety CPU modules illgally.​
2022-11-25​
6.5
CVE-2022-29833
MISC
MISC
movie_ticket_booking_system_project -- movie_ticket_booking_system​
A vulnerability, which was classified as problematic, was found in Movie Ticket Booking System. Affected is an unknown function of the component POST Request Handler. The manipulation of the argument ORDER_ID leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-214626 is the identifier assigned to this vulnerability.​
2022-12-01​
6.1
CVE-2022-4249
N/A
N/A
movie_ticket_booking_system_project -- movie_ticket_booking_system​
A vulnerability has been found in Movie Ticket Booking System and classified as problematic. Affected by this vulnerability is an unknown functionality of the file booking.php. The manipulation of the argument id leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-214627.​
2022-12-01​
6.1
CVE-2022-4250
N/A
N/A
muffingroup -- becustom​
The Becustom plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.5.2. This is due to missing nonce validation when saving the plugin's settings. This makes it possible for unauthenticated attackers to update the plugin's settings like betheme_url_slug, replaced_theme_author, and betheme_label to name a few, via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.​
2022-11-29​
6.5
CVE-2022-3747
MISC
MISC
MISC
nextcloud -- desktop​
Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker can inject arbitrary HyperText Markup Language into the Desktop Client application. It is recommended that the Nextcloud Desktop client is upgraded to 3.6.1. There are no known workarounds for this issue.​
2022-11-25​
6.1
CVE-2022-39333
MISC
CONFIRM
MISC
nextcloud -- desktop​
Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker can inject arbitrary HyperText Markup Language into the Desktop Client application in the notifications. It is recommended that the Nextcloud Desktop client is upgraded to 3.6.1. There are no known workarounds for this issue.​
2022-11-25​
5.4
CVE-2022-39331
MISC
MISC
CONFIRM
nextcloud -- desktop​
Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker can inject arbitrary HyperText Markup Language into the Desktop Client application via user status and information. It is recommended that the Nextcloud Desktop client is upgraded to 3.6.1. There are no known workarounds for this issue.​
2022-11-25​
5.4
CVE-2022-39332
MISC
MISC
CONFIRM
nextcloud -- desktop​
Nextcloud desktop is the desktop sync client for Nextcloud. Versions prior to 3.6.1 would incorrectly trust invalid TLS certificates. A Man-in-the-middle attack is possible in case a user can be made running a nextcloudcmd CLI command locally. It is recommended that the Nextcloud Desktop client is upgraded to 3.6.1. There are no known workarounds for this vulnerability.​
2022-11-25​
4.7
CVE-2022-39334
MISC
CONFIRM
MISC
MISC
nextcloud -- nextcloud_enterprise_server​
Nextcloud server is an open source personal cloud server. Affected versions of nextcloud server did not properly limit user display names which could allow a malicious users to overload the backing database and cause a denial of service. It is recommended that the Nextcloud Server is upgraded to 22.2.10, 23.0.7 or 24.0.3. There are no known workarounds for this issue.​
2022-11-25​
6.5
CVE-2022-39346
CONFIRM
MISC
MISC
nextcloud -- openid_connect_user_backend​
user_oidc is an OpenID Connect user backend for Nextcloud. Versions prior to 1.2.1 did not properly validate discovery urls which may lead to a stored cross site scripting attack vector. The impact is limited due to the restrictive CSP that is applied on this endpoint. Additionally this vulnerability has only been shown to be exploitable in the Safari web browser. This issue has been addressed in version 1.2.1. Users are advised to upgrade. Users unable to upgrade should urge their users to avoid using the Safari web browser.​
2022-11-25​
5.4
CVE-2022-39338
CONFIRM
MISC
MISC
nextcloud -- openid_connect_user_backend​
user_oidc is an OpenID Connect user backend for Nextcloud. In versions prior to 1.2.1 sensitive information such as the OIDC client credentials and tokens are sent in plain text of HTTP without TLS. Any malicious actor with access to monitor user traffic may have been able to compromise account security. This issue has been addressed in in user_oidc v1.2.1. Users are advised to upgrade. Users unable to upgrade may use https to access Nextcloud. Set an HTTPS discovery URL in the provider settings (in Nextcloud OIDC admin settings).​
2022-11-25​
4.3
CVE-2022-39339
MISC
MISC
CONFIRM
nextcloud -- talk​
Nextcould talk android is the android OS implementation of the nextcloud talk chat system. In affected versions the receiver is not protected by broadcastPermission allowing malicious apps to monitor communication. It is recommended that the Nextcloud Talk Android is upgraded to 14.1.0. There are no known workarounds for this issue.​
2022-11-25​
5.5
CVE-2022-41926
MISC
CONFIRM
MISC
openedx -- xblock-drag-and-drop-v2​
Drag and Drop XBlock v2 implements a drag-and-drop style problem, where a learner has to drag items to zones on a target image. Versions prior to 3.0.0 are vulnerable to cross-site scripting in multiple XBlock Fields. Any platform that has deployed the XBlock may be impacted. Version 3.0.0 contains a patch for this issue. There are no known workarounds.​
2022-11-28​
6.1
CVE-2022-46147
CONFIRM
MISC
MISC
MISC
perfsonar -- perfsonar​
perfSONAR v4.x <= v4.4.5 was discovered to contain a Cross-Site Request Forgery (CSRF) which is triggered when an attacker injects crafted input into the Search function.​
2022-11-30​
4.3
CVE-2022-41413
MISC
MISC
photospace_gallery_project -- photospace_gallery​
The Photospace Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its settings parameters saved via the update() function in versions up to, and including, 2.3.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.​
2022-11-29​
5.4
CVE-2022-3991
MISC
MISC
qemu -- qemu​
An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. The qxl_phys2virt() function does not check the size of the structure pointed to by the guest physical address, potentially reading past the end of the bar space into adjacent pages. A malicious guest user could use this flaw to crash the QEMU process on the host causing a denial of service condition.​
2022-11-29​
6.5
CVE-2022-4144
MISC
MISC
qemu -- qemu​
An integer overflow and buffer overflow issues were found in the ACPI Error Record Serialization Table (ERST) device of QEMU in the read_erst_record() and write_erst_record() functions. Both issues may allow the guest to overrun the host buffer allocated for the ERST memory device. A malicious guest could use these flaws to crash the QEMU process on the host.​
2022-11-29​
6.5
CVE-2022-4172
MISC
MISC
MISC
raidenmaild -- raidenmaild​
Raiden MAILD Mail Server website mail field has insufficient filtering for user input. A remote attacker with general user privilege can send email using the website with malicious JavaScript in the input field, which triggers XSS (Reflected Cross-Site Scripting) attack to the mail recipient.​
2022-11-29​
5.4
CVE-2022-41676
MISC
realtek -- rtl8111fp-cg_firmware​
RTL8168FP-CG Dash remote management function has missing authorization. An unauthenticated attacker within the adjacent network can connect to DASH service port to disrupt service.​
2022-11-29​
6.5
CVE-2022-32966
MISC
recaptcha_project -- recaptcha​
The reCAPTCHA WordPress plugin through 1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).​
2022-11-28​
4.8
CVE-2022-3831
MISC
salat_times_project -- salat_times​
The Salat Times WordPress plugin before 3.2.2 does not sanitize and escapes its settings, allowing high-privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.​
2022-11-28​
4.8
CVE-2022-2983
MISC
sanitization_management_system_project -- sanitization_management_system​
A cross-site scripting (XSS) vulnerability in Sanitization Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username parameter at /php-sms/classes/Login.php.​
2022-11-28​
6.1
CVE-2022-45214
MISC
seppmail -- seppmail​
SEPPMail's web frontend, user input is not embedded correctly in the web page and therefore leads to cross-site scripting vulnerabilities (XSS).​
2022-11-30​
6.1
CVE-2021-31740
MISC
showing_url_in_qr_code_project -- showing_url_in_qr_code​
The Showing URL in QR Code WordPress plugin through 0.0.1 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin or editor add Stored XSS payloads via a CSRF attack​
2022-11-28​
6.1
CVE-2022-3847
MISC
MISC
simple-press -- simple\​
The Simple:press plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'postitem' parameter manipulated during a forum response in versions up to, and including, 6.8 due to insufficient input sanitization and output escaping that makes injecting object and embed tags possible. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages when responding to forum threads that will execute whenever a user accesses an injected page.​
2022-11-29​
5.4
CVE-2022-4027
MISC
MISC
simple-press -- simple\​
The Simple:press plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'postitem' parameter manipulated during the profile-save action when modifying a profile signature in versions up to, and including, 6.8 due to insufficient input sanitization and output escaping that makes injecting object and embed tags possible. This makes it possible for authenticated attackers, with minimal permissions, such as a subscriber to inject arbitrary web scripts in pages when modifying a profile signature that will execute whenever a user accesses an injected page.​
2022-11-29​
5.4
CVE-2022-4028
MISC
MISC
simple-press -- simple\​
The Simple:press plugin for WordPress is vulnerable to arbitrary file modifications in versions up to, and including, 6.8 via the 'file' parameter which does not properly restrict files to be edited in the context of the plugin. This makes it possible with attackers, with high-level permissions such as an administrator, to supply paths to arbitrary files on the server that can be modified outside of the intended scope of the plugin.​
2022-11-29​
4.9
CVE-2022-4031
MISC
MISC
simple-press -- simple\​
The Simple:press plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'sforum_[md5 hash of the WordPress URL]' cookie value in versions up to, and including, 6.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. This would be highly complex to exploit as it would require the attacker to set the cookie a cookie for the targeted user.​
2022-11-29​
4.7
CVE-2022-4029
MISC
MISC
snyk -- snyk_cli​
The package snyk before 1.1064.0; the package snyk-mvn-plugin before 2.31.3; the package snyk-gradle-plugin before 3.24.5; the package @snyk/snyk-cocoapods-plugin before 2.5.3; the package snyk-sbt-plugin before 2.16.2; the package snyk-python-plugin before 1.24.2; the package snyk-docker-plugin before 5.6.5; the package @snyk/snyk-hex-plugin before 1.1.6 are vulnerable to Command Injection due to an incomplete fix for CVE-2022-40764. A successful exploit allows attackers to run arbitrary commands on the host system where the Snyk CLI is installed by passing in crafted command line flags. In order to exploit this vulnerability, a user would have to execute the snyk test command on untrusted files. In most cases, an attacker positioned to control the command line arguments to the Snyk CLI would already be positioned to execute arbitrary commands. However, this could be abused in specific scenarios, such as continuous integration pipelines, where developers can control the arguments passed to the Snyk CLI to leverage this component as part of a wider attack against an integration/build pipeline. This issue has been addressed in the latest Snyk Docker images available at https://hub.docker.com/r/snyk/snyk as of 2022-11-29. Images downloaded and built prior to that date should be updated. The issue has also been addressed in the Snyk TeamCity CI/CD plugin as of version v20221130.093605.​
2022-11-30​
6.3
CVE-2022-22984
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
sophos -- xg_firewall_firmware​
A post-auth read-only SQL injection vulnerability allows users to read non-sensitive configuration database contents in the User Portal of Sophos Firewall older than version 19.5 GA.​
2022-12-01​
4.3
CVE-2022-3711
CONFIRM
spatie -- browsershot​
Browsershot version 3.57.2 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate that the HTML content passed to the Browsershot::html method does not contain URL's that use the file:// protocol.​
2022-11-25​
6.1
CVE-2022-43983
MISC
MISC
spatie -- browsershot​
Browsershot version 3.57.3 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate that the JS content imported from an external source passed to the Browsershot::html method does not contain URLs that use the file:// protocol.​
2022-11-25​
6.1
CVE-2022-43984
MISC
MISC
standalonetech -- terawallet​
The TeraWallet plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 1.4.3. This is due to insufficient validation of the user-controlled key on the lock_unlock_terawallet AJAX action. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to lock/unlock other users wallets.​
2022-11-29​
4.3
CVE-2022-3995
MISC
MISC
sz-fujia -- ourphoto​
The user_token authorization header on the Ourphoto App version 1.4.1 /apiv1/* end-points is not implemented properly. Removing the value causes all requests to succeed, bypassing authorization and session management. The impact of this vulnerability allows an attacker POST api calls with other users unique identifiers and enumerate information of all other end-users.​
2022-11-28​
6.5
CVE-2022-24189
MISC
thematosoup -- fancier_author_box​
The Fancier Author Box by ThematoSoup WordPress plugin through 1.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).​
2022-11-28​
4.8
CVE-2022-3833
MISC
theme_and_plugin_translation_for_polylang_project -- theme_and_plugin_translation_for_polylang​
The Theme and plugin translation for Polylang is vulnerable to authorization bypass in versions up to, and including, 3.2.16 due to missing capability checks in the process_polylang_theme_translation_wp_loaded() function. This makes it possible for unauthenticated attackers to update plugin and theme translation settings and to import translation strings.​
2022-11-28​
5.3
CVE-2022-4169
MISC
MISC
thinkcmf -- thinkcmf​
ThinkCMF version 6.0.7 is affected by Stored Cross-Site Scripting (XSS). An attacker who successfully exploited this vulnerability could inject a Persistent XSS payload in the Slideshow Management section that execute arbitrary JavaScript code on the client side, e.g., to steal the administrator's PHP session token (PHPSESSID).​
2022-12-01​
5.4
CVE-2022-40849
MISC
tipsandtricks-hq -- donations_via_paypal​
The Donations via PayPal WordPress plugin before 1.9.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).​
2022-11-28​
4.8
CVE-2022-3822
MISC
trellix -- agent​
An uncontrolled search path vulnerability exists in Trellix Agent (TA) for Windows in versions prior to 5.7.8. This allows an attacker with admin access, which is required to place the DLL in the restricted Windows System folder, to elevate their privileges to System by placing a malicious DLL there.​
2022-11-30​
6.7
CVE-2022-3859
MISC
ultimatemember -- ultimate_member​
The Ultimate Member plugin for WordPress is vulnerable to directory traversal in versions up to, and including 2.5.0 due to insufficient input validation on the 'template' attribute used in shortcodes. This makes it possible for attackers with administrative privileges to supply arbitrary paths using traversal (../../) to access and include files outside of the intended directory. If an attacker can successfully upload a php file then remote code execution via inclusion may also be possible. Note: for users with less than administrative capabilities, /wp-admin access needs to be enabled for that user in order for this to be exploitable by those users.​
2022-11-29​
4.3
CVE-2022-3361
MISC
MISC
MISC
MISC
video_thumbnails_project -- video_thumbnails​
The Video Thumbnails WordPress plugin through 2.12.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).​
2022-11-28​
4.8
CVE-2022-3828
MISC
vmware -- tools​
VMware Tools for Windows (12.x.y prior to 12.1.5, 11.x.y and 10.x.y) contains a denial-of-service vulnerability in the VM3DMP driver. A malicious actor with local user privileges in the Windows guest OS, where VMware Tools is installed, can trigger a PANIC in the VM3DMP driver leading to a denial-of-service condition in the Windows guest OS.​
2022-11-29​
6.5
CVE-2021-31693
MISC
wbce -- wbce_cms​
A cross-site scripting (XSS) vulnerability in the Search Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the No Results field.​
2022-11-25​
5.4
CVE-2022-45036
MISC
wbce -- wbce_cms​
A cross-site scripting (XSS) vulnerability in /admin/users/index.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Display Name field.​
2022-11-25​
5.4
CVE-2022-45037
MISC
wbce -- wbce_cms​
A cross-site scripting (XSS) vulnerability in /admin/settings/save.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website Footer field.​
2022-11-25​
5.4
CVE-2022-45038
MISC
wbce -- wbce_cms​
A cross-site scripting (XSS) vulnerability in /admin/pages/sections_save.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name Section field.​
2022-11-25​
5.4
CVE-2022-45040
MISC
web-based_student_clearance_system_project -- web-based_student_clearance_system​
Web-Based Student Clearance System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in changepassword.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the txtnew_password parameter.​
2022-11-28​
4.8
CVE-2022-45221
MISC
web-based_student_clearance_system_project -- web-based_student_clearance_system​
Web-Based Student Clearance System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in /Admin/add-student.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the txtfullname parameter.​
2022-11-28​
4.8
CVE-2022-45223
MISC
web-based_student_clearance_system_project -- web-based_student_clearance_system​
Web-Based Student Clearance System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in Admin/add-admin.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the txtfullname parameter.​
2022-11-28​
4.8
CVE-2022-45224
MISC
wp_admin_ui_customize_project -- wp_admin_ui_customize​
The WP Admin UI Customize WordPress plugin before 1.5.13 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).​
2022-11-28​
4.8
CVE-2022-3824
MISC
wp_affiliate_platform_project -- wp_affiliate_platform​
The WP Affiliate Platform plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.3.9. This is due to missing or incorrect nonce validation on various functions including the affiliates_menu method. This makes it possible for unauthenticated attackers to delete affiliate records, via forged request granted they can trick a site administrator into performing an action such as clicking on a link.​
2022-11-29​
6.5
CVE-2022-3898
MISC
MISC
wp_affiliate_platform_project -- wp_affiliate_platform​
The WP Affiliate Platform plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $_SERVER["REQUEST_URI"] in versions up to, and including, 6.3.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. This is unlikely to work in modern browsers.​
2022-11-29​
6.1
CVE-2022-3896
MISC
MISC
wp_affiliate_platform_project -- wp_affiliate_platform​
The WP Affiliate Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in versions up to, and including, 6.3.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.​
2022-11-29​
4.8
CVE-2022-3897
MISC
MISC
zkteco -- biotime​
Zkteco BioTime < 8.5.3 Build:20200816.447 is vulnerable to Incorrect Access Control via Leave, overtime, Manual log. An authenticated employee can read local files by exploiting XSS into a pdf generator when exporting data as a PDF​
2022-11-30​
6.8
CVE-2022-38803
MISC
MISC
zkteco -- biotime​
Zkteco BioTime < 8.5.3 Build:20200816.447 is vulnerable to Incorrect Access Control via resign, private message, manual log, time interval, attshift, and holiday. An authenticated administrator can read local files by exploiting XSS into a pdf generator when exporting data as a PDF​
2022-11-30​
6.2
CVE-2022-38802
MISC
MISC
zkteco -- biotime​
In Zkteco BioTime < 8.5.3 Build:20200816.447, an employee can hijack an administrator session and cookies using blind cross-site scripting.​
2022-11-30​
5.4
CVE-2022-38801
MISC
MISC
Back to top



Low Vulnerabilities​

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
fortinet -- fortimanager​
An improper access control vulnerability [CWE-284] in FortiManager 7.2.0, 7.0.0 through 7.0.3, 6.4.0 through 6.4.7, 6.2.0 through 6.2.9, 6.0.0 through 6.0.11 and FortiAnalyzer 7.2.0, 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.0 through 6.0.12 may allow a remote and authenticated admin user assigned to a specific ADOM to access other ADOMs information such as device information and dashboard information.​
2022-11-25​
2.7
CVE-2022-38377
MISC
mpxj -- mpxj​
MPXJ is an open source library to read and write project plans from a variety of file formats and databases. On Unix-like operating systems (not Windows or macos), MPXJ's use of File.createTempFile(..) results in temporary files being created with the permissions -rw-r--r--. This means that any other user on the system can read the contents of this file. When MPXJ is reading a schedule file which requires the creation of a temporary file or directory, a knowledgeable local user could locate these transient files while they are in use and would then be able to read the schedule being processed by MPXJ. The problem has been patched, MPXJ version 10.14.1 and later includes the necessary changes. Users unable to upgrade may set java.io.tmpdir to a directory to which only the user running the application has access will prevent other users from accessing these temporary files.​
2022-11-25​
3.3
CVE-2022-41954
CONFIRM
MISC
realtek -- rtl8111ep-cg_firmware​
RTL8111EP-CG/RTL8111FP-CG DASH function has hard-coded password. An unauthenticated physical attacker can use the hard-coded default password during system reboot triggered by other user, to acquire partial system information such as serial number and server information.​
2022-11-29​
2.1
CVE-2022-32967
MISC
sophos -- xg_firewall_firmware​
A post-auth read-only SQL injection vulnerability allows API clients to read non-sensitive configuration database contents in the API controller of Sophos Firewall older than version 19.5 GA.​
2022-12-01​
2.7
CVE-2022-3710
CONFIRM
wpulike -- wp_ulike​
Unauth. Race Condition vulnerability in WP ULike Plugin <= 4.6.4 on WordPress allows attackers to increase/decrease rating scores.​
2022-11-30​
3.7
CVE-2022-45842
MISC
Back to top



Severity Not Yet Assigned​

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
Xiongmai -- multiple_products​
Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.00000117.10001.131900.00000 and NBD6808T-PL V4.02.R11.C7431119.12001.130000.00000, allow authenticated users to execute arbitrary commands as root, as exploited in the wild starting in approximately 2019. A remote and authenticated attacker, possibly using the default admin:tlJwpbo6 credentials, can connect to port 34567 and execute arbitrary operating system commands via a crafted JSON file during an upgrade request. Since at least 2021, Xiongmai has applied patches to prevent attackers from using this mechanism to execute telnetd.​
2022-12-01​
not yet calculated​
CVE-2022-45045
MISC
apache -- commons_net
Prior to Apache Commons Net 3.9.0, Net's FTP client trusts the host from PASV response by default. A malicious server can redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This may lead to leakage of information about services running on the private network of the client. The default in version 3.9.0 is now false to ignore such hosts, as cURL does. See https://issues.apache.org/jira/browse/NET-711.​
2022-12-03​
not yet calculated​
CVE-2021-37533
CONFIRM
MLIST
apsystems -- energy_communication_unit_power_control_software​
An access control issue in APsystems ENERGY COMMUNICATION UNIT (ECU-C) Power Control Software V4.1NA, V3.11.4, W2.1NA, V4.1SAA, C1.2.2 allows attackers to access sensitive data and execute specific commands and functions with full admin rights without authenticating allows him to perform multiple attacks, such as attacking wireless network in the product's range.​
2022-11-29​
not yet calculated​
CVE-2022-44037
MISC
asus -- nas-m25​
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Asus NAS-M25 allows an unauthenticated attacker to inject arbitrary OS commands via unsanitized cookie values.This issue affects NAS-M25: through 1.0.1.7.​
2022-12-01​
not yet calculated​
CVE-2022-4221
MISC
authentik -- authentik​
authentik is an open-source identity provider. Versions prior to 2022.11.2 and 2022.10.2 are vulnerable to unauthorized user creation and potential account takeover. With the default flows, unauthenticated users can create new accounts in authentik. If a flow exists that allows for email-verified password recovery, this can be used to overwrite the email address of admin accounts and take over their accounts. authentik 2022.11.2 and 2022.10.2 fix this issue. As a workaround, a policy can be created and bound to the default-user-settings-flow flow with the contents return request.user.is_authenticated.​
2022-12-02​
not yet calculated​
CVE-2022-46145
MISC
MISC
MISC
book_store_management_system -- book_store_management_system​
A cross-site scripting (XSS) vulnerability in Book Store Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter under the Add New System User module.​
2022-12-02​
not yet calculated​
CVE-2022-45215
MISC
MISC
broadcom -- symantec_endpoint_protection​
Symantec Endpoint Protection (Windows) agent may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.​
2022-12-01​
not yet calculated​
CVE-2022-37016
MISC
broadcom -- symantec_endpoint_protection​
Symantec Endpoint Protection (Windows) agent, prior to 14.3 RU6/14.3 RU5 Patch 1, may be susceptible to a Security Control Bypass vulnerability, which is a type of issue that can potentially allow a threat actor to circumvent existing security controls. This CVE applies narrowly to the Client User Interface Password protection and Policy Import/Export Password protection, if it has been enabled.​
2022-12-01​
not yet calculated​
CVE-2022-37017
MISC
c-data -- web_management_system​
A vulnerability was found in C-DATA Web Management System. It has been rated as critical. This issue affects some unknown processing of the file cgi-bin/jumpto.php of the component GET Parameter Handler. The manipulation of the argument hostname leads to argument injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-214631.​
2022-12-01​
not yet calculated​
CVE-2022-4257
MISC
MISC
capnproto -- capnproto​
Cap'n Proto is a data interchange format and remote procedure call (RPC) system. Cap'n Proro prior to versions 0.7.1, 0.8.1, 0.9.2, and 0.10.3, as well as versions of Cap'n Proto's Rust implementation prior to 0.13.7, 0.14.11, and 0.15.2 are vulnerable to out-of-bounds read due to logic error handling list-of-list. This issue may lead someone to remotely segfault a peer by sending it a malicious message, if the victim performs certain actions on a list-of-pointer type. Exfiltration of memory is possible if the victim performs additional certain actions on a list-of-pointer type. To be vulnerable, an application must perform a specific sequence of actions, described in the GitHub Security Advisory. The bug is present in inlined code, therefore the fix will require rebuilding dependent applications. Cap'n Proto has C++ fixes available in versions 0.7.1, 0.8.1, 0.9.2, and 0.10.3. The capnp Rust crate has fixes available in versions 0.13.7, 0.14.11, and 0.15.2.​
2022-11-30​
not yet calculated​
CVE-2022-46149
MISC
CONFIRM
FEDORA
FEDORA
clastix -- capsule​
Capsule is a multi-tenancy and policy-based framework for Kubernetes. Prior to version 0.1.3, a ServiceAccount deployed in a Tenant Namespace, when granted with PATCH capabilities on its own Namespace, is able to edit it and remove the Owner Reference, breaking the reconciliation of the Capsule Operator and removing all the enforcement like Pod Security annotations, Network Policies, Limit Range and Resource Quota items. An attacker could detach the Namespace from a Tenant that is forbidding starting privileged Pods using the Pod Security labels by removing the OwnerReference, removing the enforcement labels, and being able to start privileged containers that would be able to start a generic Kubernetes privilege escalation. Patches have been released for version 0.1.3. No known workarounds are available.​
2022-12-02​
not yet calculated​
CVE-2022-46167
MISC
MISC
MISC
MISC
d-link -- dhp-w310av​
D-Link DHP-W310AV 3.10EU was discovered to contain a command injection vulnerability via the System Checks function.​
2022-12-02​
not yet calculated​
CVE-2022-44930
MISC
d-link -- dvg-g5402sp​
D-Link DVG-G5402SP GE_1.03 was discovered to contain a command injection vulnerability via the Maintenance function.​
2022-12-02​
not yet calculated​
CVE-2022-44928
MISC
d-link -- dvg-g5402sp​
An access control issue in D-Link DVG-G5402SP GE_1.03 allows unauthenticated attackers to escalate privileges via arbitrarily editing VoIP SIB profiles.​
2022-12-02​
not yet calculated​
CVE-2022-44929
MISC
dcmtk -- dcmtk​
DCMTK v3.6.7 was discovered to contain a memory leak via the T_ASC_Association object.​
2022-12-02​
not yet calculated​
CVE-2022-43272
MISC
MISC
delta_industrial_automation -- dialink
Delta Industrial Automation DIALink versions prior to v1.5.0.0 Beta 4 uses an external input to construct a pathname intended to identify a file or directory located underneath a restricted parent directory. However, the software does not properly neutralize special elements within the pathname, which can cause the pathname to resolve to a location outside of the restricted directory.​
2022-12-01​
not yet calculated​
CVE-2022-2969
MISC
digital_alert_systems -- dasdec​
A cross-site scripting (XSS) vulnerability exists in all current versions of Digital Alert Systems DASDEC software via the Host Header in undisclosed pages after login.​
2022-12-01​
not yet calculated​
CVE-2022-40204
MISC
digital_alert_systems -- dasdec
Digital Alert Systems’ DASDEC software prior to version 4.1 contains a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via the SSH username, username field of the login page, or via the HTTP host header. The injected content is stored in logs and rendered when viewed in the web application.​
2022-11-30​
not yet calculated​
CVE-2019-18265
MISC
discourse -- discourse​
Discourse is an open-source discussion platform. In version 2.8.13 and prior on the stable branch and version 2.9.0.beta14 and prior on the beta and tests-passed branches, any authenticated user can create an unlisted topic. These topics, which are not readily available to other users, can take up unnecessary site resources. A patch for this issue is available in the main branch of Discourse. There are no known workarounds available.​
2022-12-02​
not yet calculated​
CVE-2022-46159
MISC
MISC
dot_tech -- smart_campus_system​
A vulnerability, which was classified as problematic, has been found in Dot Tech Smart Campus System. Affected by this issue is some unknown functionality of the file /services/Card/findUser. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-214778 is the identifier assigned to this vulnerability.​
2022-12-03​
not yet calculated​
CVE-2022-4280
N/A
N/A
feminer -- wms​
A vulnerability, which was classified as critical, has been found in FeMiner wms. Affected by this issue is some unknown functionality of the file /product/savenewproduct.php?flag=1. The manipulation of the argument upfile leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214760.​
2022-12-03​
not yet calculated​
CVE-2022-4272
MISC
MISC
g810-led -- g810-led​
g810-led 0.4.2, a LED configuration tool for Logitech Gx10 keyboards, contained a udev rule to make supported device nodes world-readable and writable, allowing any process on the system to read traffic from keyboards, including sensitive data.​
2022-11-30​
not yet calculated​
CVE-2022-46338
MISC
MISC
MLIST
github -- enterprise_server
An improper privilege management vulnerability was identified in GitHub Enterprise Server that allowed users with improper privileges to create or delete pages via the API. To exploit this vulnerability, an attacker would need to be added to an organization's repo with write permissions. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.7 and was fixed in versions 3.2.20, 3.3.15, 3.4.10, 3.5.7, and 3.6.3. This vulnerability was reported via the GitHub Bug Bounty program.​
2022-12-01​
not yet calculated​
CVE-2022-23737
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
gl.inet -- goodcloud​
In GL.iNet Goodcloud 1.1 Incorrect access control allows a remote attacker to access/change devices' settings.​
2022-12-01​
not yet calculated​
CVE-2022-44211
MISC
gl.inet -- goodcloud​
In GL.iNet Goodcloud 1.0, insecure design allows remote attacker to access devices' admin panel.​
2022-12-01​
not yet calculated​
CVE-2022-44212
MISC
google -- chrome​
Type confusion in V8 in Google Chrome prior to 108.0.5359.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)​
2022-12-02​
not yet calculated​
CVE-2022-4262
MISC
MISC
grafana -- synthetic_monitoring​
The Synthetic Monitoring Agent for Grafana's Synthetic Monitoring application provides probe functionality and executes network checks for monitoring remote targets. Users running the Synthetic Monitoring agent prior to version 0.12.0 in their local network are impacted. The authentication token used to communicate with the Synthetic Monitoring API is exposed through a debugging endpoint. This token can be used to retrieve the Synthetic Monitoring checks created by the user and assigned to the agent identified with that token. The Synthetic Monitoring API will reject connections from already-connected agents, so access to the token does not guarantee access to the checks. Version 0.12.0 contains a fix. Users are advised to rotate the agent tokens. After upgrading to version v0.12.0 or later, it's recommended that users of distribution packages review the configuration stored in /etc/synthetic-monitoring/synthetic-monitoring-agent.conf, specifically the API_TOKEN variable which has been renamed to SM_AGENT_API_TOKEN. As a workaround for previous versions, it's recommended that users review the agent settings and set the HTTP listening address in a manner that limits the exposure, for example, localhost or a non-routed network, by using the command line parameter -listen-address, e.g. -listen-address localhost:4050.​
2022-11-30​
not yet calculated​
CVE-2022-46156
CONFIRM
MISC
MISC
MISC
MISC
MISC
horner_automation -- remote_compact_controller_972​
The Config-files of Horner Automation’s RCC 972 with firmware version 15.40 are encrypted with weak XOR encryption vulnerable to reverse engineering. This could allow an attacker to obtain credentials to run services such as File Transfer Protocol (FTP) and Hypertext Transfer Protocol (HTTP).​
2022-12-02​
not yet calculated​
CVE-2022-2640
MISC
horner_automation -- remote_compact_controller_972​
Horner Automation’s RCC 972 with firmware version 15.40 has a static encryption key on the device. This could allow an attacker to perform unauthorized changes to the device, remotely execute arbitrary code, or cause a denial-of-service condition.​
2022-12-02​
not yet calculated​
CVE-2022-2641
MISC
horner_automation -- remote_compact_controller_972​
Horner Automation’s RCC 972 firmware version 15.40 contains global variables. This could allow an attacker to read out sensitive values and variable keys from the device.​
2022-12-02​
not yet calculated​
CVE-2022-2642
MISC
house_rental_system -- house_rental_system​
A vulnerability, which was classified as critical, was found in House Rental System. Affected is an unknown function of the file /view-property.php. The manipulation of the argument property_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-214770 is the identifier assigned to this vulnerability.​
2022-12-03​
not yet calculated​
CVE-2022-4274
N/A
N/A
house_rental_system -- house_rental_system​
A vulnerability has been found in House Rental System and classified as critical. Affected by this vulnerability is an unknown functionality of the file search-property.php of the component POST Request Handler. The manipulation of the argument search_property leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-214771.​
2022-12-03​
not yet calculated​
CVE-2022-4275
N/A
N/A
house_rental_system -- house_rental_system​
A vulnerability was found in House Rental System and classified as critical. Affected by this issue is some unknown functionality of the file tenant-engine.php of the component POST Request Handler. The manipulation of the argument id_photo leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214772.​
2022-12-03​
not yet calculated​
CVE-2022-4276
N/A
N/A
ibm -- db2u
IBM Db2U 3.5, 4.0, and 4.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 237212.​
2022-12-01​
not yet calculated​
CVE-2022-41297
MISC
MISC
ibm -- watson_aiops​
IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps 1.4.2 could provide a weaker than expected security. A local attacker can create an outbound network connection to another system. IBM X-Force ID: 240827.​
2022-12-01​
not yet calculated​
CVE-2022-43900
MISC
MISC
ibm -- watson_aiops​
IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps 1.4.3 could disclose sensitive information. An authenticated local attacker could exploit this vulnerability to possibly gain information to other IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps components. IBM X-Force ID: 240829.​
2022-12-01​
not yet calculated​
CVE-2022-43901
MISC
MISC
isic.lk -- isik.lk
An issue was discovered in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to gain sensitive information via the action parameter to /system/user/modules/mod_users/controller.php.​
2022-12-01​
not yet calculated​
CVE-2022-28607
MISC
isic.lk -- isik.lk
SQL Injection vulnerability in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to execute arbitrary commands via the username parameter to /system/user/modules/mod_users/controller.php.​
2022-12-01​
not yet calculated​
CVE-2022-30528
MISC
MISC
ixp -- easyinstall
IXPdata EasyInstall 6.6.14725 contains an access control issue.​
2022-12-01​
not yet calculated​
CVE-2022-35120
MISC
m-files -- m-files_web​
Incorrect privilege assignment issue in M-Files Web in M-Files Web versions before 22.5.11436.1 could have changed permissions accidentally.​
2022-12-02​
not yet calculated​
CVE-2022-4270
MISC
mitsubishi_electric_corporation -- melsec_iq-r_series_rj71en71​
Improper Input Validation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series RJ71EN71 Firmware version "65" and prior and Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120ENCPU Network Part Firmware version "65" and prior allows a remote unauthenticated attacker to cause a Denial of Service condition by sending specially crafted packets. A system reset is required for recovery.​
2022-11-30​
not yet calculated​
CVE-2022-40265
MISC
MISC
movie_ticket_booking_system -- movie_ticket_booking_system​
A vulnerability was found in Movie Ticket Booking System and classified as problematic. Affected by this issue is some unknown functionality of the file editBooking.php. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214628.​
2022-12-01​
not yet calculated​
CVE-2022-4251
N/A
N/A
moxa -- multiple_products
An attacker with physical access to Moxa's bootloader versions of UC-8580 Series V1.1, UC-8540 Series V1.0 to V1.2, UC-8410A Series V2.2, UC-8200 Series V1.0 to V2.4, UC-8100A-ME-T Series V1.0 to V1.1, UC-8100 Series V1.2 to V1.3, UC-5100 Series V1.2, UC-3100 Series V1.2 to V2.0, UC-2100 Series V1.3 to V1.5, and UC-2100-W Series V1.3 to V1.5 can initiate a restart of the device and gain access to its BIOS. Command line options can then be altered, allowing the attacker to access the terminal. From the terminal, the attacker can modify the device’s authentication files to create a new user and gain full access to the system.​
2022-12-02​
not yet calculated​
CVE-2022-3086
MISC
nextcloud -- server​
Nextcloud Server is an open source personal cloud server. Prior to versions 23.0.10 and 24.0.5, calendar name lengths are not validated before writing to a database. As a result, an attacker can send unnecessary amounts of data against the database. Version 23.0.10 and 24.0.5 contain patches for the issue. No known workarounds are available.​
2022-12-01​
not yet calculated​
CVE-2022-41968
MISC
MISC
MISC
nextcloud -- server​
Nextcloud Server is an open source personal cloud server. Prior to versions 23.0.11, 24.0.7, and 25.0.0, there is no password length limit when creating a user as an administrator. An administrator can cause a limited DoS attack against their own server. Versions 23.0.11, 24.0.7, and 25.0.0 contain a fix for the issue. As a workaround, don't create user accounts with long passwords.​
2022-12-01​
not yet calculated​
CVE-2022-41969
MISC
MISC
MISC
nextcloud -- server​
Nextcloud Server is an open source personal cloud server. Prior to versions 24.0.7 and 25.0.1, disabled download shares still allow download through preview images. Images could be downloaded and previews of documents (first page) can be downloaded without being watermarked. Versions 24.0.7 and 25.0.1 contain a fix for this issue. No known workarounds are available.​
2022-12-01​
not yet calculated​
CVE-2022-41970
MISC
MISC
MISC
nextcloud -- talk_android
Nextcould Talk android is a video and audio conferencing app for Nextcloud. Prior to versions 12.2.8, 13.0.10, 14.0.6, and 15.0.0, guests can continue to receive video streams from a call after being removed from a conversation. An attacker would be able to see videos on a call in a public conversation after being removed from that conversation, provided that they were removed while being in the call. Versions 12.2.8, 13.0.10, 14.0.6, and 15.0.0 contain patches for the issue. No known workarounds are available.​
2022-12-01​
not yet calculated​
CVE-2022-41971
MISC
MISC
MISC
ni -- labview_command_line_interface​
Incorrect default permissions in the installation folder for NI LabVIEW Command Line Interface (CLI) may allow an authenticated user to potentially enable escalation of privilege via local access.​
2022-12-01​
not yet calculated​
CVE-2022-42718
MISC
osticket -- osticket​
Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to 1.16.4.​
2022-12-02​
not yet calculated​
CVE-2022-4271
CONFIRM
MISC
rocket_software -- trufusion_enterprise​
An arbitrary file upload vulnerability in Rocket TRUfusion Enterprise before 7.9.6.1 allows unauthenticated attackers to execute arbitrary code via a crafted JSP file. Issue fixed in version 7.9.6.1.​
2022-12-01​
not yet calculated​
CVE-2022-36431
MISC
CONFIRM
rukovoditel -- rukovoditel​
Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add Announcement function at /index.php?module=help_pages/pages&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field.​
2022-12-02​
not yet calculated​
CVE-2022-44944
MISC
MISC
rukovoditel -- rukovoditel​
Rukovoditel v3.2.1 was discovered to contain a SQL injection vulnerability via the heading_field_id parameter.​
2022-12-02​
not yet calculated​
CVE-2022-44945
MISC
MISC
rukovoditel -- rukovoditel​
Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add Page function at /index.php?module=help_pages/pages&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field.​
2022-12-02​
not yet calculated​
CVE-2022-44946
MISC
MISC
rukovoditel -- rukovoditel​
Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Highlight Row feature at /index.php?module=entities/listing_types&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Note field after clicking "Add".​
2022-12-02​
not yet calculated​
CVE-2022-44947
MISC
MISC
rukovoditel -- rukovoditel​
Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Entities Group feature at/index.php?module=entities/entities_groups. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field after clicking "Add".​
2022-12-02​
not yet calculated​
CVE-2022-44948
MISC
MISC
rukovoditel -- rukovoditel​
Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add New Field function at /index.php?module=entities/fields&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Short Name field.​
2022-12-02​
not yet calculated​
CVE-2022-44949
MISC
MISC
rukovoditel -- rukovoditel​
Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add New Field function at /index.php?module=entities/fields&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.​
2022-12-02​
not yet calculated​
CVE-2022-44950
MISC
MISC
rukovoditel -- rukovoditel​
Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add New Form tab function at /index.php?module=entities/forms&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.​
2022-12-02​
not yet calculated​
CVE-2022-44951
MISC
MISC
rukovoditel -- rukovoditel​
Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in /index.php?module=configuration/application. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Copyright Text field after clicking "Add".​
2022-12-02​
not yet calculated​
CVE-2022-44952
MISC
MISC
shaoxing -- background_management_system​
A vulnerability was found in Shaoxing Background Management System. It has been declared as critical. This vulnerability affects unknown code of the file /Default/Bd. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-214774 is the identifier assigned to this vulnerability.​
2022-12-03​
not yet calculated​
CVE-2022-4277
N/A
N/A
snakeyaml -- snakeyaml
SnakeYaml's Constructor() class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml's SafeConsturctor when parsing untrusted content to restrict deserialization.​
2022-12-01​
not yet calculated​
CVE-2022-1471
MISC
sophos -- firewall​
An OS command injection vulnerability allows admins to execute code via SSL VPN configuration uploads in Sophos Firewall older than version 19.5 GA.​
2022-12-01​
not yet calculated​
CVE-2022-3226
CONFIRM
sophos -- firewall​
A post-auth code injection vulnerability allows admins to execute code in Webadmin of Sophos Firewall older than version 19.5 GA.​
2022-12-01​
not yet calculated​
CVE-2022-3696
CONFIRM
sophos -- firewall​
A code injection vulnerability allows adjacent attackers to execute code in the Wifi controller of Sophos Firewall older than version 19.5 GA.​
2022-12-01​
not yet calculated​
CVE-2022-3713
CONFIRM
sourcecodester -- human_resource_management_system​
A vulnerability, which was classified as critical, has been found in SourceCodester Human Resource Management System 1.0. This issue affects some unknown processing of the file /hrm/controller/employee.php of the component Content-Type Handler. The manipulation of the argument pfimg leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-214769 was assigned to this vulnerability.​
2022-12-03​
not yet calculated​
CVE-2022-4273
MISC
MISC
sourcecodester -- human_resource_management_system​
A vulnerability was found in SourceCodester Human Resource Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /hrm/employeeadd.php. The manipulation of the argument empid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-214775.​
2022-12-03​
not yet calculated​
CVE-2022-4278
N/A
N/A
sourcecodester -- human_resource_management_system​
A vulnerability classified as problematic has been found in SourceCodester Human Resource Management System 1.0. Affected is an unknown function of the file /hrm/employeeview.php. The manipulation of the argument search leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214776.​
2022-12-03​
not yet calculated​
CVE-2022-4279
N/A
N/A
ssl_network_extender -- ssl_network_extender​
The IPsec VPN blade has a dedicated portal for downloading and connecting through SSL Network Extender (SNX). If the portal is configured for username/password authentication, it is vulnerable to a brute-force attack on usernames and passwords.​
2022-11-30​
not yet calculated​
CVE-2022-23746
MISC
swiftterm -- swiftterm
SwiftTerm is a Xterm/VT100 Terminal emulator. Prior to commit a94e6b24d24ce9680ad79884992e1dff8e150a31, an attacker could modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. Version a94e6b24d24ce9680ad79884992e1dff8e150a31 contains a patch for this issue. There are no known workarounds available.​
2022-12-02​
not yet calculated​
CVE-2022-23465
MISC
MISC
telenia_software -- tvox​
Telenia Software s.r.l TVox before v22.0.17 was discovered to contain a remote code execution (RCE) vulnerability in the component action_export_control.php.​
2022-12-01​
not yet calculated​
CVE-2022-43333
MISC
telepad -- pc_keyboard_wifi/bluetooth​
PC Keyboard WiFi & Bluetooth allows an attacker (in a man-in-the-middle position between the server and a connected device) to see all data (including keypresses) in cleartext. CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N​
2022-12-02​
not yet calculated​
CVE-2022-45480
MISC
telos_alliance -- omnia_mpx_node​
An unauthenticated command injection vulnerability in the product license validation function of Telos Alliance Omnia MPX Node 1.3.* - 1.4.* allows attackers to execute arbitrary commands via a crafted payload injected into the license input.​
2022-12-02​
not yet calculated​
CVE-2022-43325
MISC
telos_alliance -- omnia_mpx_node​
Insecure permissions in Telos Alliance Omnia MPX Node v1.0.0 to v1.4.9 allow attackers to manipulate and access system settings with backdoor account low privilege, this can lead to change hardware settings and execute arbitrary commands in vulnerable system functions that is requires high privilege to access.​
2022-12-02​
not yet calculated​
CVE-2022-45562
MISC
tenda -- ac6​
Tenda Tenda AC6V1.0 V15.03.05.19 is affected by buffer overflow. Causes a denial of service (local).​
2022-12-01​
not yet calculated​
CVE-2022-45640
MISC
MISC
tenda -- ac6​
Tenda AC6V1.0 V15.03.05.19 is vulnerable to Buffer Overflow via formSetMacFilterCfg.​
2022-12-02​
not yet calculated​
CVE-2022-45641
MISC
tenda -- ac6​
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceId parameter in the addWifiMacFilter function.​
2022-12-02​
not yet calculated​
CVE-2022-45643
MISC
tenda -- ac6​
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceId parameter in the formSetClientState function.​
2022-12-02​
not yet calculated​
CVE-2022-45644
MISC
tenda -- ac6​
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceMac parameter in the addWifiMacFilter function.​
2022-12-02​
not yet calculated​
CVE-2022-45645
MISC
tenda -- ac6​
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the limitSpeedUp parameter in the formSetClientState function.​
2022-12-02​
not yet calculated​
CVE-2022-45646
MISC
tenda -- ac6​
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the limitSpeed parameter in the formSetClientState function.​
2022-12-02​
not yet calculated​
CVE-2022-45647
MISC
tenda -- ac6​
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the devName parameter in the formSetDeviceName function.​
2022-12-02​
not yet calculated​
CVE-2022-45648
MISC
tenda -- ac6​
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the endIp parameter in the formSetPPTPServer function.​
2022-12-02​
not yet calculated​
CVE-2022-45649
MISC
tenda -- ac6​
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the firewallEn parameter in the formSetFirewallCfg function.​
2022-12-02​
not yet calculated​
CVE-2022-45650
MISC
tenda -- ac6​
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the list parameter in the formSetVirtualSer function.​
2022-12-02​
not yet calculated​
CVE-2022-45651
MISC
tenda -- ac6​
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the startIp parameter in the formSetPPTPServer function.​
2022-12-02​
not yet calculated​
CVE-2022-45652
MISC
tenda -- ac6​
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the page parameter in the fromNatStaticSetting function.​
2022-12-02​
not yet calculated​
CVE-2022-45653
MISC
tenda -- ac6​
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the ssid parameter in the form_fast_setting_wifi_set function.​
2022-12-02​
not yet calculated​
CVE-2022-45654
MISC
tenda -- ac6​
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the timeZone parameter in the form_fast_setting_wifi_set function.​
2022-12-02​
not yet calculated​
CVE-2022-45655
MISC
tenda -- ac6​
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the fromSetSysTime function.​
2022-12-02​
not yet calculated​
CVE-2022-45656
MISC
tenda -- ac6​
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function.​
2022-12-02​
not yet calculated​
CVE-2022-45657
MISC
tenda -- ac6​
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the schedEndTime parameter in the setSchedWifi function.​
2022-12-02​
not yet calculated​
CVE-2022-45658
MISC
tenda -- ac6​
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the wpapsk_crypto parameter in the fromSetWirelessRepeat function.​
2022-12-02​
not yet calculated​
CVE-2022-45659
MISC
tenda -- ac6​
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the schedStartTime parameter in the setSchedWifi function.​
2022-12-02​
not yet calculated​
CVE-2022-45660
MISC
tenda -- ac6​
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the setSmartPowerManagement function.​
2022-12-02​
not yet calculated​
CVE-2022-45661
MISC
tenda -- ac6​
Tenda AC6V1.0 V15.03.05.19 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet.​
2022-12-02​
not yet calculated​
CVE-2022-45673
MISC
tenda -- ac6​
Tenda AC6V1.0 V15.03.05.19 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot.​
2022-12-02​
not yet calculated​
CVE-2022-45674
MISC
tenda -- i21​
Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/AddSysLogRule.​
2022-12-02​
not yet calculated​
CVE-2022-44362
MISC
tenda -- i21​
Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setSnmpInfo.​
2022-12-02​
not yet calculated​
CVE-2022-44363
MISC
tenda -- i21​
Tenda i21 V1.0.0.14(4656) has a stack overflow vulnerability via /goform/setSysPwd.​
2022-12-02​
not yet calculated​
CVE-2022-44365
MISC
tenda -- i21​
Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setDiagnoseInfo.​
2022-12-02​
not yet calculated​
CVE-2022-44366
MISC
tenda -- i21​
Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setUplinkInfo.​
2022-12-02​
not yet calculated​
CVE-2022-44367
MISC
tenda -- i22​
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterSet function.​
2022-12-02​
not yet calculated​
CVE-2022-45663
MISC
tenda -- i22​
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDget function.​
2022-12-02​
not yet calculated​
CVE-2022-45664
MISC
tenda -- i22​
Tenda i22 V1.0.0.3(4687) is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet.​
2022-12-02​
not yet calculated​
CVE-2022-45667
MISC
tenda -- i22​
Tenda i22 V1.0.0.3(4687) is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot.​
2022-12-02​
not yet calculated​
CVE-2022-45668
MISC
tenda -- i22​
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterGet function.​
2022-12-02​
not yet calculated​
CVE-2022-45669
MISC
tenda -- i22​
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the ping1 parameter in the formSetAutoPing function.​
2022-12-02​
not yet calculated​
CVE-2022-45670
MISC
tenda -- i22​
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the appData parameter in the formSetAppFilterRule function.​
2022-12-02​
not yet calculated​
CVE-2022-45671
MISC
tenda -- i22​
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the formWx3AuthorizeSet function.​
2022-12-02​
not yet calculated​
CVE-2022-45672
MISC
thisaay -- lazy_mouse​
Lazy Mouse server enforces weak password requirements and doesn't implement rate limiting, allowing remote unauthenticated users to easily and quickly brute force the PIN and execute arbitrary commands. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H​
2022-12-02​
not yet calculated​
CVE-2022-45482
MISC
thisaay -- lazy_mouse​
Lazy Mouse allows an attacker (in a man in the middle position between the server and a connected device) to see all data (including keypresses) in cleartext. CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N​
2022-12-02​
not yet calculated​
CVE-2022-45483
MISC
tribal_systems -- zenario_cms
A vulnerability, which was classified as problematic, has been found in Tribal Systems Zenario CMS 9.3.57595. This issue affects some unknown processing of the component Remember Me Handler. The manipulation leads to session fixiation. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-214589 was assigned to this vulnerability.​
2022-11-30​
not yet calculated​
CVE-2022-4231
MISC
MISC
ulusal_siber_olaylara_müdahale_merkezi -- prens_student_information_system​
Algan Yazılım Prens Student Information System product has an unauthenticated SQL Injection vulnerability.​
2022-12-02​
not yet calculated​
CVE-2022-2807
CONFIRM
ulusal_siber_olaylara_müdahale_merkezi -- prens_student_information_system​
Algan Yaz?l?m Prens Student Information System product has an authenticated Insecure Direct Object Reference (IDOR) vulnerability.​
2022-12-02​
not yet calculated​
CVE-2022-2808
CONFIRM
vim -- vim
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0742.​
2022-12-03​
not yet calculated​
CVE-2022-3491
CONFIRM
MISC
vim -- vim
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765.​
2022-12-02​
not yet calculated​
CVE-2022-3520
MISC
CONFIRM
vim -- vim
Use After Free in GitHub repository vim/vim prior to 9.0.0789.​
2022-12-02​
not yet calculated​
CVE-2022-3591
MISC
CONFIRM
webtareas -- webtareas​
webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in deleteapprovalstages.php.​
2022-12-02​
not yet calculated​
CVE-2022-44290
MISC
MISC
webtareas -- webtareas​
webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in phasesets.php.​
2022-12-02​
not yet calculated​
CVE-2022-44291
MISC
MISC
webtareas -- webtareas​
webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /linkedcontent/listfiles.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field after clicking "Add".​
2022-12-02​
not yet calculated​
CVE-2022-44953
MISC
MISC
webtareas -- webtareas​
webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /contacts/listcontacts.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Last Name field after clicking "Add".​
2022-12-02​
not yet calculated​
CVE-2022-44954
MISC
MISC
webtareas -- webtareas​
webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the Chat function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Messages field.​
2022-12-02​
not yet calculated​
CVE-2022-44955
MISC
MISC
webtareas -- webtareas​
webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /projects/listprojects.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.​
2022-12-02​
not yet calculated​
CVE-2022-44956
MISC
MISC
webtareas -- webtareas​
webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /clients/listclients.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.​
2022-12-02​
not yet calculated​
CVE-2022-44957
MISC
MISC
webtareas -- webtareas​
webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /meetings/listmeetings.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.​
2022-12-02​
not yet calculated​
CVE-2022-44959
MISC
MISC
webtareas -- webtareas​
webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /general/search.php?searchtype=simple. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search field.​
2022-12-02​
not yet calculated​
CVE-2022-44960
MISC
MISC
webtareas -- webtareas​
webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /forums/editforum.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.​
2022-12-02​
not yet calculated​
CVE-2022-44961
MISC
MISC
webtareas -- webtareas​
webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /calendar/viewcalendar.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Subject field.​
2022-12-02​
not yet calculated​
CVE-2022-44962
MISC
MISC
western_digital -multiple_products
A path traversal vulnerability was addressed in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi which could allow an attacker to initiate installation of custom ZIP packages and overwrite system files. This could potentially lead to a code execution.​
2022-12-01​
not yet calculated​
CVE-2022-29837
MISC
wordpress -- wordpress​
The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'datef' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.​
2022-12-02​
not yet calculated​
CVE-2022-4208
MISC
MISC
MISC
wordpress -- wordpress​
The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'pointsf' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.​
2022-12-02​
not yet calculated​
CVE-2022-4209
MISC
MISC
MISC
wordpress -- wordpress​
The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'dnf' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.​
2022-12-02​
not yet calculated​
CVE-2022-4210
MISC
MISC
MISC
wordpress -- wordpress​
The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'emailf' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.​
2022-12-02​
not yet calculated​
CVE-2022-4211
MISC
MISC
MISC
wordpress -- wordpress​
The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'ipf' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.​
2022-12-02​
not yet calculated​
CVE-2022-4212
MISC
MISC
MISC
wordpress -- wordpress​
The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'dn' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.​
2022-12-02​
not yet calculated​
CVE-2022-4213
MISC
MISC
wordpress -- wordpress​
The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'ip' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.​
2022-12-02​
not yet calculated​
CVE-2022-4214
MISC
MISC
MISC
wordpress -- wordpress​
The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'date' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.​
2022-12-02​
not yet calculated​
CVE-2022-4215
MISC
MISC
MISC
wordpress -- wordpress​
The Chained Quiz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'facebook_appid' parameter in versions up to, and including, 1.3.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrative privileges to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.​
2022-12-02​
not yet calculated​
CVE-2022-4216
MISC
MISC
MISC
MISC
wordpress -- wordpress​
The Chained Quiz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'api_key' parameter in versions up to, and including, 1.3.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrative privileges to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.​
2022-12-02​
not yet calculated​
CVE-2022-4217
MISC
MISC
MISC
MISC
wordpress -- wordpress​
The Chained Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.2.4. This is due to missing nonce validation on the list_quizzes() function. This makes it possible for unauthenticated attackers to delete quizzes and copy quizzes via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.​
2022-12-02​
not yet calculated​
CVE-2022-4218
MISC
MISC
MISC
wordpress -- wordpress​
The Chained Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.2.4. This is due to missing nonce validation on the manage() function. This makes it possible for unauthenticated attackers to delete submitted quiz responses via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.​
2022-12-02​
not yet calculated​
CVE-2022-4219
MISC
MISC
MISC
wordpress -- wordpress​
The Chained Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.2.4. This is due to missing nonce validation on the list_questions() function. This makes it possible for unauthenticated attackers to delete questions from quizzes via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.​
2022-12-02​
not yet calculated​
CVE-2022-4220
MISC
MISC
MISC
MISC
Back to top

This product is provided subject to this Notification and this Privacy & Use policy.

Continue reading...