US-CERT Bulletin (SB22-108)yokogawa - centum:Vulnerability Summary for the Week of April 11, 2022

The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

High: vulnerabilities with a CVSS base score of 7.0–10.0
Medium: vulnerabilities with a CVSS base score of 4.0–6.9
Low: vulnerabilities with a CVSS base score of 0.0–3.9

Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.

High Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
dell — emc_unity_operating_environment	Dell VNX2 for file version 8.1.21.266 and earlier, contain an unauthenticated remote code execution vulnerability which may lead unauthenticated users to execute commands on the system.	2022-04-08	10	CVE-2021-36287 MISC
foscam — fi9805e_firmware	FOSCAM Camera FI9805E with firmware V4.02.R12.00018510.10012.143900.00000 contains a backdoor that opens Telnet port when special command is sent on port 9530.	2022-04-08	10	CVE-2021-43517 MISC
dell — emc_powerscale_onefs	Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain risky cryptographic algorithms. A remote unprivileged malicious attacker could potentially exploit this vulnerability, leading to full system access	2022-04-08	10	CVE-2022-26854 MISC
kevinlab — 4st_l-bems	An Access Control vulnerability exists in KevinLAB Inc Building Energy Management System 4ST BEMS 1.0.0 due to an undocumented backdoor account. A malicious user can log in using the backdor account with admin highest privileges and obtain system control.	2022-04-11	9	CVE-2021-37292 MISC MISC
ritecms — ritecms	RiteCMS version 3.1.0 and below suffers from a remote code execution vulnerability in the admin panel. An authenticated attacker can upload a PHP file and bypass the .htacess configuration to deny execution of .php files in media and files directory by default.	2022-04-08	9	CVE-2021-46367 MISC MISC MISC MISC
trendmicro — antivirus_for_mac	A link following vulnerability in Trend Micro Antivirus for Mac 11.5 could allow an attacker to create a specially-crafted file as a symlink that can lead to privilege escalation. Please note that an attacker must at least have low-level privileges on the system to attempt to exploit this vulnerability.	2022-04-09	8.5	CVE-2022-27883 N/A N/A
zyxel — vmg3312-t20a_firmware	A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface.	2022-04-11	7.7	CVE-2022-26413 CONFIRM
kevinlab — 4st_l-bems	An SQL Injection vulnerability exists in KevinLAB Inc Building Energy Management System 4ST BEMS 1.0.0 ivia the input_id POST parameter in index.php.	2022-04-11	7.5	CVE-2021-37291 MISC MISC
laravel — laravel	A Remote Code Execution (RCE) vulnerability exists in h laravel 5.8.38 via an unserialize pop chain in (1) __destruct in \Routing\PendingResourceRegistration.php, (2) __cal in Queue\Capsule\Manager.php, and (3) __invoke in mockery\library\Mockery\ClosureWrapper.php.	2022-04-08	7.5	CVE-2021-43503 MISC
stopbadbots — block_and_stop_bad_bots	The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection WordPress plugin before 6.930 does not properly sanitise and escape the fingerprint parameter before using it in a SQL statement via the stopbadbots_grava_fingerprint AJAX action, available to unauthenticated users, leading to a SQL injection	2022-04-11	7.5	CVE-2022-0949 MISC
mruby — mruby	Out-of-bounds Read in mrb_get_args in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited.	2022-04-10	7.5	CVE-2022-1276 MISC CONFIRM
school_club_application_system_project — school_club_application_system	A vulnerability classified as critical was found in School Club Application System 1.0. This vulnerability affects a request to the file /scas/classes/Users.php?f=save_user. The manipulation with a POST request leads to privilege escalation. The attack can be initiated remotely and does not require authentication. The exploit has been disclosed to the public and may be used.	2022-04-09	7.5	CVE-2022-1287 N/A
fullpage_project — fullpage	Prototype Pollution in GitHub repository alvarotrigo/fullpage.js prior to 4.0.2.	2022-04-11	7.5	CVE-2022-1295 CONFIRM MISC
dell — emc_powerscale_onefs	Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a predictable seed in pseudo-random number generator. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to an account compromise.	2022-04-08	7.5	CVE-2022-26852 MISC
moguit — mogu_blog_cms	mogu_blog_cms 5.2 suffers from upload arbitrary files without any limitation.	2022-04-08	7.5	CVE-2022-27047 MISC
std42 — elfinder	In Studio-42 elFinder 2.1.60, there is a vulnerability that causes remote code execution through file name bypass for file upload.	2022-04-11	7.5	CVE-2022-27115 MISC
zbzcms — zbzcms	zbzcms v1.0 was discovered to contain a SQL injection vulnerability via the art parameter at /include/make.php.	2022-04-10	7.5	CVE-2022-27126 MISC
zbzcms — zbzcms	An incorrect access control issue at /admin/run_ajax.php in zbzcms v1.0 allows attackers to arbitrarily add administrator accounts.	2022-04-10	7.5	CVE-2022-27128 MISC
zbzcms — zbzcms	An arbitrary file upload vulnerability at /admin/ajax.php in zbzcms v1.0 allows attackers to execute arbitrary code via a crafted PHP file.	2022-04-10	7.5	CVE-2022-27129 MISC
zbzcms — zbzcms	An arbitrary file upload vulnerability at /zbzedit/php/zbz.php in zbzcms v1.0 allows attackers to execute arbitrary code via a crafted PHP file.	2022-04-10	7.5	CVE-2022-27131 MISC
zoo_management_system_project — zoo_management_system	Zoo Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via /public_html/apply_vacancy. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.	2022-04-08	7.5	CVE-2022-27351 MISC MISC MISC
ecommerce-website_project — ecommerce-website	Ecommerce-Website v1 was discovered to contain an arbitrary file upload vulnerability via /customer_register.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.	2022-04-08	7.5	CVE-2022-27357 MISC MISC MISC
newbee-mall_project — newbee-mall	Newbee-Mall v1.0.0 was discovered to contain an arbitrary file upload via the Upload function at /admin/goods/edit.	2022-04-10	7.5	CVE-2022-27477 MISC
movie_seat_reservation_project — movie_seat_reservation	Movie Seat Reservation v1 was discovered to contain a SQL injection vulnerability at /index.php?page=reserve via the id parameter.	2022-04-08	7.5	CVE-2022-28001 MISC MISC
zyxel — zyxel_ap_configurator	A local privilege escalation vulnerability caused by incorrect permission assignment in some directories of the Zyxel AP Configurator (ZAC) version 1.1.4, which could allow an attacker to execute arbitrary code as a local administrator.	2022-04-11	7.2	CVE-2022-0556 CONFIRM
google — android	In mdp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05836418; Issue ID: ALPS05836418.	2022-04-11	7.2	CVE-2022-20062 MISC
google — android	In ccci, there is a possible leak of kernel pointer due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108617; Issue ID: ALPS06108617.	2022-04-11	7.2	CVE-2022-20064 MISC
fujitsu — plugfree_network	In Fujitsu PlugFree Network <= 7.3.0.3, an Unquoted service path in PFNService.exe software allows a local attacker to potentially escalate privileges to system level.	2022-04-11	7.2	CVE-2022-27089 MISC
linux — linux_kernel	The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.	2022-04-11	7.2	CVE-2022-28893 MISC MLIST MLIST MLIST

Medium Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
google — android	In mdp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS05836642; Issue ID: ALPS05836642.	2022-04-11	6.9	CVE-2022-20052 MISC
google — android	In atf (spm), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06171715; Issue ID: ALPS06171715.	2022-04-11	6.9	CVE-2022-20063 MISC
linux — linux_kernel	jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition.	2022-04-08	6.9	CVE-2022-28796 MISC MISC
ibm — sterling_b2b_integrator	IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.3, and 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 186283.	2022-04-08	6.8	CVE-2020-4668 XF CONFIRM
webmin — webmin	A cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Scheduled Cron Jobs feature.	2022-04-11	6.8	CVE-2021-32156 MISC
webmin — webmin	A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via the Scheduled Cron Jobs feature.	2022-04-11	6.8	CVE-2021-32157 MISC
webmin — webmin	A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Upload and Download feature.	2022-04-11	6.8	CVE-2021-32159 MISC
webmin — webmin	A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 through the File Manager feature.	2022-04-11	6.8	CVE-2021-32162 MISC
libsixel_project — libsixel	libsixel before 1.10 is vulnerable to Buffer Overflow in libsixel/src/quant.c:867.	2022-04-08	6.8	CVE-2021-40656 MISC
libsixel_project — libsixel	libsixel 1.10.0 is vulnerable to Use after free in libsixel/src/dither.c:379.	2022-04-08	6.8	CVE-2021-41715 MISC
kimai — kimai	CSV Injection (aka Excel Macro Injection or Formula Injection) exists in creating new timesheet in Kimai. By filling the Description field with malicious payload, it will be mistreated while exporting to a CSV file.	2022-04-08	6.8	CVE-2021-43515 MISC
zzcms — zzcms	An issue was discovered in ZZCMS 2021. There is a SQL injection vulnerability in ad_manage.php.	2022-04-08	6.8	CVE-2021-46436 MISC
qdpm — qdpm	qdPM 9.2 allows Cross-Site Request Forgery (CSRF) via the index.php/myAccount/update URI.	2022-04-08	6.8	CVE-2022-26180 MISC MISC
libsixel_project — libsixel	libsixel 1.8.6 is affected by Buffer Overflow in libsixel/src/quant.c:876.	2022-04-08	6.8	CVE-2022-27044 MISC
libsixel_project — libsixel	libsixel 1.8.6 suffers from a Heap Use After Free vulnerability in in libsixel/src/dither.c:388.	2022-04-08	6.8	CVE-2022-27046 MISC
bolt — bolt_cms	Bolt CMS <= 4.2 is vulnerable to Remote Code Execution. Unsafe theme rendering allows an authenticated attacker to edit theme to inject server-side template injection that leads to remote code execution.	2022-04-11	6.5	CVE-2021-40219 MISC MISC MISC MISC
elbtide — advanced_booking_calendar	The Advanced Booking Calendar WordPress plugin before 1.7.1 does not sanitise and escape the id parameter when editing Calendars, which could allow high privilege users such as admin to perform SQL injection attacks	2022-04-11	6.5	CVE-2022-1006 MISC CONFIRM
ocdi — one_click_demo_import	The One Click Demo Import WordPress plugin before 3.1.0 does not validate the imported file, allowing high privilege users such as admin to upload arbitrary files (such as PHP) even when FILE_MODS and FILE_EDIT are disallowed	2022-04-11	6.5	CVE-2022-1008 MISC CONFIRM
secondlinethemes — podcast_importer_secondline	The Podcast Importer SecondLine WordPress plugin before 1.3.8 does not sanitise and properly escape some imported data, which could allow SQL injection attacks to be performed by imported a malicious podcast file	2022-04-11	6.5	CVE-2022-1023 CONFIRM MISC
ibm — planning_analytics	IBM Planning Analytics 2.0 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 219736.	2022-04-08	6.5	CVE-2022-22339 XF CONFIRM
dell — emc_powerscale_onefs	Dell PowerScale OneFS, versions 8.2.x, 9.0.0.x, 9.1.0.x, 9.2.0.x, 9.2.1.x, and 9.3.0.x, contain an improper preservation of privileges. A remote filesystem user with a local account could potentially exploit this vulnerability, leading to an escalation of file privileges and information disclosure.	2022-04-08	6.5	CVE-2022-24428 MISC
aerocms_project — aerocms	AeroCMS v0.0.1 was discovered to contain an arbitrary file upload vulnerability via the Post Image function under the Admin panel. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.	2022-04-08	6.5	CVE-2022-27061 MISC MISC MISC
musical_world_project — musical_world	Musical World v1 was discovered to contain an arbitrary file upload vulnerability via uploaded_songs.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.	2022-04-08	6.5	CVE-2022-27064 MISC MISC MISC
ecommerce-website_project — ecommerce-website	Ecommece-Website v1.1.0 was discovered to contain an arbitrary file upload vulnerability via /admin/index.php?slides. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.	2022-04-08	6.5	CVE-2022-27346 MISC MISC MISC
socialcodia — social_codia_sms	Social Codia SMS v1 was discovered to contain an arbitrary file upload vulnerability via addteacher.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.	2022-04-08	6.5	CVE-2022-27349 MISC MISC MISC
simple_house_rental_system_project — simple_house_rental_system	Simple House Rental System v1 was discovered to contain an arbitrary file upload vulnerability via /app/register.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.	2022-04-08	6.5	CVE-2022-27352 MISC MISC MISC
zoo_management_system_project — zoo_management_system	Zoo Management System v1.0 was discovered to contain a SQL injection vulnerability at /public_html/animals via the class_id parameter.	2022-04-08	6.5	CVE-2022-27992 MISC MISC
car_rental_system_project — car_rental_system	Car Rental System v1.0 was discovered to contain a SQL injection vulnerability at /Car_Rental/booking.php via the id parameter.	2022-04-08	6.5	CVE-2022-28000 MISC MISC
dell — emc_unity_operating_environment	Dell VNX2 for File version 8.1.21.266 and earlier, contain a path traversal vulnerability which may lead unauthenticated users to read/write restricted files	2022-04-08	6.4	CVE-2021-36288 MISC
huawei — emui	The multi-window module has a vulnerability of unauthorized insertion and tampering of Settings.Secure data.Successful exploitation of this vulnerability may affect the availability.	2022-04-11	6.4	CVE-2021-46742 MISC MISC
radare — radare2	Out-of-bounds read in `r_bin_ne_get_relocs` function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability may allow attackers to read sensitive information or cause a crash.	2022-04-11	6.4	CVE-2022-1296 CONFIRM MISC
radare — radare2	Out-of-bounds Read in r_bin_ne_get_entrypoints function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability may allow attackers to read sensitive information or cause a crash.	2022-04-11	6.4	CVE-2022-1297 MISC CONFIRM
dell — emc_powerscale_onefs	Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state vulnerability. An unprivileged network attacker could potentially exploit this vulnerability, leading to data loss.	2022-04-08	6.4	CVE-2022-26851 MISC
zbzcms — zbzcms	zbzcms v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /php/ajax.php.	2022-04-10	6.4	CVE-2022-27127 MISC
zbzcms — zbzcms	zbzcms v1.0 was discovered to contain an arbitrary file deletion vulnerability via /include/up.php.	2022-04-10	6.4	CVE-2022-27133 MISC
lua — lua	singlevar in lparser.c in Lua through 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code.	2022-04-08	6.4	CVE-2022-28805 MISC MISC MISC MISC
xwiki — xwiki	XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Simple users can create global SSX/JSX without specific rights: in theory only users with Programming Rights should be allowed to create SSX or JSX that are executed everywhere on a wiki. But a bug allow anyone with edit rights to actually create those. This issue has been patched in XWiki 13.10-rc-1, 12.10.11 and 13.4.6. There’s no easy workaround for this issue, administrators should upgrade their wiki.	2022-04-08	5.5	CVE-2022-24821 MISC CONFIRM
febs-security_project — febs-security	Insecure permissions configured in the userid parameter at /user/getuserprofile of FEBS-Security v1.0 allows attackers to access and arbitrarily modify users’ personal information.	2022-04-10	5.5	CVE-2022-27958 MISC
ofcms_project — ofcms	Insecure permissions configured in the user_id parameter at SysUserController.java of OFCMS v1.1.4 allows attackers to access and arbitrarily modify users’ personal information.	2022-04-10	5.5	CVE-2022-27960 MISC
claro — kaon_cg3000_firmware	An Access Control vulnerability exists in CLARO KAON CG3000 1.00.67 in the router configuration, which could allow a malicious user to read or update the configuraiton without authentication.	2022-04-08	5.2	CVE-2021-43483 MISC
ibm — system_storage_ds8000_management_console_firmware	IBM System Storage DS8000 Management Console (HMC) R8.5 88.5x.x.x, R9.1 89.1x.0.0, and R9.2 89.2x.0.0 could allow a remote attacker to obtain sensitive information through unpublished URLs. IBM X-Force ID: 210330.	2022-04-11	5	CVE-2021-38929 CONFIRM XF
ibm — system_storage_ds8000_management_console_firmware	IBM System Storage DS8000 Management Console (HMC) R8.5 88.5x.x.x, R9.1 89.1x.0.0, and R9.2 89.2x.0.0 could allow a remote attacker to obtain sensitive information through unpublished URLs. IBM X-Force ID: 210331.	2022-04-11	5	CVE-2021-38930 CONFIRM XF
huawei — emui	The communication module has a service logic error vulnerability.Successful exploitation of this vulnerability may affect data confidentiality.	2022-04-11	5	CVE-2021-40065 MISC MISC
atutor — atutor	An Access Control vulnerability exists in ATutor 2.2.4 in password_reminder.php when the g, id, h, form_password_hidden, and form_change HTTP POST parameters are set.	2022-04-08	5	CVE-2021-43498 MISC MISC
zlog_project — zlog	A Buffer Overflow vulnerability exists in zlog 1.2.15 via zlog_conf_build_with_file in src/zlog/src/conf.c.	2022-04-08	5	CVE-2021-43521 MISC MISC
huawei — emui	The device authentication service module has a defect vulnerability introduced in the design process.Successful exploitation of this vulnerability may affect data confidentiality.	2022-04-11	5	CVE-2021-46740 MISC MISC
wpdownloadmanager — wordpress_download_manager	The Download Manager WordPress plugin before 3.2.39 uses the uniqid php function to generate the master key for a download, allowing an attacker to brute force the key with reasonable resources giving direct download access regardless of role based restrictions or password protections set for the download.	2022-04-11	5	CVE-2022-0828 MISC
salonbookingsystem — salon_booking_system	The Salon booking system Free and pro WordPress plugins before 7.6.3 do not have proper authorisation when searching bookings, allowing any unauthenticated users to search other’s booking, as well as retrieve sensitive information about the bookings, such as the full name, email and phone number of the person who booked it.	2022-04-11	5	CVE-2022-0919 MISC
salonbookingsystem — salon_booking_system	The Salon booking system Free and Pro WordPress plugins before 7.6.3 do not have proper authorisation in some of its endpoints, which could allow customers to access all bookings and other customer’s data	2022-04-11	5	CVE-2022-0920 MISC
nsthemes — ns_watermark_for_woocommerce	An unprivileged user could use the functionality of the NS WooCommerce Watermark WordPress plugin through 2.11.3 to load images that hide malware for example from passing malicious domains to hide their trace, by making them pass through the vulnerable domain.	2022-04-11	5	CVE-2022-0989 MISC
pimcore — pimcore	SQL injection in RecyclebinController.php in GitHub repository pimcore/pimcore prior to 10.3.5. This vulnerability is capable of steal the data	2022-04-08	5	CVE-2022-1219 MISC CONFIRM
gnuboard — gnuboard5	Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository gnuboard/gnuboard5 prior to and including 5.5.5. A vulnerability in gnuboard v5.5.5 and below uses weak encryption algorithms leading to sensitive information exposure. This allows an attacker to derive the email address of any user, including when the ‘Let others see my information.’ box is ticked off.	2022-04-11	5	CVE-2022-1252 CONFIRM MISC
xwiki — xwiki	XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A guest user without the right to view pages of the wiki can still list documents related to users of the wiki. The problem has been patched in XWiki versions 12.10.11, 13.4.4, and 13.9-rc-1. There is no known workaround for this problem.	2022-04-08	5	CVE-2022-24819 CONFIRM MISC
os4ed — opensis	Due to lack of protection, parameter student_id in OpenSIS Classic 8.0 /modules/eligibility/Student.php can be used to inject SQL queries to extract information from databases.	2022-04-11	5	CVE-2022-27041 MISC
movie_seat_reservation_project — movie_seat_reservation	Movie Seat Reservation v1 was discovered to contain an unauthenticated file disclosure vulnerability via /index.php?page=home.	2022-04-08	5	CVE-2022-28002 MISC MISC
reprisesoftware — reprise_license_manager	Reprise License Manager 14.2 is affected by an Information Disclosure vulnerability via a GET request to /goforms/rlminfo. No authentication is required. The information disclosed is associated with software versions, process IDs, network configuration, hostname(s), system architecture, and file/directory details.	2022-04-09	5	CVE-2022-28365 MISC MISC MISC
zyxel — vmg3312-t20a_firmware	A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service.	2022-04-11	4.9	CVE-2022-26414 CONFIRM
dell — emc_unity_operating_environment	Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability. A local malicious admin may potentially exploit vulnerability and gain privileges.	2022-04-08	4.6	CVE-2021-36290 MISC
dell — emc_unity_operating_environment	Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability. A local malicious admin may potentially exploit vulnerability and gain elevated privileges.	2022-04-08	4.6	CVE-2021-36293 MISC
ivanti — dsm_remote	Ivanti DSM Remote <= 6.3.1.1862 is vulnerable to an unquoted service path allowing local users to launch processes with elevated privileges.	2022-04-11	4.6	CVE-2022-27088 MISC
pickplugins — post_grid	The Post Grid WordPress plugin before 2.1.16 does not escape the keyword parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting in pages containing a Post Grid with a search form	2022-04-11	4.3	CVE-2021-24986 MISC
heateor — super_socializer	The Social Share, Social Login and Social Comments Plugin WordPress plugin before 7.13.30 does not sanitise and escape the urls parameter in its the_champ_sharing_count AJAX action (available to both unauthenticated and authenticated users) before outputting it back in the response, leading to a Reflected Cross-Site Scripting issue.	2022-04-11	4.3	CVE-2021-24987 MISC
webmin — webmin	A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via the Upload and Download feature.	2022-04-11	4.3	CVE-2021-32158 MISC
webmin — webmin	A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through the Add Users feature.	2022-04-11	4.3	CVE-2021-32160 MISC
webmin — webmin	A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through the File Manager feature.	2022-04-11	4.3	CVE-2021-32161 MISC
baijiacms_project — baijiacms	An issue was discovered in baijiacms v4. There is a CSRF vulnerability that can modify the store information and login password.	2022-04-11	4.3	CVE-2021-34250 MISC
opservices — opmon	A Cross Site Scripting (XSS) vulnerability exists in OpServices OpMon through 9.11 via the search parameter in the request URL.	2022-04-08	4.3	CVE-2021-43009 MISC MISC
thimpress — learnpress	The LearnPress WordPress plugin before 4.1.6 does not sanitise and escape the lp-dismiss-notice before outputting it back via the lp_background_single_email AJAX action, leading to a Reflected Cross-Site Scripting	2022-04-11	4.3	CVE-2022-0271 MISC
presscustomizr — nimble_page_builder	The Nimble Page Builder WordPress plugin before 3.2.2 does not sanitise and escape the preview-level-guid parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting	2022-04-11	4.3	CVE-2022-0314 MISC
realfavicongenerator — favicon_by_realfavicongenerator	The Favicon by RealFaviconGenerator WordPress plugin before 1.3.23 does not properly sanitise and escape the json_result_url parameter before outputting it back in the Favicon admin dashboard, leading to a Reflected Cross-Site Scripting issue	2022-04-11	4.3	CVE-2022-0471 MISC CONFIRM
wpvivid — migration\,_backup\,_staging	The Migration, Backup, Staging WordPress plugin before 0.9.70 does not sanitise and escape the sub_page parameter before outputting it back in the page, leading to a reflected Cross-Site Scripting	2022-04-11	4.3	CVE-2022-0531 MISC
atlasgondal — export_all_urls	The Export All URLs WordPress plugin before 4.2 does not sanitise and escape the CSV filename before outputting it back in the page, leading to a Reflected Cross-Site Scripting	2022-04-11	4.3	CVE-2022-0892 MISC
atlasgondal — export_all_urls	The Export All URLs WordPress plugin before 4.3 does not have CSRF in place when exporting data, which could allow attackers to make a logged in admin export all posts and pages (including private and draft) into an arbitrary CSV file, which the attacker can then download and retrieve the list of titles for example	2022-04-11	4.3	CVE-2022-0914 MISC
elbtide — advanced_booking_calendar	The Advanced Booking Calendar WordPress plugin before 1.7.1 does not sanitise and escape the room parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting issue	2022-04-11	4.3	CVE-2022-1007 MISC CONFIRM
radare — radare2	NULL Pointer Dereference in r_bin_ne_get_entrypoints function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to cause a denial of service (application crash).	2022-04-08	4.3	CVE-2022-1283 CONFIRM MISC
radare — radare2	heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of inducing denial of service.	2022-04-08	4.3	CVE-2022-1284 CONFIRM MISC
school_club_application_system_project — school_club_application_system	A vulnerability, which was classified as problematic, has been found in School Club Application System 1.0. This issue affects access to /scas/admin/. The manipulation of the parameter page with the input %22%3E%3Cimg%20src=x%20onerror=alert(1)%3E leads to a reflected cross site scripting. The attack may be initiated remotely and does not require any form of authentication. The exploit has been disclosed to the public and may be used.	2022-04-09	4.3	CVE-2022-1288 N/A
onlyoffice — document_server	A cross-site scripting (XSS) vulnerability in ONLYOFFICE Document Server Example before v7.0.0 allows remote attackers inject arbitrary HTML or JavaScript through /example/editor.	2022-04-08	4.3	CVE-2022-24229 MISC MISC MISC
icehrm — icehrm	A Cross-Site Request Forgery (CSRF) in IceHrm 31.0.0.OS allows attackers to delete arbitrary users or achieve account takeover via the app/service.php URI.	2022-04-08	4.3	CVE-2022-26588 MISC MISC
getbootstrap — bootstrap	Bootstrap v3.1.11 and v3.3.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the Title parameter in /vendor/views/add_product.php.	2022-04-08	4.3	CVE-2022-26624 MISC MISC
asana — desktop	Asana Desktop before 1.6.0 allows remote attackers to exfiltrate local files if they can trick the Asana desktop app into loading a malicious web page.	2022-04-09	4.3	CVE-2022-26877 MISC CONFIRM
aerocms_project — aerocms	AeroCMS v0.0.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability via view_all_comments.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comments text field.	2022-04-08	4.3	CVE-2022-27063 MISC MISC MISC
zbzcms — zbzcms	zbzcms v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the neirong parameter at /php/ajax.php.	2022-04-10	4.3	CVE-2022-27125 MISC
gpac — gpac	GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a stack-overflow vulnerability in function gf_isom_get_sample_for_movie_time of mp4box.	2022-04-08	4.3	CVE-2022-27145 MISC
gpac — gpac	GPAC mp4box 1.1.0-DEV-rev1759-geb2d1e6dd-has a heap-buffer-overflow vulnerability in function gf_isom_apple_enum_tag.	2022-04-08	4.3	CVE-2022-27146 MISC
gpac — gpac	GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a use-after-free vulnerability in function gf_node_get_attribute_by_tag.	2022-04-08	4.3	CVE-2022-27147 MISC
gpac — gpac	GPAC mp4box 1.1.0-DEV-rev1663-g881c6a94a-master is vulnerable to Integer Overflow.	2022-04-08	4.3	CVE-2022-27148 MISC
reprisesoftware — reprise_license_manager	Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability (XSS) in the /goform/login_process username parameter via GET. No authentication is required.	2022-04-09	4.3	CVE-2022-28363 MISC MISC MISC
kevinlab — 4st_l-bems	A Directory Traversal vulnerability exists in KevinLAB Inc Building Energy Management System 4ST BEMS 1.0.0 via the page GET parameter in index.php.	2022-04-11	4	CVE-2021-37293 MISC MISC
webence — iq_block_country	The settings of the iQ Block Country WordPress plugin before 1.2.13 can be exported or imported using its backup functionality. An authorized user can import preconfigured settings of the plugin by uploading a zip file. After the uploading process, files in the uploaded zip file are extracted one by one. During the extraction process, existence of a file is checked. If the file exists, it is deleted without any security control by only considering the name of the extracted file. This behavior leads to “Zip Slip” vulnerability.	2022-04-11	4	CVE-2022-0246 MISC
online_banking_system_project — online_banking_system	Online Banking System in PHP v1 was discovered to contain multiple SQL injection vulnerabilities at /staff_login.php via the Staff ID and Staff Password parameters.	2022-04-08	4	CVE-2022-27991 MISC
jetbrains — ktor	In JetBrains Ktor Native before version 2.0.0 random values used for nonce generation weren’t using SecureRandom implementations	2022-04-11	4	CVE-2022-29035 MISC MISC

Low Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
wpsofts — portfolio_gallery\,_product_catalog_-_grid_kit_portfolio	The Portfolio Gallery, Product Catalog WordPress plugin before 2.1.0 does not have authorisation and CSRF checks in various functions related to AJAX actions, allowing any authenticated users, such as subscriber, to call them. Due to the lack of sanitisation and escaping, it could also allows attackers to perform Cross-Site Scripting attacks on pages where a Portfolio is embed	2022-04-11	3.5	CVE-2021-25090 MISC
premio — chaty	Authenticated (admin or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Premio Chaty (WordPress plugin) <= 2.8.3	2022-04-11	3.5	CVE-2021-36846 CONFIRM CONFIRM
sharethis — social_media_feather	Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Social Media Feather (WordPress plugin) versions <= 2.0.4	2022-04-11	3.5	CVE-2021-36848 CONFIRM CONFIRM
wpdarko — responsive_tabs	Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Responsive Tabs (WordPress plugin) <= 4.0.5	2022-04-11	3.5	CVE-2021-36893 CONFIRM CONFIRM
w3eden — pricing_table	Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Pricing Table (WordPress plugin) versions <= 1.5.2	2022-04-11	3.5	CVE-2021-36896 CONFIRM CONFIRM
wp-appbox_project — wp-appbox	Authenticated (admin user role) Stored Cross-Site Scripting (XSS) in WP-Appbox (WordPress plugin) <= 4.3.20.	2022-04-11	3.5	CVE-2021-36910 CONFIRM CONFIRM
ibm — curam_social_program_management	IBM Curam Social Program Management 8.0.1 and 7.0.11 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 215306.	2022-04-11	3.5	CVE-2021-39068 XF CONFIRM
zzcms — zzcms	An issue was discovered in ZZCMS 2021. There is a cross-site scripting (XSS) vulnerability in ad_manage.php.	2022-04-08	3.5	CVE-2021-46437 MISC
pickplugins — post_grid	The Post Grid WordPress plugin before 2.1.16 does not sanitise and escape the post_types parameter before outputting it back in the response of the post_grid_update_taxonomies_terms_by_posttypes AJAX action, available to any authenticated users, leading to a Reflected Cross-Site Scripting	2022-04-11	3.5	CVE-2022-0447 MISC
pootlepress — easy_smooth_scroll_links	The Easy Smooth Scroll Links WordPress plugin before 2.23.1 does not sanitise and escape its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed	2022-04-11	3.5	CVE-2022-0728 MISC
cybernetikz — easy_social_icons	The Easy Social Icons WordPress plugin before 3.2.1 does not properly escape the image_file field when adding a new social icon, allowing high privileged users to inject arbitrary javascript even when the unfiltered_html capability is disallowed.	2022-04-11	3.5	CVE-2022-0840 MISC
autolabproject — autolab	Cross-site Scripting (XSS) – Stored in GitHub repository autolab/autolab prior to 2.8.0.	2022-04-11	3.5	CVE-2022-0936 MISC CONFIRM
vertistudio — image_optimization_\&_lazy_load_by_optimole	The Image optimization & Lazy Load by Optimole WordPress plugin before 3.3.2 does not sanitise and escape its “Lazyload background images for selectors” settings, which could allow high privilege users such as admin to perform Cross-Site scripting attacks even when the unfiltered_html capability is disallowed.	2022-04-11	3.5	CVE-2022-0969 CONFIRM MISC
trudesk_project — trudesk	Stored XSS viva .svg file upload in GitHub repository polonel/trudesk prior to v1.2.0.	2022-04-11	3.5	CVE-2022-1045 CONFIRM MISC
tableexport.jquery.plugin_project — tableexport.jquery.plugin	XSS vulnerability with default `onCellHtmlData` function in GitHub repository hhurz/tableexport.jquery.plugin prior to 1.25.0. Transmitting cookies to third-party servers. Sending data from secure sessions to third-party servers	2022-04-10	3.5	CVE-2022-1291 CONFIRM MISC
ivanti — incapptic_connect	An authenticated high privileged user can perform a stored XSS attack due to incorrect output encoding in Incapptic connect and affects all current versions.	2022-04-11	3.5	CVE-2022-22571 MISC MISC
aerocms_project — aerocms	AeroCMS v0.0.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability via add_post.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Post Title text field.	2022-04-08	3.5	CVE-2022-27062 MISC MISC MISC
jflyfox — jfinal_cms	Jfinal_CMS 5.1.0 allows attackers to use the feedback function to send malicious XSS code to the administrator backend and execute it.	2022-04-11	3.5	CVE-2022-27111 MISC
thedaylightstudio — fuel_cms	Daylight Studio Fuel CMS 1.5.1 is vulnerable to HTML Injection.	2022-04-11	3.5	CVE-2022-27156 MISC
socialcodia — social_codia_sms	Social Codia SMS v1 was discovered to contain a stored cross-site scripting (XSS) vulnerability via add_post.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Post Title text field.	2022-04-08	3.5	CVE-2022-27348 MISC MISC MISC
ofcms_project — ofcms	A cross-site scripting (XSS) vulnerability at /ofcms/company-c-47 in OFCMS v1.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comment text box.	2022-04-10	3.5	CVE-2022-27961 MISC
reprisesoftware — reprise_license_manager	Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability (XSS) in the /goform/rlmswitchr_process file parameter via GET. Authentication is required.	2022-04-09	3.5	CVE-2022-28364 MISC MISC MISC
roku — roku_os	Roku devices running RokuOS v9.4.0 build 4200 or earlier that uses a Realtek WiFi chip is vulnerable to Arbitrary file modification.	2022-04-08	2.7	CVE-2022-27152 MISC
dell — emc_powerscale_onefs	Dell EMC Powerscale OneFS 8.2.x – 9.2.x omit security-relevant information in /etc/master.passwd. A high-privileged user can exploit this vulnerability to not record information identifying the source of account information changes.	2022-04-08	2.1	CVE-2022-22563 MISC MISC
dell — emc_powerscale_onefs	Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contains an incorrect default permissions vulnerability. A local malicious user could potentially exploit this vulnerability, leading to a denial of service.	2022-04-08	2.1	CVE-2022-26855 MISC

Severity Not Yet Assigned

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
python — python	In Python (aka CPython) through 3.10.4, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments).	2022-04-13	not yet calculated	CVE-2015-20107 MISC MISC
scheider_electric — sut_service	A CWE-502: Deserialization of Untrusted Data vulnerability exists which could allow an attacker to execute arbitrary code on the targeted system with SYSTEM privileges when placing a malicious user to be authenticated for this vulnerability to be successfully exploited. Affected Product: Schneider Electric Software Update (SESU) SUT Service component (V2.1.1 to V2.3.0)	2022-04-13	not yet calculated	CVE-2019-6834 MISC
bbraun — melsungen_ag_spacecom	A vulnerability in the configuration import mechanism of the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers with command line access to the underlying Linux system to escalate privileges to the root user.	2022-04-14	not yet calculated	CVE-2020-16238 CONFIRM CONFIRM
bbraun — melsungen_ag_spacecom	A relative path traversal attack in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers with service user privileges to upload arbitrary files. By uploading a specially crafted tar file an attacker can execute arbitrary commands.	2022-04-14	not yet calculated	CVE-2020-25150 CONFIRM CONFIRM
bbraun — melsungen_ag_spacecom	A session fixation vulnerability in the B. Braun Melsungen AG SpaceCom administrative interface Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows remote attackers to hijack web sessions and escalate privileges.	2022-04-14	not yet calculated	CVE-2020-25152 CONFIRM CONFIRM
bbraun — melsungen_ag_spacecom	An open redirect vulnerability in the administrative interface of the B. Braun Melsungen AG SpaceCom device Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers to redirect users to malicious websites.	2022-04-14	not yet calculated	CVE-2020-25154 CONFIRM CONFIRM
bbraun — melsungen_ag_spacecom	Active debug code in the B. Braun Melsungen AG SpaceCom Version L8/U61, and the Data module compactplus Versions A10 and A11 and earlier enables attackers in possession of cryptographic material to access the device as root.	2022-04-14	not yet calculated	CVE-2020-25156 CONFIRM CONFIRM
bbraun — melsungen_ag_spacecom	A reflected cross-site scripting (XSS) vulnerability in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows remote attackers to inject arbitrary web script or HTML into various locations.	2022-04-14	not yet calculated	CVE-2020-25158 CONFIRM CONFIRM
bbraun — melsungen_ag_spacecom	Improper access controls in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 enables attackers to extract and tamper with the devices network configuration.	2022-04-14	not yet calculated	CVE-2020-25160 CONFIRM CONFIRM
bbraun — melsungen_ag_spacecom	A XPath injection vulnerability in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows unauthenticated remote attackers to access sensitive information and escalate privileges.	2022-04-14	not yet calculated	CVE-2020-25162 CONFIRM CONFIRM
bbraun — melsungen_ag_spacecom	A vulnerability in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers to recover user credentials of the administrative interface.	2022-04-14	not yet calculated	CVE-2020-25164 CONFIRM CONFIRM
bbraun — melsungen_ag_spacecom	An improper verification of the cryptographic signature of firmware updates of the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers to generate valid firmware updates with arbitrary content that can be used to tamper with devices.	2022-04-14	not yet calculated	CVE-2020-25166 CONFIRM CONFIRM
bbraun — melsungen_ag_spacecom	Hard-coded credentials in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 enable attackers with command line access to access the device’s Wi-Fi module.	2022-04-14	not yet calculated	CVE-2020-25168 CONFIRM CONFIRM
fossies — froxlor	Froxlor through 0.10.22 does not perform validation on user input passed in the customermail GET parameter. The value of this parameter is reflected in the login webpage, allowing the injection of arbitrary HTML tags.	2022-04-13	not yet calculated	CVE-2020-29653 MISC MISC MISC
android — android	In setServiceForegroundInnerLocked of ActiveServices.java, there is a possible way for a background application to regain foreground permissions due to insufficient background restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-183147114	2022-04-12	not yet calculated	CVE-2021-0694 MISC
android — android	In dma_buf_release of dma-buf.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-155756045References: Upstream kernel	2022-04-12	not yet calculated	CVE-2021-0707 MISC
accusoft — imagegear	A heap-based buffer overflow vulnerability exists in the DecoderStream::Append functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.	2022-04-14	not yet calculated	CVE-2021-21914 MISC
accusoft — imagegear	A heap-based buffer overflow vulnerability exists in the Palette box parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.	2022-04-14	not yet calculated	CVE-2021-21938 MISC
accusoft — imagegear	A heap-based buffer overflow vulnerability exists in the XWD parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.	2022-04-14	not yet calculated	CVE-2021-21939 MISC
accusoft — imagegear	An out-of-bounds write vulnerability exists in the TIFF YCbCr image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability.	2022-04-14	not yet calculated	CVE-2021-21942 MISC
accusoft — imagegear	A heap-based buffer overflow vulnerability exists in the XWD parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.	2022-04-14	not yet calculated	CVE-2021-21943 MISC
accusoft — imagegear	Two heap-based buffer overflow vulnerabilities exist in the TIFF parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities. Placeholder	2022-04-14	not yet calculated	CVE-2021-21944 MISC
accusoft — imagegear	Two heap-based buffer overflow vulnerabilities exist in the TIFF parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities. Placeholder	2022-04-14	not yet calculated	CVE-2021-21945 MISC
accusoft — imagegear	Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities. Placeholder	2022-04-14	not yet calculated	CVE-2021-21946 MISC
accusoft — imagegear	Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities. Placeholder	2022-04-14	not yet calculated	CVE-2021-21947 MISC
anycubic — chitubox_anycubic_plugin	A heap-based buffer overflow vulnerability exists in the readDatHeadVec functionality of AnyCubic Chitubox AnyCubic Plugin 1.0.0. A specially-crafted GF file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.	2022-04-14	not yet calculated	CVE-2021-21948 MISC
accusoft — imagegear	An improper array index validation vulnerability exists in the JPEG-JFIF Scan header parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to an out-of-bounds write and potential code exectuion. An attacker can provide a malicious file to trigger this vulnerability.	2022-04-14	not yet calculated	CVE-2021-21949 MISC
cloudlinux_inc — imunify360	A php unserialize vulnerability exists in the Ai-Bolit functionality of CloudLinux Inc Imunify360 5.10.2. A specially-crafted malformed file can lead to potential arbitrary command execution. An attacker can provide a malicious file to trigger this vulnerability.	2022-04-14	not yet calculated	CVE-2021-21956 MISC
sealevel_systems — seaconnect_370w	An out-of-bounds write vulnerability exists in the OTA update task functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted MQTT payload can lead to denial of service. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.	2022-04-14	not yet calculated	CVE-2021-21967 MISC
vmware — photon	The SchedulerServer in Vmware photon allows remote attackers to inject logs through \r in the package parameter. Attackers can also insert malicious data and fake entries.	2022-04-11	not yet calculated	CVE-2021-22055 MISC
schneider_electric — struxureware_data_center_expert	A CWE-22 Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability exists that could cause remote code execution. Affected Product: StruxureWare Data Center Expert (V7.8.1 and prior)	2022-04-13	not yet calculated	CVE-2021-22794 MISC
schneider_electric — struxureware_data_center_expert	A CWE-78 Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) vulnerability exists that could cause remote code execution when performed over the network. Affected Product: StruxureWare Data Center Expert (V7.8.1 and prior)	2022-04-13	not yet calculated	CVE-2021-22795 MISC
schneider_electric — ecostruxure_control_expert	A CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal) vulnerability exists that could cause malicious script to be deployed in an unauthorized location and may result in code execution on the engineering workstation when a malicious project file is loaded in the engineering software. Affected Product: EcoStruxure Control Expert (V15.0 SP1 and prior, including former Unity Pro), EcoStruxure Process Expert (2020 and prior, including former HDCS), SCADAPack RemoteConnect for x70 (All versions)	2022-04-13	not yet calculated	CVE-2021-22797 MISC
arista — eos	On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is applied to the ingress of an L2 or an L3 port/SVI, the VXLAN rule and subsequent ACL rules in that access list will ignore the specified IP protocol.	2022-04-14	not yet calculated	CVE-2021-28505 MISC
apache — subversion_svn	Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal ‘copyfrom’ paths that should be hidden according to configured path-based authorization (authz) rules. When a node has been copied from a protected location, users with access to the copy can see the ‘copyfrom’ path of the original. This also reveals the fact that the node was copied. Only the ‘copyfrom’ path is revealed; not its contents. Both httpd and svnserve servers are vulnerable.	2022-04-12	not yet calculated	CVE-2021-28544 MISC DEBIAN
apache — struts	The fix issued for CVE-2020-17530 was incomplete. So from Apache Struts 2.0.0 to 2.5.29, still some of the tag’s attributes could perform a double evaluation if a developer applied forced OGNL evaluation by using the %{…} syntax. Using forced OGNL evaluation on untrusted user input can lead to a Remote Code Execution and security degradation.	2022-04-12	not yet calculated	CVE-2021-31805 MISC MLIST
mongodb — mongodb	It may be possible to have an extremely long aggregation pipeline in conjunction with a specific stage/operator and cause a stack overflow due to the size of the stack frames used by that stage. If an attacker could cause such an aggregation to occur, they could maliciously crash MongoDB in a DoS attack. This vulnerability affects MongoDB versions prior to 5.0.4, 4.4.11, 4.2.16.	2022-04-12	not yet calculated	CVE-2021-32040 MISC MISC MISC
johnson_controls — metasys	Under certain circumstances the session token is not cleared on logout.	2022-04-15	not yet calculated	CVE-2021-36205 CERT CONFIRM
wordpress — wp_maintenance_(wordpress_plugin)	Authenticated (admin+) Stored Cross-Site Scripting (XSS) in WP Maintenance (WordPress plugin) <= 6.0.4 affects multiple inputs.	2022-04-15	not yet calculated	CVE-2021-36828 CONFIRM CONFIRM
caldera — calderalwp_license_manager_(wordpress_plugin)	Cross-Site Request Forgery (CSRF) vulnerability leading to Reflected Cross-Site Scripting (XSS) in CalderaWP License Manager (WordPress plugin) <= 1.2.11.	2022-04-12	not yet calculated	CVE-2021-36914 CONFIRM CONFIRM
microfocus — operations_bridge	Unauthenticated remote code execution in Micro Focus Operations Bridge containerized, affecting versions 2021.05, 2021.08, and newer versions of Micro Focus Operations Bridge containerized if the deployment was upgraded from 2021.05 or 2021.08. The vulnerability could be exploited to unauthenticated remote code execution.	2022-04-11	not yet calculated	CVE-2021-38125 MISC
android — android	In broadcastPortInfo of AdbService.java, there is a possible way for apps to run code as the shell user, if wireless debugging is enabled, due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12LAndroid ID: A-205836329	2022-04-12	not yet calculated	CVE-2021-39794 MISC
android — android	In multiple locations of MediaProvider.java , there is a possible way to get read/write access to other app’s dedicated, app-specific directory within external storage due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12LAndroid ID: A-201667614	2022-04-12	not yet calculated	CVE-2021-39795 MISC
android — android	In HarmfulAppWarningActivity of HarmfulAppWarningActivity.java, there is a possible way to trick victim to install harmful app due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-205595291	2022-04-12	not yet calculated	CVE-2021-39796 MISC
android — android	In several functions of of LauncherApps.java, there is a possible escalation of privilege due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-209607104	2022-04-12	not yet calculated	CVE-2021-39797 MISC
android — android	In Bitmap_createFromParcel of Bitmap.cpp, there is a possible arbitrary code execution due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-213169612	2022-04-12	not yet calculated	CVE-2021-39798 MISC
android — android	In AttributionSource of AttributionSource.java, there is a possible permission bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-200288596	2022-04-12	not yet calculated	CVE-2021-39799 MISC
android — android	In ion_ioctl of ion-ioctl.c, there is a possible way to leak kernel head data due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-208277166References: Upstream kernel	2022-04-12	not yet calculated	CVE-2021-39800 MISC
android — android	In ion_ioctl of ion-ioctl.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-209791720References: Upstream kernel	2022-04-12	not yet calculated	CVE-2021-39801 MISC
android — android	In change_pte_range of mprotect.c , there is a possible way to make a shared mmap writable due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-213339151References: Upstream kernel	2022-04-12	not yet calculated	CVE-2021-39802 MISC
android — android	In ~Impl of C2AllocatorIon.cpp, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-193790350	2022-04-12	not yet calculated	CVE-2021-39803 MISC
android — android	In reinit of HeifDecoderImpl.cpp, there is a possible crash due to a missing null check. This could lead to remote persistent denial of service in the file picker with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12LAndroid ID: A-215002587	2022-04-12	not yet calculated	CVE-2021-39804 MISC
android — android	In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure through Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-212694559	2022-04-12	not yet calculated	CVE-2021-39805 MISC
android — android	In handleNfcStateChanged of SecureNfcEnabler.java, there is a possible way to enable NFC from the Guest account due to a missing permission check. This could lead to local escalation of privilege from the Guest account with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-209446496	2022-04-12	not yet calculated	CVE-2021-39807 MISC
android — android	In createNotificationChannelGroup of PreferencesHelper.java, there is a possible way for a service to run in foreground without user notification due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-209966086	2022-04-12	not yet calculated	CVE-2021-39808 MISC
android — android	In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-205837191	2022-04-12	not yet calculated	CVE-2021-39809 MISC
android — android	In TBD of TBD, there is a possible out of bounds read due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-205522359References: N/A	2022-04-12	not yet calculated	CVE-2021-39812 MISC
android — android	In ppmp_validate_wsm of drm_fw.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-216792660References: N/A	2022-04-12	not yet calculated	CVE-2021-39814 MISC
simatic — s7-400_h	A vulnerability has been identified in SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.10), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants) (All versions < V10.1), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants) (All versions). Affected devices improperly handle specially crafted packets sent to port 102/tcp. This could allow an attacker to create a Denial-of-Service condition. A restart is needed to restore normal operations.	2022-04-12	not yet calculated	CVE-2021-40368 CONFIRM
kaseya_unitrends — client/agent	Kaseya Unitrends Client/Agent through 10.5,5 allows remote attackers to execute arbitrary code.	2022-04-15	not yet calculated	CVE-2021-40386 MISC
moxa — mxview_series	An authentication bypass vulnerability exists in the Web Application functionality of Moxa MXView Series 3.2.4. A specially-crafted HTTP request can lead to unauthorized access. An attacker can send an HTTP request to trigger this vulnerability.	2022-04-14	not yet calculated	CVE-2021-40390 MISC
moxa — mxview_series	An information disclosure vulnerability exists in the Web Application functionality of Moxa MXView Series 3.2.4. Network sniffing can lead to a disclosure of sensitive information. An attacker can sniff network traffic to exploit this vulnerability.	2022-04-14	not yet calculated	CVE-2021-40392 MISC
accusoft — imagegear	An out-of-bounds write vulnerability exists in the parse_raster_data functionality of Accusoft ImageGear 19.10. A specially-crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.	2022-04-14	not yet calculated	CVE-2021-40398 MISC
gerbv — gerbv	An out-of-bounds read vulnerability exists in the RS-274X aperture macro outline primitive functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and the forked version of Gerbv (commit d7f42a9a). A specially-crafted Gerber file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability.	2022-04-14	not yet calculated	CVE-2021-40400 MISC
gerbv — gerbv	An out-of-bounds read vulnerability exists in the RS-274X aperture macro multiple outline primitives functionality of Gerbv 2.7.0 and dev (commit b5f1eacd), and Gerbv forked 2.7.1 and 2.8.0. A specially-crafted Gerber file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability.	2022-04-14	not yet calculated	CVE-2021-40402 MISC
reolink — rlc-410w	A denial of service vulnerability exists in the cgiserver.cgi Upgrade API functionality of Reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. An attacker can send an HTTP request to trigger this vulnerability.	2022-04-14	not yet calculated	CVE-2021-40405 MISC
swiftsensors — gateway_sg3-1010	An authentication bypass vulnerability exists in the device password generation functionality of Swift Sensors Gateway SG3-1010. A specially-crafted network request can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.	2022-04-14	not yet calculated	CVE-2021-40422 MISC
webroot –secure_anywhere	An out-of-bounds read vulnerability exists in the IOCTL GetProcessCommand and B_03 of Webroot Secure Anywhere 21.4. A specially-crafted executable can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability. An out-of-bounds read vulnerability exists in the IOCTL GetProcessCommand and B_03 of Webroot Secure Anywhere 21.4. The GetProcessCommandLine IOCTL request could cause an out-of-bounds read in the device driver WRCore_x64. An attacker can issue an ioctl to trigger this vulnerability.	2022-04-14	not yet calculated	CVE-2021-40424 MISC
webroot_secure_anywhere	An out-of-bounds read vulnerability exists in the IOCTL GetProcessCommand and B_03 of Webroot Secure Anywhere 21.4. A specially-crafted executable can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability. An out-of-bounds read vulnerability exists in the IOCTL GetProcessCommand and B_03 of Webroot Secure Anywhere 21.4. An IOCTL_B03 request with specific invalid data causes a similar issue in the device driver WRCore_x64. An attacker can issue an ioctl to trigger this vulnerability.	2022-04-14	not yet calculated	CVE-2021-40425 MISC
soundexchange — libsox	A heap-based buffer overflow vulnerability exists in the sphere.c start_read() functionality of Sound Exchange libsox 14.4.2 and master commit 42b3557e. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.	2022-04-14	not yet calculated	CVE-2021-40426 MISC
redhat– openshift	The release of OpenShift 4.9.6 included four CVE fixes for the haproxy package, however the patch for CVE-2021-39242 was missing. This issue only affects Red Hat OpenShift 4.9.	2022-04-11	not yet calculated	CVE-2021-4047 MISC
arubanetworks — instant_on_1930_switch_series	A remote vulnerability was discovered in Aruba Instant On 1930 Switch Series version(s): Firmware below v1.0.7.0.	2022-04-12	not yet calculated	CVE-2021-41004 MISC
arubanetworks — instant_on_1930_switch_series	A remote vulnerability was discovered in Aruba Instant On 1930 Switch Series version(s): Firmware below v1.0.7.0.	2022-04-12	not yet calculated	CVE-2021-41005 MISC
wire — wire_server	Wire-server is the system server for the wire back-end services. Releases prior to v2022-03-01 are subject to a denial of service attack via a crafted object causing a hash collision. This collision causes the server to spend at least quadratic time parsing it which can lead to a denial of service for a heavily used server. The issue has been fixed in wire-server 2022-03-01 and is already deployed on all Wire managed services. On premise instances of wire-server need to be updated to 2022-03-01, so that their backends are no longer affected. There are no known workarounds for this issue.	2022-04-13	not yet calculated	CVE-2021-41119 MISC CONFIRM
siemens — simatic_step_7	A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) V15 (All versions), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 5), SIMATIC STEP 7 (TIA Portal) V17 (All versions < V17 Update 2). An attacker could achieve privilege escalation on the web server of certain devices due to improper access control vulnerability in the engineering system software. The attacker needs to have direct access to the impacted web server.	2022-04-12	not yet calculated	CVE-2021-42029 CONFIRM
redcap — redcap	A stored Cross-Site Scripting (XSS) vulnerability in the Missing Data Codes functionality of REDCap before 11.4.0 allows remote attackers to execute JavaScript code in the client’s browser by storing said code as a Missing Data Code value. This can then be leveraged to execute a Cross-Site Request Forgery attack to escalate privileges to administrator.	2022-04-13	not yet calculated	CVE-2021-42136 MISC MISC MISC
seowon — seowon_130_slc_router	Seowon 130-SLC router all versions as of 2021-09-15 is vulnerable to Remote Code Execution via the queriesCnt parameter.	2022-04-15	not yet calculated	CVE-2021-42230 MISC
appguard — appguard_enterprise	AppGuard Enterprise before 6.7.100.1 creates a Temporary File in a Directory with Insecure Permissions. Local users can gain SYSTEM privileges because a repair operation relies on the %TEMP% directory of an unprivileged user.	2022-04-12	not yet calculated	CVE-2021-42255 MISC MISC
cms_made_simple — cms_made_simple	Cross Site Scripting (XSS) vulnerability exists in CMS Made Simple 2.2.15 via the Name field in an Add Category action in moduleinterface.php.	2022-04-13	not yet calculated	CVE-2021-43154 MISC
github — one_time_password	As a result of an incomplete fix for CVE-2015-7225, in versions of devise-two-factor prior to 4.0.2 it is possible to reuse a One-Time-Password (OTP) for one (and only one) immediately trailing interval. CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N)	2022-04-11	not yet calculated	CVE-2021-43177 MISC
mantisbt — mantisbt	Lack of Neutralization of Formula Elements in the CSV API of MantisBT before 2.25.3 allows an unprivileged attacker to execute code or gain access to information when a user opens the csv_export.php generated CSV file in Excel.	2022-04-14	not yet calculated	CVE-2021-43257 MISC MISC
gocd — thoughtworks_gocd	An issue was discovered in ThoughtWorks GoCD before 21.3.0. An attacker with privileges to create a new pipeline on a GoCD server can abuse a command-line injection in the Git URL “Test Connection” feature to execute arbitrary code.	2022-04-14	not yet calculated	CVE-2021-43286 MISC MISC MISC MISC
gocd — thoughtworks_gocd	An issue was discovered in ThoughtWorks GoCD before 21.3.0. The business continuity add-on, which is enabled by default, leaks all secrets known to the GoCD server to unauthenticated attackers.	2022-04-14	not yet calculated	CVE-2021-43287 MISC MISC MISC
gocd — thoughtworks_gocd	An issue was discovered in ThoughtWorks GoCD before 21.3.0. An attacker in control of a GoCD Agent can plant malicious JavaScript into a failed Job Report.	2022-04-14	not yet calculated	CVE-2021-43288 MISC MISC MISC
gocd — thoughtworks_gocd	An issue was discovered in ThoughtWorks GoCD before 21.3.0. An attacker who has compromised a GoCD agent can upload a malicious file into an arbitrary directory of a GoCD server, but does not control the filename.	2022-04-14	not yet calculated	CVE-2021-43289 MISC MISC MISC MISC
gocd — thoughtworks_gocd	An issue was discovered in ThoughtWorks GoCD before 21.3.0. An attacker who has compromised a GoCD agent can upload a malicious file into a directory of a GoCD server. They can control the filename but the directory is placed inside of a directory that they can’t control.	2022-04-14	not yet calculated	CVE-2021-43290 MISC MISC MISC MISC
annexxus — i3_international_inc_annexxus_camera	A Logic Flaw vulnerability exists in i3 International Inc Annexxus Camera V5.2.0 build 150317 (Ax46), V5.0.9 build 151106 (Ax68), and V5.0.9 build 150615 (Ax78) due to a failure to allow the creation of more than one administrator account; however, this can be bypassed by parameter maniulation using PUT and DELETE and by calling the ‘UserPermission’ endpoint with the ID of created account and set it to ‘admin’ userType, successfully adding a second administrative account.	2022-04-11	not yet calculated	CVE-2021-43442 MISC
sourcecodetester — sourcecodester_messaging_web_application	Sourcecodester Messaging Web Application 1.0 is vulnerable to stored XSS. If a sender inserts valid scripts into the chat, the script will be executed on the receiver chat.	2022-04-14	not yet calculated	CVE-2021-43633 MISC MISC
cmsimple — cms_made_simple_5.4	CMSimple 5.4 is vulnerable to Directory Traversal. The vulnerability exists when a user changes the file name to malicious file on config.php leading to remote code execution.	2022-04-13	not yet calculated	CVE-2021-43741 MISC MISC
cmsimple — cms_made_simple_5.4	CMSimple 5.4 is vulnerable to Cross Site Scripting (XSS) via the file upload feature.	2022-04-13	not yet calculated	CVE-2021-43742 MISC MISC
reolink — reolink_rlc_410W	Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser functionality of Reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. An attacker can send an HTTP request to trigger this vulnerability.	2022-04-14	not yet calculated	CVE-2021-44354 MISC
reolink — reolink_rlc_410W	Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser functionality of Reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. An attacker can send an HTTP request to trigger this vulnerability.	2022-04-14	not yet calculated	CVE-2021-44355 MISC
reolink — reolink_rlc_410W	Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser functionality of Reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. An attacker can send an HTTP request to trigger this vulnerability.	2022-04-14	not yet calculated	CVE-2021-44356 MISC
reolink — reolink_rlc_410W	Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser functionality of Reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. An attacker can send an HTTP request to trigger this vulnerability.	2022-04-14	not yet calculated	CVE-2021-44357 MISC
reolink — reolink_rlc_410W	Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser functionality of Reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. An attacker can send an HTTP request to trigger this vulnerability.	2022-04-14	not yet calculated	CVE-2021-44366 MISC
reolink — reolink_rlc_410W	Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser functionality of Reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. An attacker can send an HTTP request to trigger this vulnerability.	2022-04-14	not yet calculated	CVE-2021-44375 MISC
reolink — reolink_rlc_410W	Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser functionality of Reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. An attacker can send an HTTP request to trigger this vulnerability.	2022-04-14	not yet calculated	CVE-2021-44394 MISC
yottadb — yottadb	An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of parameter validation in calls to memcpy in check_and_set_timeout in sr_unix/ztimeoutroutines.c allows attackers to attempt to read from a NULL pointer.	2022-04-15	not yet calculated	CVE-2021-44481 MISC
yottadb — yottadb	An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of input validation in calls to do_verify in sr_unix/do_verify.c allows attackers to attempt to jump to a NULL pointer by corrupting a function pointer.	2022-04-15	not yet calculated	CVE-2021-44482 MISC
yottadb — yottadb	An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of input validation in calls to eb_div in sr_port/eb_muldiv.c allows attackers to crash the application by performing a divide by zero.	2022-04-15	not yet calculated	CVE-2021-44483 MISC
yottadb — yottadb	An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of NULL checks in calls to emit_trip in sr_port/emit_code.c allows attackers to crash the application by dereferencing a NULL pointer.	2022-04-15	not yet calculated	CVE-2021-44484 MISC
yottadb — yottadb	An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of NULL checks in trip_gen in sr_port/emit_code.c allows attackers to crash the application by dereferencing a NULL pointer.	2022-04-15	not yet calculated	CVE-2021-44485 MISC
yottadb — yottadb	An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can manipulate the value of a function pointer used in op_write in sr_port/op_write.c in order to gain control of the flow of execution.	2022-04-15	not yet calculated	CVE-2021-44486 MISC
yottadb — yottadb	An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of NULL checks in calls to ious_open in sr_unix/ious_open.c allows attackers to crash the application by dereferencing a NULL pointer.	2022-04-15	not yet calculated	CVE-2021-44487 MISC
yottadb — yottadb	An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can control the size and input to calls to memcpy in op_fnfnumber in sr_port/op_fnfnumber.c in order to corrupt memory or crash the application.	2022-04-15	not yet calculated	CVE-2021-44488 MISC
yottadb — yottadb	An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can cause an integer underflow of the size of calls to memset in op_fnj3 in sr_port/op_fnj3.c in order to cause a segmentation fault and crash the application. This is a “- digs” subtraction.	2022-04-15	not yet calculated	CVE-2021-44489 MISC
yottadb — yottadb	An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can cause a calculation of the size of calls to memset in op_fnj3 in sr_port/op_fnj3.c to result in an extremely large value in order to cause a segmentation fault and crash the application. This is a “- (digs < 1 ? 1 : digs)” subtraction.	2022-04-15	not yet calculated	CVE-2021-44490 MISC
yottadb — yottadb	An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can cause a calculation of the size of calls to memset in op_fnj3 in sr_port/op_fnj3.c to result in an extremely large value in order to cause a segmentation fault and crash the application. This is a digs– calculation.	2022-04-15	not yet calculated	CVE-2021-44491 MISC
yottadb — yottadb	An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using crafted input, attackers can cause a type to be incorrectly initialized in the function f_incr in sr_port/f_incr.c and cause a crash due to a NULL pointer dereference.	2022-04-15	not yet calculated	CVE-2021-44492 MISC MISC MISC
yottadb — yottadb	An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a buffer to take on a large negative number, which is then used as the length of a memcpy call that occurs on the stack, causing a buffer overflow.	2022-04-15	not yet calculated	CVE-2021-44493 MISC MISC MISC
yottadb — yottadb	An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using crafted input, an attacker can cause calls to ZRead to crash due to a NULL pointer dereference.	2022-04-15	not yet calculated	CVE-2021-44494 MISC MISC MISC
yottadb — yottadb	An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using crafted input, an attacker can cause a NULL pointer dereference after calls to ZPrint.	2022-04-15	not yet calculated	CVE-2021-44495 MISC MISC MISC
yottadb — fis_gtm	An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can control the size variable and buffer that is passed to a call to memcpy. An attacker can use this to overwrite key data structures and gain control of the flow of execution.	2022-04-15	not yet calculated	CVE-2021-44496 MISC MISC MISC
yottadb — fis_gtm	An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, can cause the bounds of a for loop to be miscalculated, which leads to a use after free condition a pointer is pushed into previously free memory by the loop.	2022-04-15	not yet calculated	CVE-2021-44497 MISC MISC MISC
yottadb — fis_gtm	An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, attackers can cause a type to be incorrectly initialized in the function f_incr in sr_port/f_incr.c and cause a crash due to a NULL pointer dereference.	2022-04-15	not yet calculated	CVE-2021-44498 MISC MISC MISC
yottadb — fis_gtm	An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a buffer to take on a large negative number, which is then used as the length of a memcpy call that occurs on the stack, causing a buffer overflow.	2022-04-15	not yet calculated	CVE-2021-44499 MISC MISC MISC
yottadb — fis_gtm	An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). A lack of input validation in calls to eb_div in sr_port/eb_muldiv.c allows attackers to crash the application by performing a divide by zero.	2022-04-15	not yet calculated	CVE-2021-44500 MISC MISC MISC
yottadb — fis_gtm	An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause calls to ZRead to crash due to a NULL pointer dereference.	2022-04-15	not yet calculated	CVE-2021-44501 MISC MISC MISC
yottadb — fis_gtm	An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can control the size of a memset that occurs in calls to util_format in sr_unix/util_output.c.	2022-04-15	not yet calculated	CVE-2021-44502 MISC MISC MISC
yottadb — fis_gtm	An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause a call to va_arg on an empty variadic parameter list, most likely causing a memory segmentation fault.	2022-04-15	not yet calculated	CVE-2021-44503 MISC MISC MISC
yottadb — fis_gtm	An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause a size variable, stored as an signed int, to equal an extremely large value, which is interpreted as a negative value during a check. This value is then used in a memcpy call on the stack, causing a memory segmentation fault.	2022-04-15	not yet calculated	CVE-2021-44504 MISC MISC MISC
yottadb — fis_gtm	An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause a NULL pointer dereference after calls to ZPrint.	2022-04-15	not yet calculated	CVE-2021-44505 MISC MISC MISC
yottadb — fis_gtm	An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). A lack of input validation in calls to do_verify in sr_unix/do_verify.c allows attackers to attempt to jump to a NULL pointer by corrupting a function pointer.	2022-04-15	not yet calculated	CVE-2021-44506 MISC MISC MISC
yottadb — fis_gtm	An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). A lack of parameter validation in calls to memcpy in str_tok in sr_unix/ztimeoutroutines.c allows attackers to attempt to read from a NULL pointer.	2022-04-15	not yet calculated	CVE-2021-44507 MISC MISC MISC
yottadb — fis_gtm	An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). A lack of NULL checks in calls to ious_open in sr_unix/ious_open.c allows attackers to crash the application by dereferencing a NULL pointer.	2022-04-15	not yet calculated	CVE-2021-44508 MISC MISC MISC
yottadb — fis_gtm	An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, attackers can cause an integer underflow of the size of calls to memset in op_fnj3 in sr_port/op_fnj3.c in order to cause a segmentation fault and crash the application.	2022-04-15	not yet calculated	CVE-2021-44509 MISC MISC MISC
yottadb — fis_gtm	An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, attackers can cause a calculation of the size of calls to memset in op_fnj3 in sr_port/op_fnj3.c to result in an extremely large value in order to cause a segmentation fault and crash the application.	2022-04-15	not yet calculated	CVE-2021-44510 MISC MISC MISC
citrix — citrix_xenmobileserver	In Citrix XenMobile Server through 10.12 RP9, there is an Authenticated Command Injection vulnerability, leading to remote code execution with root privileges.	2022-04-13	not yet calculated	CVE-2021-44520 MISC MISC MISC
coins — coins_contruction_cloud	An issue was discovered in COINS Construction Cloud 11.12. Due to an inappropriate use of HTML IFRAME elements, the file upload functionality is vulnerable to a persistent Cross-Site Scripting (XSS) attack.	2022-04-14	not yet calculated	CVE-2021-45227 MISC MISC
coins — coins_contruction_cloud	An XSS issue was discovered in COINS Construction Cloud 11.12. Due to insufficient neutralization of user input in the description of a task, it is possible to store malicious JavaScript code in the task description. This is later executed when it is reflected back to the user.	2022-04-14	not yet calculated	CVE-2021-45228 MISC MISC
wizplat — wizplat_PD065	An access control issue in the authentication module of wizplat PD065 v1.19 allows attackers to access sensitive data and cause a Denial of Service (DoS).	2022-04-13	not yet calculated	CVE-2021-46167 MISC MISC MISC MISC
palo_alto_networks — pan_os	An improper handling of exceptional conditions vulnerability exists in the DNS proxy feature of Palo Alto Networks PAN-OS software that enables a meddler-in-the-middle (MITM) to send specifically crafted traffic to the firewall that causes the service to restart unexpectedly. Repeated attempts to send this request result in denial-of-service to all PAN-OS services by restarting the device in maintenance mode. This issue does not impact Panorama appliances and Prisma Access customers. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.22; PAN-OS 9.0 versions earlier than PAN-OS 9.0.16; PAN-OS 9.1 versions earlier than PAN-OS 9.1.13; PAN-OS 10.0 versions earlier than PAN-OS 10.0.10; PAN-OS 10.1 versions earlier than PAN-OS 10.1.5. This issue does not impact PAN-OS 10.2.	2022-04-13	not yet calculated	CVE-2022-0023 MISC
wordpress — visual_form_ builder_wordpress	The Visual Form Builder WordPress plugin before 3.0.6 does not perform access control on entry form export, allowing unauthenticated users to see the form entries or export it as a CSV File using the vfb-export endpoint.	2022-04-12	not yet calculated	CVE-2022-0140 MISC
wordpress — visual_form_ builder_wordpress	The Visual Form Builder WordPress plugin before 3.0.8 does not enforce nonce checks which could allow attackers to make a logged in admin or editor delete and restore arbitrary form entries via CSRF attacks	2022-04-12	not yet calculated	CVE-2022-0141 MISC
wordpress — visual_form_ builder_wordpress	The Visual Form Builder WordPress plugin before 3.0.6 is vulnerable to CSV injection allowing a user with low level or no privileges to inject a command that will be included in the exported CSV file, leading to possible code execution.	2022-04-12	not yet calculated	CVE-2022-0142 MISC
schneider_electric — scadapack_ workbench	A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could result in information disclosure when opening a malicious solution file provided by an attacker with SCADAPack Workbench. This could be exploited to pass data from local files to a remote system controlled by an attacker. Affected Product: SCADAPack Workbench (6.6.8a and prior)	2022-04-13	not yet calculated	CVE-2022-0221 MISC
github — grunt	Path Traversal in GitHub repository gruntjs/grunt prior to 1.5.2.	2022-04-12	not yet calculated	CVE-2022-0436 CONFIRM MISC
netty — netty_codec_http_maven_package	A flaw was found in the original fix for the netty-codec-http CVE-2021-21409, where the OpenShift Logging openshift-logging/elasticsearch6-rhel8 container was incomplete. The vulnerable netty-codec-http maven package was not removed from the image content. This flaw affects origin-aggregated-logging versions 3.11.	2022-04-11	not yet calculated	CVE-2022-0552 MISC MISC MISC
aveva — aveva_system_platform	AVEVA System Platform 2020 stores sensitive information in cleartext, which may allow access to an attacker or a low-privileged user.	2022-04-11	not yet calculated	CVE-2022-0835 CONFIRM CONFIRM
homeplug_green_phy — combined_charging_system	Electric Vehicle (EV) commonly utilises the Combined Charging System (CCS) for DC rapid charging. To exchange important messages such as the State of Charge (SoC) with the Electric Vehicle Supply Equipment (EVSE) CCS uses a high-bandwidth IP link provided by the HomePlug Green PHY (HPGP) power-line communication (PLC) technology. The attack interrupts necessary control communication between the vehicle and charger, causing charging sessions to abort. The attack can be conducted wirelessly from a distance using electromagnetic interference, allowing individual vehicles or entire fleets to be disrupted simultaneously. In addition, the attack can be mounted with off-the-shelf radio hardware and minimal technical knowledge. With a power budget of 1 W, the attack is successful from around 47 m distance. The exploited behavior is a required part of the HomePlug Green PHY, DIN 70121 & ISO 15118 standards and all known implementations exhibit it. In addition to electric cars, Brokenwire affects electric ships, airplanes and heavy duty vehicles utilising these standards.	2022-04-12	not yet calculated	CVE-2022-0878 CONFIRM
windows — logitech_sync	There is a Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability in Logitech Sync for Windows prior to 2.4.574. Successful exploitation of these vulnerabilities may escalate the permission to the system user.	2022-04-12	not yet calculated	CVE-2022-0915 MISC
myscada — mypro	An authenticated user may be able to misuse parameters to inject arbitrary operating system commands into mySCADA myPRO versions 8.25.0 and prior.	2022-04-11	not yet calculated	CVE-2022-0999 CONFIRM
lifepoint_informatics — patient_portal	Navigating to a specific URL with a patient ID number will result in the server generating a PDF of a lab report without authentication and rate limiting.	2022-04-11	not yet calculated	CVE-2022-1067 MISC
gitlab — ce/ee	Missing sanitization of logged exception messages in all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 of GitLab CE/EE causes potential sensitive values in invalid URLs to be logged	2022-04-11	not yet calculated	CVE-2022-1157 MISC CONFIRM
rockwell_automation — logix_controllers	An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Studio 5000 Logix Designer writes user-readable program code to a separate location than the executed compiled code, allowing an attacker to change one and not the other.	2022-04-11	not yet calculated	CVE-2022-1161 MISC
gitlab — ce/ee	Improper access control in GitLab CE/EE versions 10.7 prior to 14.7.7, 10.8 prior to 14.8.5, and 10.9 prior to 14.9.2 allows a malicious actor to obtain details of the latest commit in a private project via Merge Requests under certain circumstances	2022-04-11	not yet calculated	CVE-2022-1193 CONFIRM MISC MISC
gitbug — plantuml	XSS via Embedded SVG in SVG Diagram Format in GitHub repository plantuml/plantuml prior to 1.2022.4. Stored XSS in the context of the diagram embedder. Depending on the actual context, this ranges from stealing secrets to account hijacking or even to code execution for example in desktop applications. Web based applications are the ones most affected. Since the SVG format allows clickable links in diagrams, it is commonly used in plugins for web based projects (like the Confluence plugin, etc. see https://plantuml.com/de/running).	2022-04-15	not yet calculated	CVE-2022-1231 MISC CONFIRM
mcafee_agent — windows	A local privilege escalation vulnerability in MA for Windows prior to 5.7.6 allows a local low privileged user to gain system privileges through running the repair functionality. Temporary file actions were performed on the local user’s %TEMP% directory with System privileges through manipulation of symbolic links.	2022-04-14	not yet calculated	CVE-2022-1256 CONFIRM
mcafee_agent — linux_macos_windows	Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior to 5.7.6 allows a local user to gain access to sensitive information through storage in ma.db. The sensitive information has been moved to encrypted database files.	2022-04-14	not yet calculated	CVE-2022-1257 CONFIRM
mcafee_agent — epolicy_orchestrator	A blind SQL injection vulnerability in the ePolicy Orchestrator (ePO) extension of MA prior to 5.7.6 can be exploited by an authenticated administrator on ePO to perform arbitrary SQL queries in the back-end database, potentially leading to command execution on the server.	2022-04-14	not yet calculated	CVE-2022-1258 CONFIRM
tenable — d_link_routers	A command injection vulnerability in the protest binary allows an attacker with access to the remote command line interface to execute arbitrary commands as root.	2022-04-11	not yet calculated	CVE-2022-1262 MISC
java_client — ebics	A vulnerability in the encryption implementation of EBICS messages in the open source librairy ebics-java/ebics-java-client allows an attacker sniffing network traffic to decrypt EBICS payloads. This issue affects: ebics-java/ebics-java-client versions prior to 1.2.	2022-04-14	not yet calculated	CVE-2022-1279 CONFIRM
linux — drivers_gpu_drm_drm_lease.c	A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial of service (DoS) or a kernel information leak.	2022-04-13	not yet calculated	CVE-2022-1280 MISC MISC
github — mruby_mruby	heap-buffer-overflow in mrb_vm_exec in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited.	2022-04-10	not yet calculated	CVE-2022-1286 CONFIRM MISC
tildearrow — furnace	A denial of service vulnerability was found in tildearrow Furnace. It has been classified as problematic. This is due to an incomplete fix of CVE-2022-1211. It is possible to initiate the attack remotely but it requires user interaction. The issue got fixed with the patch 0eb02422d5161767e9983bdaa5c429762d3477ce.	2022-04-10	not yet calculated	CVE-2022-1289 MISC MISC MISC
github — polonel_trudesk	Stored XSS in “Name”, “Group Name” & “Title” in GitHub repository polonel/trudesk prior to v1.2.0. This allows attackers to execute malicious scripts in the user’s browser and it can lead to session hijacking, sensitive data exposure, and worse.	2022-04-10	not yet calculated	CVE-2022-1290 MISC CONFIRM
mz_automation — liblec61850	In the MZ Automation LibIEC61850 in versions prior to 1.5.1 an unauthenticated attacker can craft a goose message, which may result in a denial of service.	2022-04-12	not yet calculated	CVE-2022-1302 CONFIRM
e2sprogs — e2sprogs	An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.	2022-04-14	not yet calculated	CVE-2022-1304 MISC
github — zerotierone	ZeroTierOne for windows local privilege escalation because of incorrect directory privilege in GitHub repository zerotier/zerotierone prior to 1.8.8. Local Privilege Escalation	2022-04-11	not yet calculated	CVE-2022-1316 CONFIRM MISC
mutt — uudecoder	Buffer Overflow in uudecoder in Mutt affecting all versions starting from 0.94.13 before 2.2.3 allows read past end of input line	2022-04-14	not yet calculated	CVE-2022-1328 MISC MISC CONFIRM MLIST
github — alvarotrigo/fullpage.js	stored xss due to unsantized anchor url in GitHub repository alvarotrigo/fullpage.js prior to 4.0.4. stored xss .	2022-04-12	not yet calculated	CVE-2022-1330 MISC CONFIRM
mattermost — api	One of the API in Mattermost version 6.4.1 and earlier fails to properly protect the permissions, which allows the authenticated members with restricted custom admin role to bypass the restrictions and view the server logs and server config.json file contents.	2022-04-13	not yet calculated	CVE-2022-1332 MISC
mattermost _playbooks — webhooks	Mattermost Playbooks plugin v1.24.0 and earlier fails to properly check the limit on the number of webhooks, which allows authenticated and authorized users to create a specifically drafted Playbook which could trigger a large amount of webhook requests leading to Denial of Service.	2022-04-13	not yet calculated	CVE-2022-1333 MISC
mattermost — image_proxy_component	The image proxy component in Mattermost version 6.4.1 and earlier allocates memory for multiple copies of a proxied image, which allows an authenticated attacker to crash the server via links to very large image files.	2022-04-13	not yet calculated	CVE-2022-1337 MISC
github — elementcontroller.php	SQL injection in ElementController.php in GitHub repository pimcore/pimcore prior to 10.3.5. This vulnerability is capable of steal the data	2022-04-13	not yet calculated	CVE-2022-1339 CONFIRM MISC
github — stored_xss	Stored XSS due to no sanitization in the filename in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user’s browser and it can lead to session hijacking, sensitive data exposure, and worse.	2022-04-13	not yet calculated	CVE-2022-1344 CONFIRM MISC
github — stored_xss	Stored XSS viva .svg file upload in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user’s browser and it can lead to session hijacking, sensitive data exposure, and worse.	2022-04-13	not yet calculated	CVE-2022-1345 CONFIRM MISC
github — stored_xss	Multiple Stored XSS in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user’s browser and it can lead to session hijacking, sensitive data exposure, and worse.	2022-04-13	not yet calculated	CVE-2022-1346 CONFIRM MISC
github — stored_xss	Stored XSS in the “Username” & “Email” input fields leads to account takeover of Admin & Co-admin users in GitHub repository causefx/organizr prior to 2.1.1810. Account takeover and privilege escalation	2022-04-13	not yet calculated	CVE-2022-1347 MISC CONFIRM
ghostpcl — gsmchunk.c	A vulnerability classified as problematic was found in GhostPCL 9.55.0. This vulnerability affects the function chunk_free_object of the file gsmchunk.c. The manipulation with a malicious file leads to a memory corruption. The attack can be initiated remotely but requires user interaction. The exploit has been disclosed to the public as a POC and may be used. It is recommended to apply the patches to fix this issue.	2022-04-14	not yet calculated	CVE-2022-1350 MISC MISC MISC
github — stored_xss	Stored XSS in Tooltip in GitHub repository pimcore/pimcore prior to 10.4.	2022-04-14	not yet calculated	CVE-2022-1351 CONFIRM MISC
github — lquixada/cross_fetch	Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository lquixada/cross-fetch prior to 3.1.5.	2022-04-15	not yet calculated	CVE-2022-1365 MISC CONFIRM
github — snipe/snipe_it	Stored Cross Site Scripting vulnerability in Item name parameter in GitHub repository snipe/snipe-it prior to v5.4.3. The vulnerability is capable of stolen the user Cookie.	2022-04-16	not yet calculated	CVE-2022-1380 CONFIRM MISC
mediatek — smartphone_tablet_aIot_smart_display_smart_platform_ott_chipsets	In ccci, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108658; Issue ID: ALPS06108658.	2022-04-11	not yet calculated	CVE-2022-20065 MISC
mediatek — smartphone_tablet_aIot_smart_display_smart_platform_ott_chipsets	In atf (hwfde), there is a possible leak of sensitive information due to incorrect error handling. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06171729; Issue ID: ALPS06171729.	2022-04-11	not yet calculated	CVE-2022-20066 MISC
mediatek — smartphone_tablet_aIot_smart_display_smart_platform_ott_chipsets	In mdp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05836585; Issue ID: ALPS05836585.	2022-04-11	not yet calculated	CVE-2022-20067 MISC
mediatek — smartphone_tablet_aIot_smart_display_smart_platform_ott_chipsets	In mobile_log_d, there is a possible symbolic link following due to an improper link resolution. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06308907; Issue ID: ALPS06308907.	2022-04-11	not yet calculated	CVE-2022-20068 MISC
mediatek — smartphone_tablet_aIot_smart_display_smart_platform_ott_chipsets	In preloader (usb), there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160425; Issue ID: ALPS06160425.	2022-04-11	not yet calculated	CVE-2022-20069 MISC
mediatek — smartphone_tablet_aIot_smart_display_smart_platform_ott_chipsets	In ssmr, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS06362920; Issue ID: ALPS06362920.	2022-04-11	not yet calculated	CVE-2022-20070 MISC
mediatek — smartphone_tablet_aIot_smart_display_smart_platform_ott_chipsets	In ccu, there is a possible escalation of privilege due to a missing certificate validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS06183315; Issue ID: ALPS06183315.	2022-04-11	not yet calculated	CVE-2022-20071 MISC
mediatek — smartphone_tablet_aIot_smart_display_smart_platform_ott_chipsets	In search engine service, there is a possible way to change the default search engine due to an incorrect comparison. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS06219118; Issue ID: ALPS06219118.	2022-04-11	not yet calculated	CVE-2022-20072 MISC
mediatek — smartphone_tablet_aIot_smart_display_smart_platform_ott_chipsets	In preloader (usb), there is a possible out of bounds write due to a integer underflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160841; Issue ID: ALPS06160841.	2022-04-11	not yet calculated	CVE-2022-20073 MISC
mediatek — smartphone_tablet_aIot_smart_display_smart_platform_ott_chipsets	In preloader (partition), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06183301; Issue ID: ALPS06183301.	2022-04-11	not yet calculated	CVE-2022-20074 MISC
mediatek — smartphone_tablet_aIot_smart_display_smart_platform_ott_chipsets	In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05838808; Issue ID: ALPS05838808.	2022-04-11	not yet calculated	CVE-2022-20075 MISC
mediatek — smartphone_tablet_aIot_smart_display_smart_platform_ott_chipsets	In ged, there is a possible memory corruption due to an incorrect error handling. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05838808; Issue ID: ALPS05839556.	2022-04-11	not yet calculated	CVE-2022-20076 MISC
mediatek — smartphone_tablet_aIot_smart_display_smart_platform_ott_chipsets	In vow, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05837742; Issue ID: ALPS05852812.	2022-04-11	not yet calculated	CVE-2022-20077 MISC
mediatek — smartphone_tablet_aIot_smart_display_smart_platform_ott_chipsets	In vow, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05852819; Issue ID: ALPS05852819.	2022-04-11	not yet calculated	CVE-2022-20078 MISC
mediatek — smartphone_tablet_aIot_smart_display_smart_platform_ott_chipsets	In vow, there is a possible read of uninitialized data due to a improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05837742; Issue ID: ALPS05857289.	2022-04-11	not yet calculated	CVE-2022-20079 MISC
mediatek — smartphone_tablet_aIot_smart_display_smart_platform_ott_chipsets	In SUB2AF, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05881290; Issue ID: ALPS05881290.	2022-04-11	not yet calculated	CVE-2022-20080 MISC
mediatek — smartphone_tablet_aIot_smart_display_smart_platform_ott_chipsets	In A-GPS, there is a possible man in the middle attack due to improper certificate validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06461919; Issue ID: ALPS06461919.	2022-04-11	not yet calculated	CVE-2022-20081 MISC
cisco — embedded_wireless_controller	A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with Catalyst Access Points Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, causing a denial of service (DoS) condition. The device may experience a performance degradation in traffic processing or high CPU usage prior to the unexpected reload. This vulnerability is due to improper rate limiting of IP packets to the management interface. An attacker could exploit this vulnerability by sending a steady stream of IP traffic at a high rate to the management interface of the affected device. A successful exploit could allow the attacker to cause the device to reload.	2022-04-15	not yet calculated	CVE-2022-20622 CISCO
cisco — catalyst_digital_building_series_and_catalyst_micro_switches	Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.	2022-04-15	not yet calculated	CVE-2022-20661 CISCO
cisco — tool_command_language	A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS XE Software could allow an authenticated, local attacker to escalate from privilege level 15 to root-level privileges. This vulnerability is due to insufficient input validation of data that is passed into the Tcl interpreter. An attacker could exploit this vulnerability by loading malicious Tcl code on an affected device. A successful exploit could allow the attacker to execute arbitrary commands as root. By default, Tcl shell access requires privilege level 15.	2022-04-15	not yet calculated	CVE-2022-20676 CISCO
cisco — iox_application_hosting_environment	Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.	2022-04-15	not yet calculated	CVE-2022-20677 CISCO
cisco — appnav_xe	A vulnerability in the AppNav-XE feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of certain TCP segments. An attacker could exploit this vulnerability by sending a stream of crafted TCP traffic at a high rate through an interface of an affected device. That interface would need to have AppNav interception enabled. A successful exploit could allow the attacker to cause the device to reload.	2022-04-15	not yet calculated	CVE-2022-20678 CISCO
cisco — ipsec_decryption_routine	A vulnerability in the IPSec decryption routine of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to buffer exhaustion that occurs while traffic on a configured IPsec tunnel is being processed. An attacker could exploit this vulnerability by sending traffic to an affected device that has a maximum transmission unit (MTU) of 1800 bytes or greater. A successful exploit could allow the attacker to cause the device to reload. To exploit this vulnerability, the attacker may need access to the trusted network where the affected device is in order to send specific packets to be processed by the device. All network devices between the attacker and the affected device must support an MTU of 1800 bytes or greater. This access requirement could limit the possibility of a successful exploit.	2022-04-15	not yet calculated	CVE-2022-20679 CISCO
cisco — catalyst_9000_family_switches_and_catalyst_9000_family_wireless_controllers	A vulnerability in the CLI of Cisco IOS XE Software for Cisco Catalyst 9000 Family Switches and Cisco Catalyst 9000 Family Wireless Controllers could allow an authenticated, local attacker to elevate privileges to level 15 on an affected device. This vulnerability is due to insufficient validation of user privileges after the user executes certain CLI commands. An attacker could exploit this vulnerability by logging in to an affected device as a low-privileged user and then executing certain CLI commands. A successful exploit could allow the attacker to execute arbitrary commands with level 15 privileges on the affected device.	2022-04-15	not yet calculated	CVE-2022-20681 CISCO
cisco — control_and_provisioning_of_wireless_access_points	A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to inadequate input validation of incoming CAPWAP packets encapsulating multicast DNS (mDNS) queries. An attacker could exploit this vulnerability by connecting to a wireless network and sending a crafted mDNS query, which would flow through and be processed by the wireless controller. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition.	2022-04-15	not yet calculated	CVE-2022-20682 CISCO
cisco — application_visibility_and_control	A vulnerability in the Application Visibility and Control (AVC-FNF) feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient packet verification for traffic inspected by the AVC feature. An attacker could exploit this vulnerability by sending crafted packets from the wired network to a wireless client, resulting in the crafted packets being processed by the wireless controller. A successful exploit could allow the attacker to cause a crash and reload of the affected device, resulting in a DoS condition.	2022-04-15	not yet calculated	CVE-2022-20683 CISCO
cisco — simple_network_management_protocol	A vulnerability in Simple Network Management Protocol (SNMP) trap generation for wireless clients of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition on the device. This vulnerability is due to a lack of input validation of the information used to generate an SNMP trap related to a wireless client connection event. An attacker could exploit this vulnerability by sending an 802.1x packet with crafted parameters during the wireless authentication setup phase of a connection. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.	2022-04-15	not yet calculated	CVE-2022-20684 CISCO
cisco — netconf	A vulnerability in the NETCONF over SSH feature of Cisco IOS XE Software could allow a low-privileged, authenticated, remote attacker to cause a denial of service condition (DoS) on an affected device. This vulnerability is due to insufficient resource management. An attacker could exploit this vulnerability by initiating a large number of NETCONF over SSH connections. A successful exploit could allow the attacker to exhaust resources, causing the device to reload and resulting in a DoS condition on an affected device.	2022-04-15	not yet calculated	CVE-2022-20692 CISCO
cisco — ui	A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI API. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges.	2022-04-15	not yet calculated	CVE-2022-20693 CISCO
cisco — resource_public_key_infrastructure	A vulnerability in the implementation of the Resource Public Key Infrastructure (RPKI) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the Border Gateway Protocol (BGP) process to crash, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of a specific RPKI to Router (RTR) Protocol packet header. An attacker could exploit this vulnerability by compromising the RPKI validator server and sending a specifically crafted RTR packet to an affected device. Alternatively, the attacker could use man-in-the-middle techniques to impersonate the RPKI validator server and send a crafted RTR response packet over the established RTR TCP connection to the affected device. A successful exploit could allow the attacker to cause a DoS condition because the BGP process could constantly restart and BGP routing could become unstable.	2022-04-15	not yet calculated	CVE-2022-20694 CISCO
cisco — wireless_lan_controller	A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to bypass authentication controls and log in to the device through the management interface This vulnerability is due to the improper implementation of the password validation algorithm. An attacker could exploit this vulnerability by logging in to an affected device with crafted credentials. A successful exploit could allow the attacker to bypass authentication and log in to the device as an administrator. The attacker could obtain privileges that are the same level as an administrative user but it depends on the crafted credentials. Note: This vulnerability exists because of a non-default device configuration that must be present for it to be exploitable. For details about the vulnerable configuration, see the Vulnerable Products section of this advisory.	2022-04-15	not yet calculated	CVE-2022-20695 CISCO
cisco — web_services_interface	A vulnerability in the web services interface of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper resource management in the HTTP server code. An attacker could exploit this vulnerability by sending a large number of HTTP requests to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.	2022-04-15	not yet calculated	CVE-2022-20697 CISCO
cisco — data_plane_microcode_of_lightspeed_plus_line_cards	A vulnerability in the data plane microcode of Lightspeed-Plus line cards for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause the line card to reset. This vulnerability is due to the incorrect handling of malformed packets that are received on the Lightspeed-Plus line cards. An attacker could exploit this vulnerability by sending a crafted IPv4 or IPv6 packet through an affected device. A successful exploit could allow the attacker to cause the Lightspeed-Plus line card to reset, resulting in a denial of service (DoS) condition for any traffic that traverses that line card.	2022-04-15	not yet calculated	CVE-2022-20714 CISCO
cisco — cli_of_cisco_sd_wan_software	A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper access control on files within the affected system. A local attacker could exploit this vulnerability by modifying certain files on the vulnerable device. If successful, the attacker could gain escalated privileges and take actions on the system with the privileges of the root user.	2022-04-15	not yet calculated	CVE-2022-20716 CISCO
cisco — netconf_process_of_ cisco_sd_wan_vedge_ routers	A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated, local attacker to cause an affected device to run out of memory, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient memory management when an affected device receives large amounts of traffic. An attacker could exploit this vulnerability by sending malicious traffic to an affected device. A successful exploit could allow the attacker to cause the device to crash, resulting in a DoS condition.	2022-04-15	not yet calculated	CVE-2022-20717 CISCO
cisco — iox_application_hosting_environment	Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.	2022-04-15	not yet calculated	CVE-2022-20718 CISCO
cisco — iox_application_hosting_environment	Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.	2022-04-15	not yet calculated	CVE-2022-20719 CISCO
cisco — iox_application_hosting_environment	Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.	2022-04-15	not yet calculated	CVE-2022-20720 CISCO
cisco — iox_application_hosting_environment	Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.	2022-04-15	not yet calculated	CVE-2022-20721 CISCO
cisco — iox_application_hosting_environment	Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.	2022-04-15	not yet calculated	CVE-2022-20722 CISCO
cisco — iox_application_hosting_environment	Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.	2022-04-15	not yet calculated	CVE-2022-20723 CISCO
cisco — iox_application_hosting_environment	Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.	2022-04-15	not yet calculated	CVE-2022-20724 CISCO
cisco — iox_application_hosting_environment	Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.	2022-04-15	not yet calculated	CVE-2022-20725 CISCO
cisco — iox_application_hosting_environment	Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.	2022-04-15	not yet calculated	CVE-2022-20726 CISCO
cisco — iox_application_hosting_environment	Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.	2022-04-15	not yet calculated	CVE-2022-20727 CISCO
cisco — catalyst_digital_building_series_switches_and_cisco_catalyst_micro_switches	Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.	2022-04-15	not yet calculated	CVE-2022-20731 CISCO
cisco — sd_wan_vmanage_software	A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected system. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user. These actions could include modifying the system configuration and deleting accounts.	2022-04-15	not yet calculated	CVE-2022-20735 CISCO
cisco — sd_wan_vmanage_software	A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as the root user. The attacker must be authenticated on the affected system as a low-privileged user to exploit this vulnerability. This vulnerability exists because a file leveraged by a root user is executed when a low-privileged user runs specific commands on an affected system. An attacker could exploit this vulnerability by injecting arbitrary commands to a specific file as a lower-privileged user and then waiting until an admin user executes specific commands. The commands would then be executed on the device by the root user. A successful exploit could allow the attacker to escalate their privileges on the affected system from a low-privileged user to the root user.	2022-04-15	not yet calculated	CVE-2022-20739 CISCO
cisco — history_api_of_cisco_sd_wan_vmanage_software	A vulnerability in the History API of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain access to sensitive information on an affected system. This vulnerability is due to insufficient API authorization checking on the underlying operating system. An attacker could exploit this vulnerability by sending a crafted API request to Cisco vManage as a lower-privileged user and gaining access to sensitive information that they would not normally be authorized to access.	2022-04-15	not yet calculated	CVE-2022-20747 CISCO
cisco — border_gateway_protocol_ethernet_vpn	A vulnerability in the implementation of the Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the incorrect processing of a BGP update message that contains specific EVPN attributes. An attacker could exploit this vulnerability by sending a BGP update message that contains specific EVPN attributes. To exploit this vulnerability, an attacker must control a BGP speaker that has an established trusted peer connection to an affected device that is configured with the address family L2VPN EVPN to receive and process the update message. This vulnerability cannot be exploited by any data that is initiated by clients on the Layer 2 network or by peers that are not configured to accept the L2VPN EVPN address family. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP updates only from explicitly defined peers. For this vulnerability to be exploited, the malicious BGP update message must either come from a configured, valid BGP peer or be injected by the attacker into the affected BGP network on an existing, valid TCP connection to a BGP peer.	2022-04-15	not yet calculated	CVE-2022-20758 CISCO
cisco — 1000_series_connected_grid_router	A vulnerability in the integrated wireless access point (AP) packet processing of the Cisco 1000 Series Connected Grid Router (CGR1K) could allow an unauthenticated, adjacent attacker to cause a denial of service condition on an affected device. This vulnerability is due to insufficient input validation of received traffic. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the integrated AP to stop processing traffic, resulting in a DoS condition. It may be necessary to manually reload the CGR1K to restore AP operation.	2022-04-15	not yet calculated	CVE-2022-20761 CISCO
lansweeper — webuseractions.aspx	A stored cross-site scripting vulnerability exists in the WebUserActions.aspx functionality of Lansweeper lansweeper 9.1.20.2. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger this vulnerability.	2022-04-14	not yet calculated	CVE-2022-21145 MISC CONFIRM
leadtools — fltsavecmp	An integer overflow vulnerability exists in the fltSaveCMP functionality of Leadtools 22. A specially-crafted BMP file can lead to an integer overflow, that in turn causes a buffer overflow. An attacker can provide a malicious BMP file to trigger this vulnerability.	2022-04-14	not yet calculated	CVE-2022-21154 MISC CONFIRM
fernhill_scada_server_version — fhsvrservice.exe	A specially crafted packet sent to the Fernhill SCADA Server Version 3.77 and earlier may cause an exception, causing the server process (FHSvrService.exe) to exit.	2022-04-12	not yet calculated	CVE-2022-21155 MISC
mz_automation_gmbh_libiec61850 — parsenormalmodeparameters	A denial of service vulnerability exists in the parseNormalModeParameters functionality of MZ Automation GmbH libiec61850 1.5.0. A specially-crafted series of network requests can lead to denial of service. An attacker can send a sequence of malformed iec61850 messages to trigger this vulnerability.	2022-04-15	not yet calculated	CVE-2022-21159 MISC CONFIRM MISC
fuji_electric — alpha5	The affected product is vulnerable due to an invalid pointer initialization, which may lead to information disclosure.	2022-04-12	not yet calculated	CVE-2022-21168 MISC
fuji_electric — alpha5	The affected product is vulnerable to an out-of-bounds read, which may result in disclosure of sensitive information.	2022-04-12	not yet calculated	CVE-2022-21202 MISC
lansweeper — assetactions.aspx	An SQL injection vulnerability exists in the AssetActions.aspx functionality of Lansweeper lansweeper 9.1.20.2. A specially-crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.	2022-04-14	not yet calculated	CVE-2022-21210 MISC CONFIRM
fuji_electric — alpha5	The affected product is vulnerable to a heap-based buffer overflow, which may lead to code execution.	2022-04-12	not yet calculated	CVE-2022-21214 MISC
fuji_electric — alpha5	The affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code.	2022-04-12	not yet calculated	CVE-2022-21228 MISC
lansweeper — echoassets.aspx	An SQL injection vulnerability exists in the EchoAssets.aspx functionality of Lansweeper lansweeper 9.1.20.2. A specially-crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.	2022-04-14	not yet calculated	CVE-2022-21234 MISC CONFIRM
nconf — json	This affects the package nconf before 0.11.4. When using the memory engine, it is possible to store a nested JSON representation of the configuration. The .set() function, that is responsible for setting the configuration properties, is vulnerable to Prototype Pollution. By providing a crafted property, it is possible to modify the properties on the Object.prototype.	2022-04-12	not yet calculated	CVE-2022-21803 MISC MISC MISC MISC
microsoft — windows	Win32 Stream Enumeration Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24534.	2022-04-15	not yet calculated	CVE-2022-21983 N/A
microsoft — windows	Windows Hyper-V Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22009, CVE-2022-23257, CVE-2022-24537.	2022-04-15	not yet calculated	CVE-2022-22008 N/A
microsoft — windows	Windows Hyper-V Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22008, CVE-2022-23257, CVE-2022-24537.	2022-04-15	not yet calculated	CVE-2022-22009 N/A
lansweeper — lansweeper	A SQL injection vulnerability exists in the HelpdeskEmailActions.aspx functionality of Lansweeper lansweeper 9.1.20.2. A specially-crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.	2022-04-14	not yet calculated	CVE-2022-22149 MISC CONFIRM
junos — web_juniper_networks	A reflected Cross-site Scripting (XSS) vulnerability in J-Web of Juniper Networks Junos OS allows a network-based authenticated attacker to run malicious scripts reflected off J-Web to the victim’s browser in the context of their session within J-Web. This may allow the attacker to gain control of the device or attack other authenticated user sessions. This issue affects: Juniper Networks Junos OS All versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3-S4; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2.	2022-04-14	not yet calculated	CVE-2022-22181 CONFIRM
junos — web_juniper_networks	A Cross-site Scripting (XSS) vulnerability in Juniper Networks Junos OS J-Web allows an attacker to construct a URL that when visited by another user enables the attacker to execute commands with the target’s permissions, including an administrator. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S19; 15.1 versions prior to 15.1R7-S10; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S10, 18.4R3-S9; 19.1 versions prior to 19.1R2-S3, 19.1R3-S6; 19.2 versions prior to 19.2R1-S8, 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S2, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2; 21.2 versions prior to 21.2R1-S1, 21.2R2.	2022-04-14	not yet calculated	CVE-2022-22182 CONFIRM
junos — web_juniper_networks	An Improper Access Control vulnerability in Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker who is able to connect to a specific open IPv4 port, which in affected releases should otherwise be unreachable, to cause the CPU to consume all resources as more traffic is sent to the port to create a Denial of Service (DoS) condition. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS Evolved 20.4 versions prior to 20.4R3-S2-EVO; 21.1 versions prior to 21.1R3-S1-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO; 21.4 versions prior to 21.4R2-EVO. This issue does not affect Junos OS.	2022-04-14	not yet calculated	CVE-2022-22183 CONFIRM
junos — web_juniper_networks	A vulnerability in Juniper Networks Junos OS on SRX Series, allows a network-based unauthenticated attacker to cause a Denial of Service (DoS) by sending a specific fragmented packet to the device, resulting in a flowd process crash, which is responsible for packet forwarding. Continued receipt and processing of this specific packet will create a sustained DoS condition. This issue only affects SRX Series when ‘preserve-incoming-fragment-size’ feature is enabled. This issue affects Juniper Networks Junos OS on SRX Series: 18.3 versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R3-S10; 19.1 versions prior to 19.1R3-S7; 19.2 versions prior to 19.2R3-S4; 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R3-S6; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R2. This issue does not affect Juniper Networks Junos OS prior to 17.3R1.	2022-04-14	not yet calculated	CVE-2022-22185 CONFIRM
junos — web_juniper_networks	Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on EX4650 devices, packets received on the management interface (em0) but not destined to the device, may be improperly forwarded to an egress interface, instead of being discarded. Such traffic being sent by a client may appear genuine, but is non-standard in nature and should be considered as potentially malicious. This issue affects: Juniper Networks Junos OS on EX4650 Series: All versions prior to 19.1R3-S8; 19.2 versions prior to 19.2R3-S5; 19.3 versions prior to 19.3R3-S5; 19.4 versions prior to 19.4R3-S7; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S4; 20.3 versions prior to 20.3R3-S3; 20.4 versions prior to 20.4R3-S2; 21.1 versions prior to 21.1R3-S1; 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R2; 21.4 versions prior to 21.4R2; 22.1 versions prior to 22.1R1.	2022-04-14	not yet calculated	CVE-2022-22186 CONFIRM
windows_installer — improper_privilege_management_vulnerability	An Improper Privilege Management vulnerability in the Windows Installer framework used in the Juniper Networks Juniper Identity Management Service (JIMS) allows an unprivileged user to trigger a repair operation. Running a repair operation, in turn, will trigger a number of file operations in the %TEMP% folder of the user triggering the repair. Some of these operations will be performed from a SYSTEM context (started via the Windows Installer service), including the execution of temporary files. An attacker may be able to provide malicious binaries to the Windows Installer, which will be executed with high privilege, leading to a local privilege escalation. This issue affects Juniper Networks Juniper Identity Management Service (JIMS) versions prior to 1.4.0.	2022-04-14	not yet calculated	CVE-2022-22187 CONFIRM
junos_os — packet_forwarding_engine	An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine (PFE) of Juniper Networks Junos OS allows a network-based unauthenticated attacker to flood the device with traffic leading to a Denial of Service (DoS). The device must be configured with storm control profiling limiting the number of unknown broadcast, multicast, or unicast traffic to be vulnerable to this issue. This issue affects: Juniper Networks Junos OS on QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series; 20.2 version 20.2R1 and later versions prior to 20.2R2. This issue does not affect: Juniper Networks Junos OS versions prior to 20.2R1.	2022-04-14	not yet calculated	CVE-2022-22188 CONFIRM
junos_os — juniper_networks_ contrail_service_ orchestration	An Incorrect Ownership Assignment vulnerability in Juniper Networks Contrail Service Orchestration (CSO) allows a locally authenticated user to have their permissions elevated without authentication thereby taking control of the local system they are currently authenticated to. This issue affects: Juniper Networks Contrail Service Orchestration 6.0.0 versions prior to 6.0.0 Patch v3 on On-premises installations. This issue does not affect Juniper Networks Contrail Service Orchestration On-premises versions prior to 6.0.0.	2022-04-14	not yet calculated	CVE-2022-22189 CONFIRM
junos_os — juniper_networks_paragon_active_assurance_ control_center	An Improper Access Control vulnerability in the Juniper Networks Paragon Active Assurance Control Center allows an unauthenticated attacker to leverage a crafted URL to generate PDF reports, potentially containing sensitive configuration information. A feature was introduced in version 3.1 of the Paragon Active Assurance Control Center which allows users to selective share account data using a unique identifier. Knowing the proper format of the URL and the identifier of an existing object in an application it is possible to get access to that object without being logged in, even if the object is not shared, resulting in the opportunity for malicious exfiltration of user data. Note that the Paragon Active Assurance Control Center SaaS offering is not affected by this issue. This issue affects Juniper Networks Paragon Active Assurance version 3.1.0.	2022-04-14	not yet calculated	CVE-2022-22190 CONFIRM
junos_os — juniper_networks_junosos	A Denial of Service (DoS) vulnerability in the processing of a flood of specific ARP traffic in Juniper Networks Junos OS on the EX4300 switch, sent from the local broadcast domain, may allow an unauthenticated network-adjacent attacker to trigger a PFEMAN watchdog timeout, causing the Packet Forwarding Engine (PFE) to crash and restart. After the restart, transit traffic will be temporarily interrupted until the PFE is reprogrammed. In a virtual chassis (VC), the impacted Flexible PIC Concentrator (FPC) may split from the VC temporarily, and join back into the VC once the PFE restarts. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS on the EX4300: All versions prior to 15.1R7-S12; 18.4 versions prior to 18.4R2-S10, 18.4R3-S11; 19.1 versions prior to 19.1R3-S8; 19.2 versions prior to 19.2R1-S9, 19.2R3-S4; 19.3 versions prior to 19.3R3-S5; 19.4 versions prior to 19.4R2-S6, 19.4R3-S7; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S2; 20.4 versions prior to 20.4R3-S1; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2-S1, 21.2R3; 21.3 versions prior to 21.3R1-S2, 21.3R2.	2022-04-14	not yet calculated	CVE-2022-22191 CONFIRM
junos_os — routing_protocol_daemon	An Improper Handling of Unexpected Data Type vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). Continued execution of this command might cause a sustained Denial of Service condition. If BGP rib sharding is configured and a certain CLI command is executed the rpd process can crash. During the rpd crash and restart, the routing protocols might be impacted and traffic disruption might be seen due to the loss of routing information. This issue affects: Juniper Networks Junos OS 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2. Juniper Networks Junos OS Evolved 20.4 versions prior to 20.4R3-EVO; 21.1 versions prior to 21.1R3-EVO; 21.2 versions prior to 21.2R2-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 20.3R1. Juniper Networks Junos OS Evolved versions prior to 20.3R1-EVO.	2022-04-14	not yet calculated	CVE-2022-22193 CONFIRM
junos_os — packetio_daemon	An Improper Check for Unusual or Exceptional Conditions vulnerability in the packetIO daemon of Juniper Networks Junos OS Evolved on PTX10003, PTX10004, and PTX10008 allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). Continued receipt of these crafted packets will cause a sustained Denial of Service condition. This issue affects Juniper Networks Junos OS Evolved all versions prior to 20.4R2-S3-EVO on PTX10003, PTX10004, and PTX10008. This issue does not affect: Juniper Networks Junos OS Evolved versions 21.1R1-EVO and above; Juniper Networks Junos OS.	2022-04-14	not yet calculated	CVE-2022-22194 CONFIRM
junos_os — juniper_networks	An Improper Update of Reference Count vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to trigger a counter overflow, eventually causing a Denial of Service (DoS). This issue affects Juniper Networks Junos OS Evolved: All versions prior to 20.4R3-S1-EVO; 21.1 versions prior to 21.1R3-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO. This issue does not affect Juniper Networks Junos OS.	2022-04-14	not yet calculated	CVE-2022-22195 CONFIRM
junos_os — routing_protocol_daemon	An Improper Check for Unusual or Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker with an established ISIS adjacency to cause a Denial of Service (DoS). The rpd CPU spikes to 100% after a malformed ISIS TLV has been received which will lead to processing issues of routing updates and in turn traffic impact. This issue affects: Juniper Networks Junos OS 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R2-S6, 19.4R3-S6; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R3-S3-EVO; 21.2 versions prior to 21.2R2-EVO. This issue does not affect Juniper Networks Junos OS versions prior to 19.3R1.	2022-04-14	not yet calculated	CVE-2022-22196 CONFIRM
junos_os — routing_protocol_daemon	An Operation on a Resource after Expiration or Release vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker with an established BGP session to cause a Denial of Service (DoS). This issue occurs when proxy-generate route-target filtering is enabled, and certain proxy-route add and delete events are happening. This issue affects: Juniper Networks Junos OS All versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S4; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R1-S8, 18.4R2-S8, 18.4R3-S6; 19.1 versions prior to 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S1; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R2; 20.3 versions prior to 20.3R1-S2, 20.3R2. Juniper Networks Junos OS Evolved All versions prior to 20.1R3-EVO; 20.2 versions prior to 20.2R3-EVO; 20.3 versions prior to 20.3R2-EVO.	2022-04-14	not yet calculated	CVE-2022-22197 CONFIRM
junos_os — sip_alg	An Access of Uninitialized Pointer vulnerability in the SIP ALG of Juniper Networks Junos OS allows an unauthenticated network-based attacker to cause a Denial of Service (DoS). Continued receipt of these specific packets will cause a sustained Denial of Service condition. On all MX and SRX platforms, if the SIP ALG is enabled, an MS-MPC or MS-MIC, or SPC will crash if it receives a SIP message with a specific contact header format. This issue affects Juniper Networks Junos OS on MX Series and SRX Series: 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R2. This issue does not affect versions prior to 20.4R1.	2022-04-14	not yet calculated	CVE-2022-22198 CONFIRM
huawei — android	The DFX module has a vulnerability of improper validation of integrity check values.Successful exploitation of this vulnerability may affect system stability.	2022-04-11	not yet calculated	CVE-2022-22253 MISC MISC
huawei — android	A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation of this vulnerability may affect data confidentiality.	2022-04-11	not yet calculated	CVE-2022-22254 MISC MISC
huawei — android	The application framework has a common DoS vulnerability.Successful exploitation of this vulnerability may affect the availability.	2022-04-11	not yet calculated	CVE-2022-22255 MISC MISC
huawei — android	The DFX module has an access control vulnerability.Successful exploitation of this vulnerability may affect data confidentiality.	2022-04-11	not yet calculated	CVE-2022-22256 MISC MISC
huawei — android	The customization framework has a vulnerability of improper permission control.Successful exploitation of this vulnerability may affect data integrity.	2022-04-11	not yet calculated	CVE-2022-22257 MISC MISC
huawei — android	The Wi-Fi module has an event notification vulnerability.Successful exploitation of this vulnerability may allow third-party applications to intercept event notifications and add information and result in elevation-of-privilege.	2022-04-11	not yet calculated	CVE-2022-22258 MISC MISC
SMA — SMA	UNSUPPORTED WHEN ASSIGNED A post-authentication arbitrary file read vulnerability impacting end-of-life Secure Remote Access (SRA) products and older firmware versions of Secure Mobile Access (SMA) 100 series products, specifically the SRA appliances running all 8.x, 9.0.0.5-19sv and earlier versions and Secure Mobile Access (SMA) 100 series products running older firmware 9.0.0.9-26sv and earlier versions.	2022-04-13	not yet calculated	CVE-2022-22279 CONFIRM
IBM — aspera_high_speed_ transfer	IBM Aspera High-Speed Transfer 4.3.1 and earlier could allow an authenticated user to obtain information from non sensitive operating system files that they should not have access to. IBM X-Force ID: 222059.	2022-04-14	not yet calculated	CVE-2022-22391 XF CONFIRM
sap — business_intelligence_platform	SAP BusinessObjects Business Intelligence Platform – versions 420, 430, may allow legitimate users to access information they shouldn’t see through relational or OLAP connections. The main impact is the disclosure of company data to people that shouldn’t or don’t need to have access.	2022-04-12	not yet calculated	CVE-2022-22541 MISC MISC
dell — powerscale_onefs	Dell PowerScale OneFS, 8.2.x-9.3.x, contains a Improper Certificate Validation. A unauthenticated remote attacker could potentially exploit this vulnerability, leading to a man-in-the-middle capture of administrative credentials.	2022-04-12	not yet calculated	CVE-2022-22549 MISC
dell — powerscale_onefs	Dell PowerScale OneFS, versions 8.2.2 and above, contain a password disclosure vulnerability. An unprivileged local attacker could potentially exploit this vulnerability, leading to account take over.	2022-04-12	not yet calculated	CVE-2022-22550 MISC
dell — powerscale_onefs	Dell PowerScale OneFS, version 9.3.0, contains a use of a broken or risky cryptographic algorithm. An unprivileged network attacker could exploit this vulnerability, leading to the potential for information disclosure.	2022-04-12	not yet calculated	CVE-2022-22559 MISC
dell — powerscale_onefs	Dell EMC PowerScale OneFS 8.1.x – 9.1.x contain hard coded credentials. This allows a local user with knowledge of the credentials to login as the admin user to the backend ethernet switch of a PowerScale cluster. The attacker can exploit this vulnerability to take the switch offline.	2022-04-12	not yet calculated	CVE-2022-22560 MISC
dell — powerscale_onefs	Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contain an improper restriction of excessive authentication attempts. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to compromised accounts.	2022-04-12	not yet calculated	CVE-2022-22561 MISC
dell — powerscale_onefs	Dell PowerScale OneFS, versions 8.2.0-9.3.0, contain a improper handling of missing values exploit. An unauthenticated network attacker could potentially exploit this denial-of-service vulnerability.	2022-04-12	not yet calculated	CVE-2022-22562 MISC
dell — powerscale_onefs	Dell PowerScale OneFS, versions 9.0.0-9.3.0, contain an improper authorization of index containing sensitive information. An authenticated and privileged user could potentially exploit this vulnerability, leading to disclosure or modification of sensitive data.	2022-04-12	not yet calculated	CVE-2022-22565 MISC
ivanti — incapptic_connect	A non-admin user with user management permission can escalate his privilege to admin user via password reset functionality. The vulnerability affects Incapptic Connect version < 1.40.1.	2022-04-11	not yet calculated	CVE-2022-22572 MISC MISC
vmware — workspace_one_access_and_ identity_manager	VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code execution.	2022-04-11	not yet calculated	CVE-2022-22954 MISC
vmware — workspace_one_access	VMware Workspace ONE Access has two authentication bypass vulnerabilities (CVE-2022-22955 & CVE-2022-22956) in the OAuth2 ACS framework. A malicious actor may bypass the authentication mechanism and execute any operation due to exposed endpoints in the authentication framework.	2022-04-13	not yet calculated	CVE-2022-22955 MISC
vmware — workspace_one_access	VMware Workspace ONE Access has two authentication bypass vulnerabilities (CVE-2022-22955 & CVE-2022-22956) in the OAuth2 ACS framework. A malicious actor may bypass the authentication mechanism and execute any operation due to exposed endpoints in the authentication framework.	2022-04-13	not yet calculated	CVE-2022-22956 MISC
vmware — workspace_one_access_identity_manager_and_vrealize_automation	VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities (CVE-2022-22957 & CVE-2022-22958). A malicious actor with administrative access can trigger deserialization of untrusted data through malicious JDBC URI which may result in remote code execution.	2022-04-13	not yet calculated	CVE-2022-22957 MISC
vmware — workspace_one_access_identity_manager_and_vrealize_automation	VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities (CVE-2022-22957 & CVE-2022-22958). A malicious actor with administrative access can trigger deserialization of untrusted data through malicious JDBC URI which may result in remote code execution.	2022-04-13	not yet calculated	CVE-2022-22958 MISC
vmware — workspace_one_access_identity_manager_and_vrealize_automation	VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a cross site request forgery vulnerability. A malicious actor can trick a user through a cross site request forgery to unintentionally validate a malicious JDBC URI.	2022-04-13	not yet calculated	CVE-2022-22959 MISC
vmware — workspace_one_access_identity_manager_and_vrealize_automation	VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts. A malicious actor with local access can escalate privileges to ‘root’.	2022-04-13	not yet calculated	CVE-2022-22960 MISC
vmware — workspace_one_access_identity_manager_and_vrealize_automation	VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an information disclosure vulnerability due to returning excess information. A malicious actor with remote access may leak the hostname of the target system. Successful exploitation of this issue can lead to targeting victims.	2022-04-13	not yet calculated	CVE-2022-22961 MISC
vmware — horizon_client_for_linux	VMware Horizon Client for Linux (prior to 22.x) contains a local privilege escalation as a user is able to change the default shared folder location due to a vulnerable symbolic link. Successful exploitation can result in linking to a root owned file.	2022-04-11	not yet calculated	CVE-2022-22962 MISC
vmware — horizon_client_for_linux	VMware Horizon Client for Linux (prior to 22.x) contains a local privilege escalation that allows a user to escalate to root due to a vulnerable configuration file.	2022-04-11	not yet calculated	CVE-2022-22964 MISC
vmware — cloud_director	An authenticated, high privileged malicious actor with network access to the VMware Cloud Director tenant or provider may be able to exploit a remote code execution vulnerability to gain access to the server.	2022-04-14	not yet calculated	CVE-2022-22966 MISC
vmware — spring_framework	In Spring Framework versions 5.3.0 – 5.3.18, 5.2.0 – 5.2.20, and older unsupported versions, the patterns for disallowedFields on a DataBinder are case sensitive which means a field is not effectively protected unless it is listed with both upper and lower case for the first character of the field, including upper and lower case for the first character of all nested fields within the property path.	2022-04-14	not yet calculated	CVE-2022-22968 MISC
dell — powerscale_onefs	Dell PowerScale OneFS, 8.2.2 – 9.3.0.x, contain a missing release of memory after effective lifetime vulnerability. An authenticated user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE and ISI_PRIV_AUTH_PROVIDERS privileges could exploit this vulnerability, leading to a Denial-Of-Service. This can also impact a cluster in Compliance mode. Dell recommends to update at the earliest opportunity.	2022-04-12	not yet calculated	CVE-2022-23159 MISC
dell — powerscale_onefs	Dell PowerScale OneFS, versions 8.2.0-9.3.0, contains an Improper Handling of Insufficient Permissions vulnerability. An remote malicious user could potentially exploit this vulnerability, leading to gaining write permissions on read-only files.	2022-04-12	not yet calculated	CVE-2022-23160 MISC
dell — powerscale_onefs	Dell PowerScale OneFS versions 8.2.x – 9.3.0.x contains a denial-of-service vulnerability in SmartConnect. An unprivileged network attacker could potentially exploit this vulnerability, leading to denial-of-service. (of course this is temporary and will need to be adapted/reviewed as we determine the CWE with Srisimha Tummala ‘s help)	2022-04-12	not yet calculated	CVE-2022-23161 MISC
dell — powerscale_onefs	Dell PowerScale OneFS, 8.2,x, 9.1.0.x, 9.2.1.x, and 9.3.0.x contain a denial of service vulnerability. A local malicious user could potentially exploit this vulnerability, leading to denial of service/data unavailability.	2022-04-12	not yet calculated	CVE-2022-23163 MISC
spring_by_vmware — spring_framework	Windows Hyper-V Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22008, CVE-2022-22009, CVE-2022-24537.	2022-04-15	not yet calculated	CVE-2022-23257 N/A
microsoft — windows	Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability.	2022-04-15	not yet calculated	CVE-2022-23259 N/A
microsoft — windows	Windows Hyper-V Denial of Service Vulnerability.	2022-04-15	not yet calculated	CVE-2022-23268 N/A
microsoft — windows	Microsoft Power BI Spoofing Vulnerability.	2022-04-15	not yet calculated	CVE-2022-23292 N/A
simatic — energy_manager_basic_and_manager_pro	A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1), SIMATIC Energy Manager PRO (All versions < V7.3 Update 1). Affected applications improperly assign permissions to critical directories and files used by the application processes. This could allow a local unprivileged attacker to achieve code execution with ADMINISTRATOR or even NT AUTHORITY/SYSTEM privileges.	2022-04-12	not yet calculated	CVE-2022-23448 CONFIRM
simatic — energy_manager_basic_and_manager_pro	A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1), SIMATIC Energy Manager PRO (All versions < V7.3 Update 1). A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges by placing a malicious DLL in one of the directories on the DLL search path.	2022-04-12	not yet calculated	CVE-2022-23449 CONFIRM
simatic — energy_manager_basic_and_manager_pro	A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1), SIMATIC Energy Manager PRO (All versions < V7.3 Update 1). The affected system allows remote users to send maliciously crafted objects. Due to insecure deserialization of user-supplied content by the affected software, an unauthenticated attacker could exploit this vulnerability by sending a maliciously crafted serialized object. This could allow the attacker to execute arbitrary code on the device with SYSTEM privileges.	2022-04-12	not yet calculated	CVE-2022-23450 CONFIRM
hpe_superdome_flex — servers	A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 Servers. The vulnerability could be locally exploited to allow an user with Administrator access to escalate their privilege. The vulnerability is resolved in the latest firmware update. HPE Superdome Flex Server Version 3.50.58 or later, HPE Superdome Flex 280 Server Version 1.20.204 or later.	2022-04-12	not yet calculated	CVE-2022-23702 MISC
hpe — flash_arrays	A security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE Nimble Storage All Flash Arrays and HPE Nimble Storage Secondary Flash Arrays during update. This would potentially allow an attacker to intercept and modify network communication for software updates initiated by the Nimble appliance. The following NimbleOS versions, and all subsequent releases, contain a software fix for this vulnerability: 5.0.10.100, 5.2.1.500, 6.0.0.100	2022-04-12	not yet calculated	CVE-2022-23703 MISC
nyron — nyron_1.0	Nyron 1.0 is affected by a SQL injection vulnerability through Nyron/Library/Catalog/winlibsrch.aspx. To exploit this vulnerability, an attacker must inject ‘”> on the thes1 parameter.	2022-04-15	not yet calculated	CVE-2022-23865 MISC
subversion — mod_dav_svn	Subversion’s mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 through 1.14.1 (inclusive). Servers that do not use mod_dav_svn are not affected.	2022-04-12	not yet calculated	CVE-2022-24070 MISC MISC MISC DEBIAN
ritecms — admin_panel	RiteCMS version 3.1.0 and below suffers from an arbitrary file overwrite via path traversal vulnerability in Admin Panel. Exploiting the vulnerability allows an authenticated attacker to overwrite any file in the web root (along with any other file on the server that the PHP process user has the proper permissions to write) resulting a remote code execution.	2022-04-12	not yet calculated	CVE-2022-24247 MISC MISC
ritecms — admin_panel	RiteCMS version 3.1.0 and below suffers from an arbitrary file deletion via path traversal vulnerability in Admin Panel. Exploiting the vulnerability allows an authenticated attacker to delete any file in the web root (along with any other file on the server that the PHP process user has the proper permissions to delete). Furthermore, an attacker might leverage the capability of arbitrary file deletion to circumvent certain web server security mechanisms such as deleting .htaccess file that would deactivate those security constraints.	2022-04-12	not yet calculated	CVE-2022-24248 MISC MISC
madlib_object — madlib_object_utils	The package madlib-object-utils before 0.1.8 are vulnerable to Prototype Pollution via the setValue method, as it allows an attacker to merge object prototypes into it. Note: This vulnerability derives from an incomplete fix of [CVE-2020-7701](https://security.snyk.io/vuln/SNYK-JS-MADLIBOBJECTUTILS-598676)	2022-04-15	not yet calculated	CVE-2022-24279 CONFIRM CONFIRM
automox_agent — windows_and_linux_and version_36_on_osx	Automox Agent prior to version 37 on Windows and Linux and Version 36 on OSX could allow for a non privileged user to obtain sensitive information during the install process.	2022-04-13	not yet calculated	CVE-2022-24308 MISC MISC
fuji_electric — alpha_5	The affected product is vulnerable to an out-of-bounds read, which may result in code execution	2022-04-12	not yet calculated	CVE-2022-24383 MISC
dell — powerscale_onefs	Dell PowerScale OneFS 8.2.2 and above contain an elevation of privilege vulnerability. A local attacker with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE could potentially exploit this vulnerability, leading to elevation of privilege. This could potentially allow users to circumvent PowerScale Compliance Mode guarantees.	2022-04-12	not yet calculated	CVE-2022-24411 MISC
dell — powerscale_onefs	Dell EMC PowerScale OneFS 8.2.x – 9.3.0.x contain an improper handling of value vulnerability. An unprivileged network attacker could potentially exploit this vulnerability, leading to denial-of-service.	2022-04-12	not yet calculated	CVE-2022-24412 MISC
dell — powerscale_onefs	Dell PowerScale OneFS, versions 8.2.2-9.3.x, contain a time-of-check-to-time-of-use vulnerability. A local user with access to the filesystem could potentially exploit this vulnerability, leading to data loss.	2022-04-12	not yet calculated	CVE-2022-24413 MISC
microsoft — shaprepoint	Microsoft SharePoint Server Spoofing Vulnerability.	2022-04-15	not yet calculated	CVE-2022-24472 N/A
microsoft — excel	Microsoft Excel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26901.	2022-04-15	not yet calculated	CVE-2022-24473 N/A
windows — win32k	Windows Win32k Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24542.	2022-04-15	not yet calculated	CVE-2022-24474 N/A
microsoft — windows	Connected User Experiences and Telemetry Elevation of Privilege Vulnerability.	2022-04-15	not yet calculated	CVE-2022-24479 N/A
microsoft — windows	Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24521.	2022-04-15	not yet calculated	CVE-2022-24481 N/A
microsoft — windows	Windows ALPC Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24540.	2022-04-15	not yet calculated	CVE-2022-24482 N/A
microsoft — windows	Windows Kernel Information Disclosure Vulnerability.	2022-04-15	not yet calculated	CVE-2022-24483 N/A
microsoft — windows	Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-24538, CVE-2022-26784.	2022-04-15	not yet calculated	CVE-2022-24484 N/A
microsoft — windows	Win32 File Enumeration Remote Code Execution Vulnerability.	2022-04-15	not yet calculated	CVE-2022-24485 N/A
microsoft — windows	Windows Kerberos Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24544.	2022-04-15	not yet calculated	CVE-2022-24486 N/A
microsoft — windows	Windows Local Security Authority (LSA) Remote Code Execution Vulnerability.	2022-04-15	not yet calculated	CVE-2022-24487 N/A
microsoft — windows	Windows Desktop Bridge Elevation of Privilege Vulnerability.	2022-04-15	not yet calculated	CVE-2022-24488 N/A
microsoft — windows	Cluster Client Failover (CCF) Elevation of Privilege Vulnerability.	2022-04-15	not yet calculated	CVE-2022-24489 N/A
microsoft — windows	Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-24539, CVE-2022-26783, CVE-2022-26785.	2022-04-15	not yet calculated	CVE-2022-24490 N/A
microsoft — windows	Windows Network File System Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24497.	2022-04-15	not yet calculated	CVE-2022-24491 N/A
microsoft — windows	Remote Procedure Call Runtime Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24528, CVE-2022-26809.	2022-04-15	not yet calculated	CVE-2022-24492 N/A
microsoft — windows	Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability.	2022-04-15	not yet calculated	CVE-2022-24493 N/A
microsoft — windows	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability.	2022-04-15	not yet calculated	CVE-2022-24494 N/A
microsoft — windows	Windows Direct Show – Remote Code Execution Vulnerability.	2022-04-15	not yet calculated	CVE-2022-24495 N/A
microsoft — windows	Local Security Authority (LSA) Elevation of Privilege Vulnerability.	2022-04-15	not yet calculated	CVE-2022-24496 N/A
microsoft — windows	Windows Network File System Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24491.	2022-04-15	not yet calculated	CVE-2022-24497 N/A
microsoft — windows	Windows iSCSI Target Service Information Disclosure Vulnerability.	2022-04-15	not yet calculated	CVE-2022-24498 N/A
microsoft — windows	Windows Installer Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24530.	2022-04-15	not yet calculated	CVE-2022-24499 N/A
microsoft — windows	Windows SMB Remote Code Execution Vulnerability.	2022-04-15	not yet calculated	CVE-2022-24500 N/A
microsoft — windows	Visual Studio Elevation of Privilege Vulnerability.	2022-04-15	not yet calculated	CVE-2022-24513 N/A
microsoft — windows	Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24481.	2022-04-15	not yet calculated	CVE-2022-24521 N/A
microsoft — windows	Windows Endpoint Configuration Manager Elevation of Privilege Vulnerability.	2022-04-15	not yet calculated	CVE-2022-24527 N/A
microsoft — windows	Remote Procedure Call Runtime Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24492, CVE-2022-26809.	2022-04-15	not yet calculated	CVE-2022-24528 N/A
microsoft — windows	Windows Installer Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24499.	2022-04-15	not yet calculated	CVE-2022-24530 N/A
microsoft — windows	HEVC Video Extensions Remote Code Execution Vulnerability.	2022-04-15	not yet calculated	CVE-2022-24532 N/A
microsoft — windows	Remote Desktop Protocol Remote Code Execution Vulnerability.	2022-04-15	not yet calculated	CVE-2022-24533 N/A
microsoft — windows	Win32 Stream Enumeration Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21983.	2022-04-15	not yet calculated	CVE-2022-24534 N/A
microsoft — windows	Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26811, CVE-2022-26812, CVE-2022-26813, CVE-2022-26814, CVE-2022-26815, CVE-2022-26817, CVE-2022-26818, CVE-2022-26819, CVE-2022-26820, CVE-2022-26821, CVE-2022-26822, CVE-2022-26823, CVE-2022-26824, CVE-2022-26825, CVE-2022-26826, CVE-2022-26829.	2022-04-15	not yet calculated	CVE-2022-24536 N/A
microsoft — windows	Windows Hyper-V Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22008, CVE-2022-22009, CVE-2022-23257.	2022-04-15	not yet calculated	CVE-2022-24537 N/A
microsoft — windows	Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-24484, CVE-2022-26784.	2022-04-15	not yet calculated	CVE-2022-24538 N/A
microsoft — windows	Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-24490, CVE-2022-26783, CVE-2022-26785.	2022-04-15	not yet calculated	CVE-2022-24539 N/A
microsoft — windows	Windows ALPC Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24482.	2022-04-15	not yet calculated	CVE-2022-24540 N/A
microsoft — windows	Windows Server Service Remote Code Execution Vulnerability.	2022-04-15	not yet calculated	CVE-2022-24541 N/A
microsoft — windows	Windows Win32k Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24474.	2022-04-15	not yet calculated	CVE-2022-24542 N/A
microsoft — windows	Windows Upgrade Assistant Remote Code Execution Vulnerability.	2022-04-15	not yet calculated	CVE-2022-24543 N/A
microsoft — windows	Windows Kerberos Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24486.	2022-04-15	not yet calculated	CVE-2022-24544 N/A
microsoft — windows	Windows Kerberos Remote Code Execution Vulnerability.	2022-04-15	not yet calculated	CVE-2022-24545 N/A
microsoft — windows	Windows DWM Core Library Elevation of Privilege Vulnerability.	2022-04-15	not yet calculated	CVE-2022-24546 N/A
microsoft — windows	Windows Digital Media Receiver Elevation of Privilege Vulnerability.	2022-04-15	not yet calculated	CVE-2022-24547 N/A
microsoft — windows	Microsoft Defender Denial of Service Vulnerability.	2022-04-15	not yet calculated	CVE-2022-24548 N/A
microsoft — windows	Windows AppX Package Manager Elevation of Privilege Vulnerability.	2022-04-15	not yet calculated	CVE-2022-24549 N/A
microsoft — windows	Windows Telephony Server Elevation of Privilege Vulnerability.	2022-04-15	not yet calculated	CVE-2022-24550 N/A
microsoft — got_for_windws	Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, where untrusted parties have write access to the same hard disk. Those untrusted parties could create the folder `C:\.git`, which would be picked up by Git operations run supposedly outside a repository while searching for a Git directory. Git would then respect any config in said Git directory. Git Bash users who set `GIT_PS1_SHOWDIRTYSTATE` are vulnerable as well. Users who installed posh-gitare vulnerable simply by starting a PowerShell. Users of IDEs such as Visual Studio are vulnerable: simply creating a new project would already read and respect the config specified in `C:\.git\config`. Users of the Microsoft fork of Git are vulnerable simply by starting a Git Bash. The problem has been patched in Git for Windows v2.35.2. Users unable to upgrade may create the folder `.git` on all drives where Git commands are run, and remove read/write access from those folders as a workaround. Alternatively, define or extend `GIT_CEILING_DIRECTORIES` to cover the _parent_ directory of the user profile, e.g. `C:\Users` if the user profile is located in `C:\Users\my-user-name`.	2022-04-12	not yet calculated	CVE-2022-24765 CONFIRM MISC MISC MLIST
gitbub — git_for_windows	GitHub: Git for Windows’ uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account.	2022-04-12	not yet calculated	CVE-2022-24767 N/A
ethereum — vyper	Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. Versions of vyper prior to 0.3.2 suffer from a potential buffer overrun. Importing a function from a JSON interface which returns `bytes` generates bytecode which does not clamp bytes length, potentially resulting in a buffer overrun. Users are advised to upgrade. There are no known workarounds for this issue.	2022-04-13	not yet calculated	CVE-2022-24788 MISC CONFIRM
discourse — discourse	Discourse is an open source platform for community discussion. In stable versions prior to 2.8.3 and beta versions prior 2.9.0.beta4 erroneously expose groups. When a group with restricted visibility has been used to set the permissions of a category, the name of the group is leaked to any user that is able to see the category. To workaround the problem, a site administrator can remove groups with restricted visibility from any category’s permissions setting.	2022-04-11	not yet calculated	CVE-2022-24804 CONFIRM MISC
grafana — grafana_enterprise	Grafana is an open-source platform for monitoring and observability. When fine-grained access control is enabled and a client uses Grafana API Key to make requests, the permissions for that API Key are cached for 30 seconds for the given organization. Because of the way the cache ID is constructed, the consequent requests with any API Key evaluate to the same permissions as the previous requests. This can lead to an escalation of privileges, when for example a first request is made with Admin permissions, and the second request with different API Key is made with Viewer permissions, the second request will get the cached permissions from the previous Admin, essentially accessing higher privilege than it should. The vulnerability is only impacting Grafana Enterprise when the fine-grained access control beta feature is enabled and there are more than one API Keys in one organization with different roles assigned. All installations after Grafana Enterprise v8.1.0-beta1 should be upgraded as soon as possible. As an alternative, disable fine-grained access control will mitigate the vulnerability.	2022-04-12	not yet calculated	CVE-2022-24812 CONFIRM MISC MISC
jhipster — jhipster	JHipster is a development platform to quickly generate, develop, & deploy modern web applications & microservice architectures. SQL Injection vulnerability in entities for applications generated with the option “reactive with Spring WebFlux” enabled and an SQL database using r2dbc. Applications created without “reactive with Spring WebFlux” and applications with NoSQL databases are not affected. Users who have generated a microservice Gateway using the affected version may be impacted as Gateways are reactive by default. Currently, SQL injection is possible in the findAllBy(Pageable pageable, Criteria criteria) method of an entity repository class generated in these applications as the where clause using Criteria for queries are not sanitized and user input is passed on as it is by the criteria. This issue has been patched in v7.8.1. Users unable to upgrade should be careful when combining criterias and conditions as the root of the issue lies in the `EntityManager.java` class when creating the where clause via `Conditions.just(criteria.toString())`. `just` accepts the literal string provided. Criteria’s `toString` method returns a plain string and this combination is vulnerable to sql injection as the string is not sanitized and will contain whatever used passed as input using any plain SQL.	2022-04-11	not yet calculated	CVE-2022-24815 MISC MISC CONFIRM
jai_ext — jai_api	JAI-EXT is an open-source project which aims to extend the Java Advanced Imaging (JAI) API. Programs allowing Jiffle script to be provided via network request can lead to a Remote Code Execution as the Jiffle script is compiled into Java code via Janino, and executed. In particular, this affects the downstream GeoServer project. Version 1.2.22 will contain a patch that disables the ability to inject malicious code into the resulting script. Users unable to upgrade may negate the ability to compile Jiffle scripts from the final application, by removing janino-x.y.z.jar from the classpath.	2022-04-13	not yet calculated	CVE-2022-24816 CONFIRM MISC
geotools — geotools	GeoTools is an open source Java library that provides tools for geospatial data. The GeoTools library has a number of data sources that can perform unchecked JNDI lookups, which in turn can be used to perform class deserialization and result in arbitrary code execution. Similar to the Log4J case, the vulnerability can be triggered if the JNDI names are user-provided, but requires admin-level login to be triggered. The lookups are now restricted in GeoTools 26.4, GeoTools 25.6, and GeoTools 24.6. Users unable to upgrade should ensure that any downstream application should not allow usage of remotely provided JNDI strings.	2022-04-13	not yet calculated	CVE-2022-24818 CONFIRM MISC
xwiki_platform — xwiki	XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A guest user without the right to view pages of the wiki can still list documents by rendering some velocity documents. The problem has been patched in XWiki versions 12.10.11, 13.4.4, and 13.9-rc-1. There is no known workaround for this problem.	2022-04-08	not yet calculated	CVE-2022-24820 CONFIRM MISC
discourse — discourse	Discourse is an open source platform for community discussion. In affected versions an attacker can poison the cache for anonymous (i.e. not logged in) users, such that the users are shown the crawler view of the site instead of the HTML page. This can lead to a partial denial-of-service. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. There are no known workarounds for this issue.	2022-04-14	not yet calculated	CVE-2022-24824 MISC CONFIRM
elide — elide	Elide is a Java library that lets you stand up a GraphQL/JSON-API web service with minimal effort. When leveraging the following together: Elide Aggregation Data Store for Analytic Queries, Parameterized Columns (A column that requires a client provided parameter), and a parameterized column of type TEXT. There is the potential for a hacker to provide a carefully crafted query that would bypass server side authorization filters through SQL injection. A recent patch to Elide 6.1.2 allowed the ‘-‘ character to be included in parameterized TEXT columns. This character can be interpreted as SQL comments (‘–‘) and allow the attacker to remove the WHERE clause from the generated query and bypass authorization filters. A fix is provided in Elide 6.1.4. The vulnerability only exists for parameterized columns of type TEXT and only for analytic queries (CRUD is not impacted). Workarounds include leveraging a different type of parameterized column (TIME, MONEY, etc) or not leveraging parameterized columns.	2022-04-11	not yet calculated	CVE-2022-24827 CONFIRM MISC MISC
composer — composer	Composer is a dependency manager for the PHP programming language. Integrators using Composer code to call `VcsDriver::getFileContent` can have a code injection vulnerability if the user can control the `$file` or `$identifier` argument. This leads to a vulnerability on packagist.org for example where the composer.json’s `readme` field can be used as a vector for injecting parameters into hg/Mercurial via the `$file` argument, or git via the `$identifier` argument if you allow arbitrary data there (Packagist does not, but maybe other integrators do). Composer itself should not be affected by the vulnerability as it does not call `getFileContent` with arbitrary data into `$file`/`$identifier`. To the best of our knowledge this was not abused, and the vulnerability has been patched on packagist.org and Private Packagist within a day of the vulnerability report.	2022-04-13	not yet calculated	CVE-2022-24828 MISC CONFIRM
garden — garden	Garden is an automation platform for Kubernetes development and testing. In versions prior to 0.12.39 multiple endpoints did not require authentication. In some operating modes this allows for an attacker to gain access to the application erroneously. The configuration is leaked through the /api endpoint on the local server that is responsible for serving the Garden dashboard. At the moment, this server is accessible to 0.0.0.0 which makes it accessible to anyone on the same network (or anyone on the internet if they are on a public, static IP). This may lead to the ability to compromise credentials, secrets or environment variables. Users are advised to upgrade to version 0.12.39 as soon as possible. Users unable to upgrade should use a firewall blocking access to port 9777 from all untrusted network machines.	2022-04-11	not yet calculated	CVE-2022-24829 CONFIRM MISC
gocd — gocd	GoCD is an open source a continuous delivery server. The bundled gocd-ldap-authentication-plugin included with the GoCD Server fails to correctly escape special characters when using the username to construct LDAP queries. While this does not directly allow arbitrary LDAP data exfiltration, it can allow an existing LDAP-authenticated GoCD user with malicious intent to construct and execute malicious queries, allowing them to deduce facts about other users or entries within the LDAP database (e.g alternate fields, usernames, hashed passwords etc) through brute force mechanisms. This only affects users who have a working LDAP authorization configuration enabled on their GoCD server, and only is exploitable by users authenticating using such an LDAP configuration. This issue has been fixed in GoCD 22.1.0, which is bundled with gocd-ldap-authentication-plugin v2.2.0-144.	2022-04-11	not yet calculated	CVE-2022-24832 MISC MISC MISC MISC MISC CONFIRM MISC MISC
privatebin — provatenbin	PrivateBin is minimalist, open source online pastebin clone where the server has zero knowledge of pasted data. In PrivateBin < v1.4.0 a cross-site scripting (XSS) vulnerability was found. The vulnerability is present in all versions from v0.21 of the project, which was at the time still called ZeroBin. The issue is caused by the fact that SVGs can contain JavaScript. This can allow an attacker to execute code, if the user opens a paste with a specifically crafted SVG attachment, and interacts with the preview image and the instance isn’t protected by an appropriate content security policy. Users are advised to either upgrade to version 1.4.0 or to ensure the content security policy of their instance is set correctly.	2022-04-11	not yet calculated	CVE-2022-24833 MISC CONFIRM
nokogiri — nokogiri	Nokogiri is an open source XML and HTML library for Ruby. Nokogiri `< v1.13.4` contains an inefficient regular expression that is susceptible to excessive backtracking when attempting to detect encoding in HTML documents. Users are advised to upgrade to Nokogiri `>= 1.13.4`. There are no known workarounds for this issue.	2022-04-11	not yet calculated	CVE-2022-24836 CONFIRM MISC
hedgedoc — hedgedoc	HedgeDoc is an open-source, web-based, self-hosted, collaborative markdown editor. Images uploaded with HedgeDoc version 1.9.1 and later have an enumerable filename after the upload, resulting in potential information leakage of uploaded documents. This is especially relevant for private notes and affects all upload backends, except Lutim and imgur. This issue is patched in version 1.9.3 by replacing the filename generation with UUIDv4. If you cannot upgrade to HedgeDoc 1.9.3, it is possible to block POST requests to `/uploadimage`, which will disable future uploads.	2022-04-11	not yet calculated	CVE-2022-24837 CONFIRM MISC MISC
nextcloud — nextcloud_calendar	Nextcloud Calendar is a calendar application for the nextcloud framework. SMTP Command Injection in Appointment Emails via Newlines: as newlines and special characters are not sanitized in the email value in the JSON request, a malicious attacker can inject newlines to break out of the `RCPT TO:<BOOKING USER’S EMAIL> ` SMTP command and begin injecting arbitrary SMTP commands. It is recommended that Calendar is upgraded to 3.2.2. There are no workaround available.	2022-04-11	not yet calculated	CVE-2022-24838 MISC CONFIRM MISC
org.cyberneko.html — org.cyberneko.html	org.cyberneko.html is an html parser written in Java. The fork of `org.cyberneko.html` used by Nokogiri (Rubygem) raises a `java.lang.OutOfMemoryError` exception when parsing ill-formed HTML markup. Users are advised to upgrade to `>= 1.9.22.noko2`. Note: The upstream library `org.cyberneko.html` is no longer maintained. Nokogiri uses its own fork of this library located at https://github.com/sparklemotion/nekohtml and this CVE applies only to that fork. Other forks of nekohtml may have a similar vulnerability.	2022-04-11	not yet calculated	CVE-2022-24839 MISC CONFIRM
minio — minio	MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. A security issue was found where an non-admin user is able to create service accounts for root or other admin users and then is able to assume their access policies via the generated credentials. This in turn allows the user to escalate privilege to that of the root user. This vulnerability has been resolved in pull request #14729 and is included in `RELEASE.2022-04-12T06-55-35Z`. Users unable to upgrade may workaround this issue by explicitly adding a `admin:CreateServiceAccount` deny policy, however, this, in turn, denies the user the ability to create their own service accounts as well.	2022-04-12	not yet calculated	CVE-2022-24842 CONFIRM MISC MISC
gin_vue_admin — gin_vue_admin	Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. Gin-vue-admin 2.50 has arbitrary file read vulnerability due to a lack of parameter validation. This has been resolved in version 2.5.1. There are no known workarounds for this issue.	2022-04-13	not yet calculated	CVE-2022-24843 MISC CONFIRM MISC
gin_vue_admin — gin_vue_admin	Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. The problem occurs in the following code in server/service/system/sys_auto_code_pgsql.go, which means that PostgreSQL must be used as the database for this vulnerability to occur. Users must: Require JWT login? and be using PostgreSQL to be affected. This issue has been resolved in version 2.5.1. There are no known workarounds.	2022-04-13	not yet calculated	CVE-2022-24844 MISC CONFIRM
ethereum — vyper	Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. In affected versions, the return of `<iface>.returns_int128()` is not validated to fall within the bounds of `int128`. This issue can result in a misinterpretation of the integer value and lead to incorrect behavior. As of v0.3.0, `<iface>.returns_int128()` is validated in simple expressions, but not complex expressions. Users are advised to upgrade. There is no known workaround for this issue.	2022-04-13	not yet calculated	CVE-2022-24845 CONFIRM MISC
geowebcache — geowebcache	GeoWebCache is a tile caching server implemented in Java. The GeoWebCache disk quota mechanism can perform an unchecked JNDI lookup, which in turn can be used to perform class deserialization and result in arbitrary code execution. While in GeoWebCache the JNDI strings are provided via local configuration file, in GeoServer a user interface is provided to perform the same, that can be accessed remotely, and requires admin-level login to be used. These lookup are unrestricted in scope and can lead to code execution. The lookups are going to be restricted in GeoWebCache 1.21.0, 1.20.2, 1.19.3.	2022-04-14	not yet calculated	CVE-2022-24846 CONFIRM
geoserver — geoserver	GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The GeoServer security mechanism can perform an unchecked JNDI lookup, which in turn can be used to perform class deserialization and result in arbitrary code execution. The same can happen while configuring data stores with data sources located in JNDI, or while setting up the disk quota mechanism. In order to perform any of the above changes, the attack needs to have obtained admin rights and use either the GeoServer GUI, or its REST API. The lookups are going to be restricted in GeoServer 2.21.0, 2.20.4, 1.19.6. Users unable to upgrade should restrict access to the `geoserver/web` and `geoserver/rest` via a firewall and ensure that the GeoWebCache is not remotely accessible.	2022-04-13	not yet calculated	CVE-2022-24847 CONFIRM
discord — discatsharp	DisCatSharp is a Discord API wrapper for .NET. Users of versions 9.8.5, 9.8.6, 9.9.0 and previously published prereleases of 10.0.0 who have used either one of the two `RequireDisCatSharpDeveloperAttribute`s or the `BaseDiscordClient.LibraryDeveloperTeam` have potentially had their bot token sent to a web server not affiliated with Discord. This server is owned and operated by DisCatSharp’s development team. The tokens were not logged, yet it is still advisable to reset the tokens of potentially affected bots. 9.9.1 has been released to patch the issue for the current stable release and the current 10.0.0 prereleases are also no longer affected. Users unable to upgrade should remove all uses of the two `RequireDisCatSharpDeveloperAttribute`s and all direct calls to `BaseDiscordClient.LibraryDeveloperTeam`.	2022-04-14	not yet calculated	CVE-2022-24849 CONFIRM
discourse — discourse	Discourse is an open source platform for community discussion. A category’s group permissions settings can be viewed by anyone that has access to the category. As a result, a normal user is able to see whether a group has read/write permissions in the category even though the information should only be available to the users that can manage a category. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. There are no workarounds for this problem.	2022-04-14	not yet calculated	CVE-2022-24850 CONFIRM
ldap_account_manager — ldap_account_manager	LDAP Account Manager (LAM) is an open source web frontend for managing entries stored in an LDAP directory. The profile editor tool has an edit profile functionality, the parameters on this page are not properly sanitized and hence leads to stored XSS attacks. An authenticated user can store XSS payloads in the profiles, which gets triggered when any other user try to access the edit profile page. The pdf editor tool has an edit pdf profile functionality, the logoFile parameter in it is not properly sanitized and an user can enter relative paths like ../../../../../../../../../../../../../usr/share/icons/hicolor/48×48/apps/gvim.png via tools like burpsuite. Later when a pdf is exported using the edited profile the pdf icon has the image on that path(if image is present). Both issues require an attacker to be able to login to LAM admin interface. The issue is fixed in version 7.9.1.	2022-04-15	not yet calculated	CVE-2022-24851 MISC MISC CONFIRM
metabase — metabase	Metabase is an open source business intelligence and analytics application. Metabase has a proxy to load arbitrary URLs for JSON maps as part of our GeoJSON support. While we do validation to not return contents of arbitrary URLs, there is a case where a particularly crafted request could result in file access on windows, which allows enabling an `NTLM relay attack`, potentially allowing an attacker to receive the system password hash. If you use Windows and are on this version of Metabase, please upgrade immediately. The following patches (or greater versions) are available: 0.42.4 and 1.42.4, 0.41.7 and 1.41.7, 0.40.8 and 1.40.8.	2022-04-14	not yet calculated	CVE-2022-24853 MISC CONFIRM
metabase — metabase	Metabase is an open source business intelligence and analytics application. SQLite has an FDW-like feature called `ATTACH DATABASE`, which allows connecting multiple SQLite databases via the initial connection. If the attacker has SQL permissions to at least one SQLite database, then it can attach this database to a second database, and then it can query across all the tables. To be able to do that the attacker also needs to know the file path to the second database. Users are advised to upgrade as soon as possible. If you’re unable to upgrade, you can modify your SQLIte connection strings to contain the url argument `?limit_attached=0`, which will disallow making connections to other SQLite databases. Only users making use of SQLite are affected.	2022-04-14	not yet calculated	CVE-2022-24854 CONFIRM MISC
metabase — metabase	Metabase is an open source business intelligence and analytics application. In affected versions Metabase ships with an internal development endpoint `/_internal` that can allow for cross site scripting (XSS) attacks, potentially leading to phishing attempts with malicious links that could lead to account takeover. Users are advised to either upgrade immediately, or block access in your firewall to `/_internal` endpoints for Metabase. The following patches (or greater versions) are available: 0.42.4 and 1.42.4, 0.41.7 and 1.41.7, 0.40.8 and 1.40.8.	2022-04-14	not yet calculated	CVE-2022-24855 CONFIRM MISC
django_mfa — django_mfa	django-mfa3 is a library that implements multi factor authentication for the django web framework. It achieves this by modifying the regular login view. Django however has a second login view for its admin area. This second login view was not modified, so the multi factor authentication can be bypassed. Users are affected if they have activated both django-mfa3 (< 0.5.0) and django.contrib.admin and have not taken any other measures to prevent users from accessing the admin login view. The issue has been fixed in django-mfa3 0.5.0. It is possible to work around the issue by overwriting the admin login route, e.g. by adding the following URL definition before the admin routes: url(‘admin/login/’, lambda request: redirect(settings.LOGIN_URL)	2022-04-15	not yet calculated	CVE-2022-24857 MISC MISC CONFIRM
amazon — amazon_aws	An issue was discovered in Amazon AWS VPN Client 2.0.0. A TOCTOU race condition exists during the validation of VPN configuration files. This allows parameters outside of the AWS VPN Client allow list to be injected into the configuration file prior to the AWS VPN Client service (running as SYSTEM) processing the file. Dangerous arguments can be injected by a low-level user such as log, which allows an arbitrary destination to be specified for writing log files. This leads to an arbitrary file write as SYSTEM with partial control over the files content. This can be abused to cause an elevation of privilege or denial of service.	2022-04-14	not yet calculated	CVE-2022-25165 MISC MISC
amazon — amazon_aws	An issue was discovered in Amazon AWS VPN Client 2.0.0. It is possible to include a UNC path in the OpenVPN configuration file when referencing file paths for parameters (such as auth-user-pass). When this file is imported and the client attempts to validate the file path, it performs an open operation on the path and leaks the user’s Net-NTLMv2 hash to an external server. This could be exploited by having a user open a crafted malicious ovpn configuration file.	2022-04-14	not yet calculated	CVE-2022-25166 MISC MISC
wordpress — eroom_plugroom	Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress plugin) <= 1.3.7 allows an attacker to Sync with Zoom Meetings.	2022-04-11	not yet calculated	CVE-2022-25614 CONFIRM CONFIRM
wordpress — eroom_plugroom	Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress plugin) <= 1.3.8 allows cache deletion.	2022-04-11	not yet calculated	CVE-2022-25615 CONFIRM CONFIRM
seimens — simatic	A vulnerability has been identified in SIMATIC CFU DIQ (All versions), SIMATIC CFU PA (All versions), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.0.0), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.10), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants) (All versions), SIMATIC TDC CP51M1 (All versions), SIMATIC TDC CPU555 (All versions), SIMATIC WinAC RTX (All versions), SIMIT Simulation Platform (All versions). The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined. This could allow an attacker to create a denial of service condition for TCP services on affected devices by sending specially crafted TCP segments.	2022-04-12	not yet calculated	CVE-2022-25622 CONFIRM
seimens — mendix	A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.27), Mendix Applications using Mendix 8 (All versions < V8.18.14), Mendix Applications using Mendix 9 (All versions < V9.12.0), Mendix Applications using Mendix 9 (V9.6) (All versions < V9.6.3). When querying the database, it is possible to sort the results using a protected field. With this an authenticated attacker could extract information about the contents of a protected field.	2022-04-12	not yet calculated	CVE-2022-25650 CONFIRM
seimens — scalance	A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the HTTP headers of incoming requests. This could allow an unauthenticated remote attacker to crash affected devices.	2022-04-12	not yet calculated	CVE-2022-25751 CONFIRM
seimens — scalance	A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions.	2022-04-12	not yet calculated	CVE-2022-25752 CONFIRM
seimens — scalance	A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The handling of arguments such as IP addresses in the CLI of affected devices is prone to buffer overflows. This could allow an authenticated remote attacker to execute arbitrary code on the device.	2022-04-12	not yet calculated	CVE-2022-25753 CONFIRM
seimens — scalance	A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The integrated web server of the affected device could allow remote attackers to perform actions with the permissions of a victim user, provided the victim user has an active session and is induced to trigger the malicious request.	2022-04-12	not yet calculated	CVE-2022-25754 CONFIRM
seimens — scalance	A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The webserver of an affected device is missing specific security headers. This could allow an remote attacker to extract confidential session information under certain circumstances.	2022-04-12	not yet calculated	CVE-2022-25755 CONFIRM
seimens — scalance	A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The integrated web server could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. This can be used by an attacker to trigger a malicious request on the affected device.	2022-04-12	not yet calculated	CVE-2022-25756 CONFIRM
autodesk — autocad	A maliciously crafted DWF, 3DS and DWFX files in Autodesk AutoCAD 2022, 2021, 2020, 2019 can be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution.	2022-04-11	not yet calculated	CVE-2022-25789 MISC
autodesk — autocad	A maliciously crafted DWF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 and Autodesk Navisworks 2022 can be used to write beyond the allocated boundaries when parsing the DWF files. Exploitation of this vulnerability may lead to code execution.	2022-04-11	not yet calculated	CVE-2022-25790 MISC
autodesk — autocad	A Memory Corruption vulnerability for DWF and DWFX files in Autodesk AutoCAD 2022, 2021, 2020, 2019 and Autodesk Navisworks 2022 may lead to code execution through maliciously crafted DLL files.	2022-04-11	not yet calculated	CVE-2022-25791 MISC
autodesk — autocad	A maliciously crafted DXF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 and Autodesk Navisworks 2022 can be used to write beyond the allocated buffer through Buffer overflow vulnerability. This vulnerability can be exploited to execute arbitrary code.	2022-04-11	not yet calculated	CVE-2022-25792 MISC
autodesk — fbx_review	An Out-Of-Bounds Read Vulnerability in Autodesk FBX Review version 1.5.2 and prior may lead to code execution through maliciously crafted ActionScript Byte Code “ABC” files or information disclosure. ABC files are created by the Flash compiler and contain executable code. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.	2022-04-11	not yet calculated	CVE-2022-25794 MISC
pdftron — pdftron	A maliciously crafted DWG file can be used to write beyond the allocated buffer while parsing DWG files. This vulnerability can be exploited to execute arbitrary code	2022-04-13	not yet calculated	CVE-2022-25795 MISC
autodesk — navisworks	A Double Free vulnerability allows remote malicious actors to execute arbitrary code on DWF file in Autodesk Navisworks 2022 within affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.	2022-04-11	not yet calculated	CVE-2022-25796 MISC
autodesk — trueview	A Memory Corruption Vulnerability in Autodesk TrueView 2022 and 2021 may lead to remote code execution through maliciously crafted DWG files.	2022-04-13	not yet calculated	CVE-2022-25797 MISC
samsung — s_secure	Improper access control vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical attackers to access secured data in certain conditions.	2022-04-11	not yet calculated	CVE-2022-25831 MISC
samsung — s_secure	Improper authentication vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical attackers to use locked Myfiles app without authentication.	2022-04-11	not yet calculated	CVE-2022-25832 MISC
samsung — imsservice	Improper authentication in ImsService prior to SMR Apr-2022 Release 1 allows attackers to get IMSI without READ_PRIVILEGED_PHONE_STATE permission.	2022-04-11	not yet calculated	CVE-2022-25833 MISC
centrum — automation_design	Improper authentication vulnerability in the communication protocol provided by AD (Automation Design) server of CENTUM VP R6.01.10 to R6.09.00, CENTUM VP Small R6.01.10 to R6.09.00, CENTUM VP Basic R6.01.10 to R6.09.00, and B/M9000 VP R8.01.01 to R8.03.01 allows an attacker to use the functions provided by AD server. This may lead to leakage or tampering of data managed by AD server.	2022-04-15	not yet calculated	CVE-2022-26034 MISC MISC
samsung — samsungcontacts	Improper access control vulnerability in SamsungContacts prior to SMR Apr-2022 Release 1 allows that attackers can access contact information without permission.	2022-04-11	not yet calculated	CVE-2022-26090 MISC
samsung — samsungcontacts	Improper access control vulnerability in Knox Manage prior to SMR Apr-2022 Release 1 allows that physical attackers can bypass Knox Manage using a function key of hardware keyboard.	2022-04-11	not yet calculated	CVE-2022-26091 MISC
samsung — quram_agif	Improper boundary check in Quram Agif library prior to SMR Apr-2022 Release 1 allows arbitrary code execution.	2022-04-11	not yet calculated	CVE-2022-26092 MISC
samsung — google_and_samsung	Null pointer dereference vulnerability in parser_irot function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker.	2022-04-11	not yet calculated	CVE-2022-26093 MISC
samsung — google_and_samsung	Null pointer dereference vulnerability in parser_auxC function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker.	2022-04-11	not yet calculated	CVE-2022-26094 MISC
samsung — google_and_samsung	Null pointer dereference vulnerability in parser_colr function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker.	2022-04-11	not yet calculated	CVE-2022-26095 MISC
samsung — google_and_samsung	Null pointer dereference vulnerability in parser_ispe function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker.	2022-04-11	not yet calculated	CVE-2022-26096 MISC
samsung — google_and_samsung	Null pointer dereference vulnerability in parser_unknown_property function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker.	2022-04-11	not yet calculated	CVE-2022-26097 MISC
samsung — google_and_samsung	Heap-based buffer overflow vulnerability in sheifd_create function of libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attackers.	2022-04-11	not yet calculated	CVE-2022-26098 MISC
samsung — google_and_samsung	Null pointer dereference vulnerability in parser_infe function of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds read by remote attackers.	2022-04-11	not yet calculated	CVE-2022-26099 MISC
sap — netweaver_enterprise_portal	SAP NetWeaver Enterprise Portal – versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, is susceptible to script execution attack by an unauthenticated attacker due to improper sanitization of the user inputs while interacting on the Network. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.	2022-04-12	not yet calculated	CVE-2022-26105 MISC MISC
sap — 3d_visual_enterprise_viewer	When a user opens a manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) received from untrusted sources in SAP 3D Visual Enterprise Viewer – version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.	2022-04-12	not yet calculated	CVE-2022-26106 MISC MISC
sap — 3d_visual_enterprise_viewer	When a user opens a manipulated Jupiter Tesselation (.jt, JTReader.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer – version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.	2022-04-12	not yet calculated	CVE-2022-26107 MISC MISC
sap — 3d_visual_enterprise_viewer	When a user opens a manipulated Picture Exchange (.pcx, 2d.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer – version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.	2022-04-12	not yet calculated	CVE-2022-26108 MISC MISC
sap — 3d_visual_enterprise_viewer	When a user opens a manipulated Portable Document Format (.pdf, PDFView.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer – version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.	2022-04-12	not yet calculated	CVE-2022-26109 MISC MISC
mantisbt — plugin	An XSS issue was discovered in MantisBT before 2.25.3. Improper escaping of a Plugin name allows execution of arbitrary code (if CSP allows it) in manage_plugin_page.php and manage_plugin_uninstall.php when a crafted plugin is installed.	2022-04-13	not yet calculated	CVE-2022-26144 MISC
citrix — xenmobile	Citrix XenMobile Server 10.12 through RP11, 10.13 through RP6, and 10.14 through RP4 allows Command Injection.	2022-04-13	not yet calculated	CVE-2022-26151 MISC MISC
seimens — scalance	A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the GET parameter XNo of incoming HTTP requests. This could allow an unauthenticated remote attacker to crash affected devices.	2022-04-12	not yet calculated	CVE-2022-26334 CONFIRM
seimens — scalance	A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the URI of incoming HTTP GET requests. This could allow an unauthenticated remote attacker to crash affected devices.	2022-04-12	not yet calculated	CVE-2022-26335 CONFIRM
seimens — scalance	A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate if a certain SNMP key exists. An attacker could use this to trigger a reboot of an affected device by requesting specific SNMP information from the device.	2022-04-12	not yet calculated	CVE-2022-26380 CONFIRM
asterisk — asterisk	An issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it is possible to download files that are not certificates. These files could be much larger than what one would expect to download, leading to Resource Exhaustion. This is fixed in 16.25.2, 18.11.2, and 19.3.2.	2022-04-15	not yet calculated	CVE-2022-26498 MISC MISC MISC
asterisk — asterisk	An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it’s possible to send arbitrary requests (such as GET) to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2.	2022-04-15	not yet calculated	CVE-2022-26499 MISC MISC MISC
schneider_electric — ecostruxure	UNSUPPORTED WHEN ASSIGNED A heap-based buffer overflow exists in XML Decompression DecodeTreeBlock in AT&T Labs Xmill 0.7. A crafted input file can lead to remote code execution. This is not the same as any of: CVE-2021-21810, CVE-2021-21811, CVE-2021-21812, CVE-2021-21815, CVE-2021-21825, CVE-2021-21826, CVE-2021-21828, CVE-2021-21829, or CVE-2021-21830. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.	2022-04-14	not yet calculated	CVE-2022-26507 MISC MISC
pluck_cms — pluck_cms	A Cross-Site Request Forgery (CSRF) in Pluck CMS v4.7.15 allows attackers to delete arbitrary pages.	2022-04-13	not yet calculated	CVE-2022-26589 MISC MISC
liferay — portal	Multiple cross-site scripting (XSS) vulnerabilities in Liferay Portal 7.3.5 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allow remote attackers to inject arbitrary web script or HTML via a form field’s help text to (1) Forms module’s form builder, or (2) App Builder module’s object form view’s form builder.	2022-04-15	not yet calculated	CVE-2022-26594 MISC MISC
easyio — cpt_graphics	An issue in EasyIO CPT Graphics v0.8 allows attackers to discover valid users in the application.	2022-04-13	not yet calculated	CVE-2022-26643 MISC MISC MISC
asterisk — asterisk	An issue was discovered in Asterisk through 19.x and Certified Asterisk through 16.8-cert13. The func_odbc module provides possibly inadequate escaping functionality for backslash characters in SQL queries, resulting in user-provided data creating a broken SQL query or possibly a SQL injection. This is fixed in 16.25.2, 18.11.2, and 19.3.2, and 16.8-cert14.	2022-04-15	not yet calculated	CVE-2022-26651 MISC MISC MISC
zoho — manageengine_remote_access_plus	Zoho ManageEngine Remote Access Plus before 10.1.2137.15 allows guest users to view domain details (such as the username and GUID of an administrator).	2022-04-16	not yet calculated	CVE-2022-26653 CONFIRM
zoho — manageengine_remote_access_plus	Zoho ManageEngine Remote Access Plus before 10.1.2137.15 allows guest users to view license details.	2022-04-16	not yet calculated	CVE-2022-26777 CONFIRM
microsoft — windows	Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-24490, CVE-2022-24539, CVE-2022-26785.	2022-04-15	not yet calculated	CVE-2022-26783 N/A
microsoft — windows	Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-24484, CVE-2022-24538.	2022-04-15	not yet calculated	CVE-2022-26784 N/A
microsoft — windows	Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-24490, CVE-2022-24539, CVE-2022-26783.	2022-04-15	not yet calculated	CVE-2022-26785 N/A
microsoft — windows	Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26798, CVE-2022-26801, CVE-2022-26802, CVE-2022-26803.	2022-04-15	not yet calculated	CVE-2022-26786 N/A
microsoft — windows	Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26798, CVE-2022-26801, CVE-2022-26802, CVE-2022-26803.	2022-04-15	not yet calculated	CVE-2022-26787 N/A
microsoft — powershell	PowerShell Elevation of Privilege Vulnerability.	2022-04-15	not yet calculated	CVE-2022-26788 N/A
microsoft — windows	Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26798, CVE-2022-26801, CVE-2022-26802, CVE-2022-26803.	2022-04-15	not yet calculated	CVE-2022-26789 N/A
microsoft — windows	Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26798, CVE-2022-26801, CVE-2022-26802, CVE-2022-26803.	2022-04-15	not yet calculated	CVE-2022-26790 N/A
microsoft — windows	Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26798, CVE-2022-26801, CVE-2022-26802, CVE-2022-26803.	2022-04-15	not yet calculated	CVE-2022-26791 N/A
microsoft — windows	Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26798, CVE-2022-26801, CVE-2022-26802, CVE-2022-26803.	2022-04-15	not yet calculated	CVE-2022-26792 N/A
microsoft — windows	Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26798, CVE-2022-26801, CVE-2022-26802, CVE-2022-26803.	2022-04-15	not yet calculated	CVE-2022-26793 N/A
microsoft — windows	Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26798, CVE-2022-26801, CVE-2022-26802, CVE-2022-26803.	2022-04-15	not yet calculated	CVE-2022-26794 N/A
microsoft — windows	Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26796, CVE-2022-26797, CVE-2022-26798, CVE-2022-26801, CVE-2022-26802, CVE-2022-26803.	2022-04-15	not yet calculated	CVE-2022-26795 N/A
microsoft — windows	Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26797, CVE-2022-26798, CVE-2022-26801, CVE-2022-26802, CVE-2022-26803.	2022-04-15	not yet calculated	CVE-2022-26796 N/A
microsoft — windows	Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26798, CVE-2022-26801, CVE-2022-26802, CVE-2022-26803.	2022-04-15	not yet calculated	CVE-2022-26797 N/A
microsoft — windows	Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26801, CVE-2022-26802, CVE-2022-26803.	2022-04-15	not yet calculated	CVE-2022-26798 N/A
microsoft — windows	Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26798, CVE-2022-26802, CVE-2022-26803.	2022-04-15	not yet calculated	CVE-2022-26801 N/A
microsoft — windows	Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26798, CVE-2022-26801, CVE-2022-26803.	2022-04-15	not yet calculated	CVE-2022-26802 N/A
microsoft — windows	Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26798, CVE-2022-26801, CVE-2022-26802.	2022-04-15	not yet calculated	CVE-2022-26803 N/A
microsoft — windows	Windows Work Folder Service Elevation of Privilege Vulnerability.	2022-04-15	not yet calculated	CVE-2022-26807 N/A
microsoft — windows	Windows File Explorer Elevation of Privilege Vulnerability.	2022-04-15	not yet calculated	CVE-2022-26808 N/A
microsoft — windows	Remote Procedure Call Runtime Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24492, CVE-2022-24528.	2022-04-15	not yet calculated	CVE-2022-26809 N/A
microsoft — windows	Windows File Server Resource Management Service Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26827.	2022-04-15	not yet calculated	CVE-2022-26810 N/A
microsoft — windows	Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24536, CVE-2022-26812, CVE-2022-26813, CVE-2022-26814, CVE-2022-26815, CVE-2022-26817, CVE-2022-26818, CVE-2022-26819, CVE-2022-26820, CVE-2022-26821, CVE-2022-26822, CVE-2022-26823, CVE-2022-26824, CVE-2022-26825, CVE-2022-26826, CVE-2022-26829.	2022-04-15	not yet calculated	CVE-2022-26811 N/A
microsoft — windows	Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24536, CVE-2022-26811, CVE-2022-26813, CVE-2022-26814, CVE-2022-26815, CVE-2022-26817, CVE-2022-26818, CVE-2022-26819, CVE-2022-26820, CVE-2022-26821, CVE-2022-26822, CVE-2022-26823, CVE-2022-26824, CVE-2022-26825, CVE-2022-26826, CVE-2022-26829.	2022-04-15	not yet calculated	CVE-2022-26812 N/A
microsoft — windows	Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24536, CVE-2022-26811, CVE-2022-26812, CVE-2022-26814, CVE-2022-26815, CVE-2022-26817, CVE-2022-26818, CVE-2022-26819, CVE-2022-26820, CVE-2022-26821, CVE-2022-26822, CVE-2022-26823, CVE-2022-26824, CVE-2022-26825, CVE-2022-26826, CVE-2022-26829.	2022-04-15	not yet calculated	CVE-2022-26813 N/A
microsoft — windows	Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24536, CVE-2022-26811, CVE-2022-26812, CVE-2022-26813, CVE-2022-26815, CVE-2022-26817, CVE-2022-26818, CVE-2022-26819, CVE-2022-26820, CVE-2022-26821, CVE-2022-26822, CVE-2022-26823, CVE-2022-26824, CVE-2022-26825, CVE-2022-26826, CVE-2022-26829.	2022-04-15	not yet calculated	CVE-2022-26814 N/A
microsoft — windows	Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24536, CVE-2022-26811, CVE-2022-26812, CVE-2022-26813, CVE-2022-26814, CVE-2022-26817, CVE-2022-26818, CVE-2022-26819, CVE-2022-26820, CVE-2022-26821, CVE-2022-26822, CVE-2022-26823, CVE-2022-26824, CVE-2022-26825, CVE-2022-26826, CVE-2022-26829.	2022-04-15	not yet calculated	CVE-2022-26815 N/A
microsoft — windows	Windows DNS Server Information Disclosure Vulnerability.	2022-04-15	not yet calculated	CVE-2022-26816 N/A
microsoft — windows	Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24536, CVE-2022-26811, CVE-2022-26812, CVE-2022-26813, CVE-2022-26814, CVE-2022-26815, CVE-2022-26818, CVE-2022-26819, CVE-2022-26820, CVE-2022-26821, CVE-2022-26822, CVE-2022-26823, CVE-2022-26824, CVE-2022-26825, CVE-2022-26826, CVE-2022-26829.	2022-04-15	not yet calculated	CVE-2022-26817 N/A
microsoft — windows	Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24536, CVE-2022-26811, CVE-2022-26812, CVE-2022-26813, CVE-2022-26814, CVE-2022-26815, CVE-2022-26817, CVE-2022-26819, CVE-2022-26820, CVE-2022-26821, CVE-2022-26822, CVE-2022-26823, CVE-2022-26824, CVE-2022-26825, CVE-2022-26826, CVE-2022-26829.	2022-04-15	not yet calculated	CVE-2022-26818 N/A
microsoft — windows	Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24536, CVE-2022-26811, CVE-2022-26812, CVE-2022-26813, CVE-2022-26814, CVE-2022-26815, CVE-2022-26817, CVE-2022-26818, CVE-2022-26820, CVE-2022-26821, CVE-2022-26822, CVE-2022-26823, CVE-2022-26824, CVE-2022-26825, CVE-2022-26826, CVE-2022-26829.	2022-04-15	not yet calculated	CVE-2022-26819 N/A
microsoft — windows	Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24536, CVE-2022-26811, CVE-2022-26812, CVE-2022-26813, CVE-2022-26814, CVE-2022-26815, CVE-2022-26817, CVE-2022-26818, CVE-2022-26819, CVE-2022-26821, CVE-2022-26822, CVE-2022-26823, CVE-2022-26824, CVE-2022-26825, CVE-2022-26826, CVE-2022-26829.	2022-04-15	not yet calculated	CVE-2022-26820 N/A
microsoft — windows	Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24536, CVE-2022-26811, CVE-2022-26812, CVE-2022-26813, CVE-2022-26814, CVE-2022-26815, CVE-2022-26817, CVE-2022-26818, CVE-2022-26819, CVE-2022-26820, CVE-2022-26822, CVE-2022-26823, CVE-2022-26824, CVE-2022-26825, CVE-2022-26826, CVE-2022-26829.	2022-04-15	not yet calculated	CVE-2022-26821 N/A
microsoft — windows	Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24536, CVE-2022-26811, CVE-2022-26812, CVE-2022-26813, CVE-2022-26814, CVE-2022-26815, CVE-2022-26817, CVE-2022-26818, CVE-2022-26819, CVE-2022-26820, CVE-2022-26821, CVE-2022-26823, CVE-2022-26824, CVE-2022-26825, CVE-2022-26826, CVE-2022-26829.	2022-04-15	not yet calculated	CVE-2022-26822 N/A
microsoft — windows	Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24536, CVE-2022-26811, CVE-2022-26812, CVE-2022-26813, CVE-2022-26814, CVE-2022-26815, CVE-2022-26817, CVE-2022-26818, CVE-2022-26819, CVE-2022-26820, CVE-2022-26821, CVE-2022-26822, CVE-2022-26824, CVE-2022-26825, CVE-2022-26826, CVE-2022-26829.	2022-04-15	not yet calculated	CVE-2022-26823 N/A
microsoft — windows	Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24536, CVE-2022-26811, CVE-2022-26812, CVE-2022-26813, CVE-2022-26814, CVE-2022-26815, CVE-2022-26817, CVE-2022-26818, CVE-2022-26819, CVE-2022-26820, CVE-2022-26821, CVE-2022-26822, CVE-2022-26823, CVE-2022-26825, CVE-2022-26826, CVE-2022-26829.	2022-04-15	not yet calculated	CVE-2022-26824 N/A
microsoft — windows	Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24536, CVE-2022-26811, CVE-2022-26812, CVE-2022-26813, CVE-2022-26814, CVE-2022-26815, CVE-2022-26817, CVE-2022-26818, CVE-2022-26819, CVE-2022-26820, CVE-2022-26821, CVE-2022-26822, CVE-2022-26823, CVE-2022-26824, CVE-2022-26826, CVE-2022-26829.	2022-04-15	not yet calculated	CVE-2022-26825 N/A
microsoft — windows	Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24536, CVE-2022-26811, CVE-2022-26812, CVE-2022-26813, CVE-2022-26814, CVE-2022-26815, CVE-2022-26817, CVE-2022-26818, CVE-2022-26819, CVE-2022-26820, CVE-2022-26821, CVE-2022-26822, CVE-2022-26823, CVE-2022-26824, CVE-2022-26825, CVE-2022-26829.	2022-04-15	not yet calculated	CVE-2022-26826 N/A
microsoft — windows	Windows File Server Resource Management Service Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26810.	2022-04-15	not yet calculated	CVE-2022-26827 N/A
microsoft — windows	Windows Bluetooth Driver Elevation of Privilege Vulnerability.	2022-04-15	not yet calculated	CVE-2022-26828 N/A
microsoft — windows	Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24536, CVE-2022-26811, CVE-2022-26812, CVE-2022-26813, CVE-2022-26814, CVE-2022-26815, CVE-2022-26817, CVE-2022-26818, CVE-2022-26819, CVE-2022-26820, CVE-2022-26821, CVE-2022-26822, CVE-2022-26823, CVE-2022-26824, CVE-2022-26825, CVE-2022-26826.	2022-04-15	not yet calculated	CVE-2022-26829 N/A
microsoft — windows	DiskUsage.exe Remote Code Execution Vulnerability.	2022-04-15	not yet calculated	CVE-2022-26830 N/A
microsoft — windows	Windows LDAP Denial of Service Vulnerability.	2022-04-15	not yet calculated	CVE-2022-26831 N/A
microsoft — windows	.NET Framework Denial of Service Vulnerability.	2022-04-15	not yet calculated	CVE-2022-26832 N/A
microsoft — windows	Azure Site Recovery Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-26897.	2022-04-15	not yet calculated	CVE-2022-26896 N/A
microsoft — windows	Azure Site Recovery Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-26896.	2022-04-15	not yet calculated	CVE-2022-26897 N/A
microsoft — windows	Azure Site Recovery Remote Code Execution Vulnerability.	2022-04-15	not yet calculated	CVE-2022-26898 N/A
microsoft — windows	Microsoft Excel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24473.	2022-04-15	not yet calculated	CVE-2022-26901 N/A
microsoft — windows	Windows Graphics Component Remote Code Execution Vulnerability.	2022-04-15	not yet calculated	CVE-2022-26903 N/A
microsoft — windows	Windows User Profile Service Elevation of Privilege Vulnerability.	2022-04-15	not yet calculated	CVE-2022-26904 N/A
microsoft — windows	Azure SDK for .NET Information Disclosure Vulnerability.	2022-04-15	not yet calculated	CVE-2022-26907 N/A
microsoft — skype	Skype for Business and Lync Spoofing Vulnerability.	2022-04-15	not yet calculated	CVE-2022-26910 N/A
microsoft — skype	Skype for Business Information Disclosure Vulnerability.	2022-04-15	not yet calculated	CVE-2022-26911 N/A
microsoft — windows	Win32k Elevation of Privilege Vulnerability.	2022-04-15	not yet calculated	CVE-2022-26914 N/A
microsoft — windows	Windows Secure Channel Denial of Service Vulnerability.	2022-04-15	not yet calculated	CVE-2022-26915 N/A
microsoft — windows	Windows Fax Compose Form Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26917, CVE-2022-26918.	2022-04-15	not yet calculated	CVE-2022-26916 N/A
microsoft — windows	Windows Fax Compose Form Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26916, CVE-2022-26918.	2022-04-15	not yet calculated	CVE-2022-26917 N/A
microsoft — windows	Windows Fax Compose Form Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26916, CVE-2022-26917.	2022-04-15	not yet calculated	CVE-2022-26918 N/A
microsoft — windows	Windows LDAP Remote Code Execution Vulnerability.	2022-04-15	not yet calculated	CVE-2022-26919 N/A
microsoft — windows	Windows Graphics Component Information Disclosure Vulnerability.	2022-04-15	not yet calculated	CVE-2022-26920 N/A
microsoft — windows	Visual Studio Code Elevation of Privilege Vulnerability.	2022-04-15	not yet calculated	CVE-2022-26921 N/A
microsoft — windows	YARP Denial of Service Vulnerability.	2022-04-15	not yet calculated	CVE-2022-26924 N/A
microsoft — windows	nginx njs 0.7.2 is affected suffers from Use-after-free in njs_function_frame_alloc() when it try to invoke from a restored frame saved with njs_function_frame_save().	2022-04-14	not yet calculated	CVE-2022-27007 MISC MISC
microsoft — windows	nginx njs 0.7.2 is vulnerable to Buffer Overflow. Type confused in Array.prototype.concat() when a slow array appended element is fast array.	2022-04-14	not yet calculated	CVE-2022-27008 MISC MISC
microsoft — windows	Yearning versions 2.3.1 and 2.3.2 Interstellar GA and 2.3.4 – 2.3.6 Neptune is vulnerable to Directory Traversal.	2022-04-15	not yet calculated	CVE-2022-27043 MISC
moxa — mgate	A vulnerability has been discovered in Moxa MGate which allows an attacker to perform a man-in-the-middle (MITM) attack on the device. This affects MGate MB3170 Series Firmware Version 4.2 or lower. and MGate MB3270 Series Firmware Version 4.2 or lower. and MGate MB3280 Series Firmware Version 4.1 or lower. and MGate MB3480 Series Firmware Version 3.2 or lower.	2022-04-15	not yet calculated	CVE-2022-27048 MISC
github — ghost	An arbitrary file upload vulnerability in the file upload module of Ghost v4.39.0 allows attackers to execute arbitrary code via a crafted SVG file.	2022-04-12	not yet calculated	CVE-2022-27139 MISC
github — express_fileupload	An arbitrary file upload vulnerability in the file upload module of Express-Fileupload v1.3.1 allows attackers to execute arbitrary code via a crafted PHP file.	2022-04-12	not yet calculated	CVE-2022-27140 MISC
pearweb — pearweb	pearweb < 1.32 is suffers from a Weak Password Recovery Mechanism via include/users/passwordmanage.php.	2022-04-15	not yet calculated	CVE-2022-27157 MISC
pearweb — pearweb	pearweb < 1.32 suffers from Deserialization of Untrusted Data.	2022-04-15	not yet calculated	CVE-2022-27158 MISC
csz — cms	Csz Cms 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Members_viewUsers	2022-04-12	not yet calculated	CVE-2022-27161 MISC
csz — cms	CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Members_editUser	2022-04-12	not yet calculated	CVE-2022-27162 MISC
csz — cms	CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Users_editUser	2022-04-12	not yet calculated	CVE-2022-27163 MISC
csz — cms	CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Users_viewUsers	2022-04-12	not yet calculated	CVE-2022-27164 MISC
csz — cms	CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Plugin_manager_setstatus	2022-04-12	not yet calculated	CVE-2022-27165 MISC
yokogawa — centum	OS command injection vulnerability exists in CENTUM VP R4.01.00 to R4.03.00, CENTUM VP Small R4.01.00 to R4.03.00, CENTUM VP Basic R4.01.00 to R4.03.00, and B/M9000 VP R6.01.01 to R6.03.02, which may allow an attacker who can access the computer where the affected product is installed to execute an arbitrary OS command by altering a file generated using Graphic Builder.	2022-04-15	not yet calculated	CVE-2022-27188 MISC MISC
seimens — simatic	A vulnerability has been identified in SIMATIC PCS neo (Administration Console) (All versions < V3.1 SP1), SINETPLAN (All versions), TIA Portal (V15, V15.1, V16 and V17). The affected system cannot properly process specially crafted packets sent to port 8888/tcp. A remote attacker could exploit this vulnerability to cause a Denial-of-Service condition. The affected devices must be restarted manually.	2022-04-12	not yet calculated	CVE-2022-27194 CONFIRM
seimens — mendix	A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions), Mendix Applications using Mendix 8 (All versions), Mendix Applications using Mendix 9 (All versions < V9.11). Applications built with an affected system publicly expose the internal project structure. This could allow an unauthenticated remote attacker to read confidential information.	2022-04-12	not yet calculated	CVE-2022-27241 CONFIRM
hubzilla — hubzilla	A PHP Local File inclusion vulnerability in the Redbasic theme for Hubzilla before version 7.2 allows remote attackers to include arbitrary php files via the schema parameter.	2022-04-13	not yet calculated	CVE-2022-27256 MISC MISC MISC
hubzilla — hubzilla	A PHP Local File Inclusion vulneraility in the default Redbasic theme for Hubzilla before version 7.2 allows remote attackers to include arbitrary php files via the schema parameter.	2022-04-15	not yet calculated	CVE-2022-27257 MISC MISC
hubzilla — hubzilla	Multiple Cross-Site Scripting (XSS) vulnerabilities in Hubzilla 7.0.3 and earlier allows remote attacker to include arbitrary web script or HTML via the rpath parameter.	2022-04-15	not yet calculated	CVE-2022-27258 MISC MISC
buttercms — buttercms	An arbitrary file upload vulnerability in the file upload component of ButterCMS v1.2.8 allows attackers to execute arbitrary code via a crafted SVG file.	2022-04-12	not yet calculated	CVE-2022-27260 MISC MISC MISC
express — express_fileupload	An arbitrary file write vulnerability in Express-FileUpload v1.3.1 allows attackers to upload multiple files with the same name, causing an overwrite of files in the web application server.	2022-04-12	not yet calculated	CVE-2022-27261 MISC MISC
skipper — skipper	An arbitrary file upload vulnerability in the file upload module of Skipper v0.9.1 allows attackers to execute arbitrary code via a crafted file.	2022-04-12	not yet calculated	CVE-2022-27262 MISC MISC
strapi — strapi	An arbitrary file upload vulnerability in the file upload module of Strapi v4.1.5 allows attackers to execute arbitrary code via a crafted file.	2022-04-12	not yet calculated	CVE-2022-27263 MISC MISC
inhand_networks — inrouter_900_industrial_ 4g_router	InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the component get_cgi_from_memory. This vulnerability is triggered via a crafted packet.	2022-04-10	not yet calculated	CVE-2022-27268 MISC MISC
inhand_networks — inrouter_900_industrial_ 4g_router	InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the component config_ovpn. This vulnerability is triggered via a crafted packet.	2022-04-10	not yet calculated	CVE-2022-27269 MISC MISC
inhand_networks — inrouter_900_industrial_ 4g_router	InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the component ipsec_secrets. This vulnerability is triggered via a crafted packet.	2022-04-10	not yet calculated	CVE-2022-27270 MISC MISC
inhand_networks — inrouter_900_industrial_ 4g_router	InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the component python-lib. This vulnerability is triggered via a crafted packet.	2022-04-10	not yet calculated	CVE-2022-27271 MISC MISC
inhand_networks — inrouter_900_industrial_ 4g_router	InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the function sub_1791C. This vulnerability is triggered via a crafted packet.	2022-04-10	not yet calculated	CVE-2022-27272 MISC MISC
inhand_networks — inrouter_900_industrial_ 4g_router	InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the function sub_12168. This vulnerability is triggered via a crafted packet.	2022-04-10	not yet calculated	CVE-2022-27273 MISC MISC
inhand_networks — inrouter_900_industrial_ 4g_router	InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the function sub_12028. This vulnerability is triggered via a crafted packet.	2022-04-10	not yet calculated	CVE-2022-27274 MISC MISC
inhand_networks — inrouter_900_industrial_ 4g_router	InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the function sub_122D0. This vulnerability is triggered via a crafted packet.	2022-04-10	not yet calculated	CVE-2022-27275 MISC MISC
inhand_networks — inrouter_900_industrial_ 4g_router	InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the function sub_10F2C. This vulnerability is triggered via a crafted packet.	2022-04-10	not yet calculated	CVE-2022-27276 MISC MISC
inhand_networks — inrouter_900_industrial_ 4g_router	InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain an arbitrary file deletion vulnerability via the function sub_17C08.	2022-04-10	not yet calculated	CVE-2022-27277 MISC MISC
inhand_networks — inrouter_900_industrial_ 4g_router	InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain an arbitrary file read via the function sub_177E0.	2022-04-10	not yet calculated	CVE-2022-27279 MISC MISC
inhand_networks — inrouter_900_industrial_ 4g_router	InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the web_exec parameter at /apply.cgi.	2022-04-10	not yet calculated	CVE-2022-27280 MISC
d-link — dir_619_ ax_ v1.00	D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanNonLogin. This vulnerability allows attackers to cause a Denial of Service (DoS) via the curTime parameter.	2022-04-10	not yet calculated	CVE-2022-27286 MISC MISC
d-link — dir_619_ ax_ v1.00	D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanPPPoE. This vulnerability allows attackers to cause a Denial of Service (DoS) via the curTime parameter.	2022-04-10	not yet calculated	CVE-2022-27287 MISC MISC
d-link — dir_619_ ax_ v1.00	D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanPPTP. This vulnerability allows attackers to cause a Denial of Service (DoS) via the curTime parameter.	2022-04-10	not yet calculated	CVE-2022-27288 MISC MISC
d-link — dir_619_ ax_ v1.00	D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanL2TP. This vulnerability allows attackers to cause a Denial of Service (DoS) via the curTime parameter.	2022-04-10	not yet calculated	CVE-2022-27289 MISC MISC
d-link — dir_619_ ax_ v1.00	D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanDhcpplus. This vulnerability allows attackers to cause a Denial of Service (DoS) via the curTime parameter.	2022-04-10	not yet calculated	CVE-2022-27290 MISC MISC
d-link — dir_619_ ax_ v1.00	D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formdumpeasysetup. This vulnerability allows attackers to cause a Denial of Service (DoS) via the config.save_network_enabled parameter.	2022-04-10	not yet calculated	CVE-2022-27291 MISC MISC
d-link — dir_619_ ax_ v1.00	D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formLanguageChange. This vulnerability allows attackers to cause a Denial of Service (DoS) via the nextPage parameter.	2022-04-10	not yet calculated	CVE-2022-27292 MISC MISC
d-link — dir_619_ ax_ v1.00	D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formWlanSetup. This vulnerability allows attackers to cause a Denial of Service (DoS) via the webpage parameter.	2022-04-10	not yet calculated	CVE-2022-27293 MISC MISC
d-link — dir_619_ ax_ v1.00	D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formWlanWizardSetup. This vulnerability allows attackers to cause a Denial of Service (DoS) via the webpage parameter.	2022-04-10	not yet calculated	CVE-2022-27294 MISC MISC
d-link — dir_619_ ax_ v1.00	D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formAdvanceSetup. This vulnerability allows attackers to cause a Denial of Service (DoS) via the webpage parameter.	2022-04-10	not yet calculated	CVE-2022-27295 MISC MISC
cscms — music_portal_system	Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component dance_Dance.php_del.	2022-04-15	not yet calculated	CVE-2022-27365 MISC
cscms — music_portal_system	Cscms Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the component dance_Dance.php_hy.	2022-04-15	not yet calculated	CVE-2022-27366 MISC
cscms — music_portal_system	Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component dance_Topic.php_del.	2022-04-15	not yet calculated	CVE-2022-27367 MISC
cscms — music_portal_system	Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component dance_Lists.php_zhuan.	2022-04-15	not yet calculated	CVE-2022-27368 MISC
cscms — music_portal_system	Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component news_News.php_hy.	2022-04-15	not yet calculated	CVE-2022-27369 MISC
mariadb — mariadb_server	MariaDB Server v10.6.5 and below was discovered to contain an use-after-free in the component Item_args::walk_arg, which is exploited via specially crafted SQL statements.	2022-04-12	not yet calculated	CVE-2022-27376 MISC
mariadb — mariadb_server	MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component Item_func_in::cleanup(), which is exploited via specially crafted SQL statements.	2022-04-12	not yet calculated	CVE-2022-27377 MISC
mariadb — mariadb_server	An issue in the component Create_tmp_table::finalize of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.	2022-04-12	not yet calculated	CVE-2022-27378 MISC
mariadb — mariadb_server	An issue in the component Arg_comparator::compare_real_fixed of MariaDB Server v10.6.2 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.	2022-04-12	not yet calculated	CVE-2022-27379 MISC
mariadb — mariadb_server	An issue in the component my_decimal::operator= of MariaDB Server v10.6.3 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.	2022-04-12	not yet calculated	CVE-2022-27380 MISC
mariadb — mariadb_server	An issue in the component Field::set_default of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.	2022-04-12	not yet calculated	CVE-2022-27381 MISC
mariadb — mariadb_server	MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component Item_field::used_tables/update_depend_map_for_order.	2022-04-12	not yet calculated	CVE-2022-27382 MISC
mariadb — mariadb_server	MariaDB Server v10.6 and below was discovered to contain an use-after-free in the component my_strcasecmp_8bit, which is exploited via specially crafted SQL statements.	2022-04-12	not yet calculated	CVE-2022-27383 MISC
mariadb — mariadb_server	An issue in the component Item_subselect::init_expr_cache_tracker of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.	2022-04-12	not yet calculated	CVE-2022-27384 MISC
mariadb — mariadb_server	An issue in the component Used_tables_and_const_cache::used_tables_and_const_cache_join of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.	2022-04-12	not yet calculated	CVE-2022-27385 MISC
mariadb — mariadb_server	MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component sql/sql_class.cc.	2022-04-12	not yet calculated	CVE-2022-27386 MISC
mariadb — mariadb_server	MariaDB Server v10.7 and below was discovered to contain a global buffer overflow in the component decimal_bin_size, which is exploited via specially crafted SQL statements.	2022-04-12	not yet calculated	CVE-2022-27387 MISC
tcpreplay — tcpreplay	Tcpreplay v4.4.1 was discovered to contain a double-free via __interceptor_free.	2022-04-12	not yet calculated	CVE-2022-27416 MISC
tcpreplay — tcpreplay	Tcpreplay v4.4.1 has a heap-based buffer overflow in do_checksum_math at /tcpedit/checksum.c.	2022-04-12	not yet calculated	CVE-2022-27418 MISC
chamilo — chamilo_lms	rtl_433 21.12 was discovered to contain a stack overflow in the function acurite_00275rm_decode at /devices/acurite.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file.	2022-04-12	not yet calculated	CVE-2022-27419 MISC
chamilo — chamilo_lms	Chamilo LMS v1.11.13 lacks validation on the user modification form, allowing attackers to escalate privileges to Platform Admin.	2022-04-15	not yet calculated	CVE-2022-27421 MISC
chamilo — chamilo_lms	A reflected cross-site scripting (XSS) vulnerability in Chamilo LMS v1.11.13 allows attackers to execute arbitrary web scripts or HTML via user interaction with a crafted URL.	2022-04-15	not yet calculated	CVE-2022-27422 MISC
chamilo — chamilo_lms	Chamilo LMS v1.11.13 was discovered to contain a SQL injection vulnerability via the blog_id parameter at /blog/blog.php.	2022-04-15	not yet calculated	CVE-2022-27423 MISC
chamilo — chamilo_lms	Chamilo LMS v1.11.13 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /blog/blog.php.	2022-04-15	not yet calculated	CVE-2022-27425 MISC
chamilo — chamilo_lms	A Server-Side Request Forgery (SSRF) in Chamilo LMS v1.11.13 allows attackers to enumerate the internal network and execute arbitrary system commands via a crafted Phar file.	2022-04-15	not yet calculated	CVE-2022-27426 MISC
chamilo — chamilo_lms	A zero-code remote code injection vulnerability via configuration.php in Chamilo LMS v1.11.13 allows attackers to upload arbitrary code in the form of a new plugin.	2022-04-15	not yet calculated	CVE-2022-27427 MISC
mariadb — mariadb_server	MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_subselect.cc.	2022-04-14	not yet calculated	CVE-2022-27444 MISC
mariadb — mariadb_server	MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/sql_window.cc.	2022-04-14	not yet calculated	CVE-2022-27445 MISC
mariadb — mariadb_server	MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_cmpfunc.h.	2022-04-14	not yet calculated	CVE-2022-27446 MISC
mariadb — mariadb_server	MariaDB Server v10.9 and below was discovered to contain a use-after-free via the component Binary_string::free_buffer() at /sql/sql_string.h.	2022-04-14	not yet calculated	CVE-2022-27447 MISC
mariadb — mariadb_server	There is an Assertion failure in MariaDB Server v10.9 and below via ‘node->pcur->rel_pos == BTR_PCUR_ON’ at /row/row0mysql.cc.	2022-04-14	not yet calculated	CVE-2022-27448 MISC
mariadb — mariadb_server	MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_func.cc:148.	2022-04-14	not yet calculated	CVE-2022-27449 MISC
mariadb — mariadb_server	MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/field_conv.cc.	2022-04-14	not yet calculated	CVE-2022-27451 MISC
mariadb — mariadb_server	MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_cmpfunc.cc.	2022-04-14	not yet calculated	CVE-2022-27452 MISC
mariadb — mariadb_server	MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component my_wildcmp_8bit_impl at /strings/ctype-simple.c.	2022-04-14	not yet calculated	CVE-2022-27455 MISC
mariadb — mariadb_server	MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component VDec::VDec at /sql/sql_type.cc.	2022-04-14	not yet calculated	CVE-2022-27456 MISC
mariadb — mariadb_server	MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component my_mb_wc_latin1 at /strings/ctype-latin1.c.	2022-04-14	not yet calculated	CVE-2022-27457 MISC
mariadb — mariadb_server	MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component Binary_string::free_buffer() at /sql/sql_string.h.	2022-04-14	not yet calculated	CVE-2022-27458 MISC
roothub — roothub	SQL injection vulnerability in Topics Counting feature of Roothub 2.6.0 allows unauthorized attackers to execute arbitrary SQL commands via the “s” parameter remotely.	2022-04-12	not yet calculated	CVE-2022-27472 MISC MISC
roothub — roothub	SQL injection vulnerability in Topics Searching feature of Roothub 2.6.0 allows unauthorized attackers to execute arbitrary SQL commands via the “s” parameter remotely.	2022-04-12	not yet calculated	CVE-2022-27473 MISC MISC
github — mount4m	SuiteCRM v7.11.23 was discovered to allow remote code execution via a crafted payload injected into the FirstName text field.	2022-04-15	not yet calculated	CVE-2022-27474 MISC MISC
tramyardg — hotel_mgmt_system	Cross site scripting (XSS) vulnerability in tramyardg hotel-mgmt-system, allows attackers to execute arbitrary code when when /admin.php is loaded.	2022-04-13	not yet calculated	CVE-2022-27475 MISC MISC
newbee_ltd — newbee_mall	A cross-site scripting (XSS) vulnerability at /admin/goods/update in Newbee-Mall v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the goodsName parameter.	2022-04-10	not yet calculated	CVE-2022-27476 MISC
apache — apache_superset	Apache Superset before 1.4.2 is vulnerable to SQL injection in chart data requests. Users should update to 1.4.2 or higher which addresses this issue.	2022-04-13	not yet calculated	CVE-2022-27479 CONFIRM CONFIRM MLIST
seimens — sicam	A vulnerability has been identified in SICAM A8000 CP-8031 (All versions < V4.80), SICAM A8000 CP-8050 (All versions < V4.80). Affected devices do not require an user to be authenticated to access certain files. This could allow unauthenticated attackers to download these files.	2022-04-12	not yet calculated	CVE-2022-27480 CONFIRM FULLDISC MISC
seimens — scalance	A vulnerability has been identified in SCALANCE W1788-1 M12 (All versions < V3.0.0), SCALANCE W1788-2 EEC M12 (All versions < V3.0.0), SCALANCE W1788-2 M12 (All versions < V3.0.0), SCALANCE W1788-2IA M12 (All versions < V3.0.0). Affected devices do not properly handle resources of ARP requests. This could allow an attacker to cause a race condition that leads to a crash of the entire device.	2022-04-12	not yet calculated	CVE-2022-27481 CONFIRM
citrix — storefront	Cross-site Scripting (XSS) vulnerability in Citrix StoreFront affects version 1912 before CU5 and version 3.12 before CU9	2022-04-13	not yet calculated	CVE-2022-27503 MISC
citrix — sd_wan	Reflected cross site scripting (XSS)	2022-04-13	not yet calculated	CVE-2022-27505 MISC
citrix — sd_wan_cli	Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI	2022-04-13	not yet calculated	CVE-2022-27506 MISC
autodesk — trueview	A buffer over-read can be exploited in Autodesk TrueView 2022 may lead to an exposure of sensitive information or a crash through using a maliciously crafted DWG file as an Input. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.	2022-04-13	not yet calculated	CVE-2022-27523 MISC
autodesk — trueview	An out-of-bounds read can be exploited in Autodesk TrueView 2022 may lead to an exposure of sensitive information or a crash through using a maliciously crafted DWG file as an Input. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.	2022-04-13	not yet calculated	CVE-2022-27524 MISC
autodesk — navisworks	A maliciously crafted DWFX and SKP files in Autodesk Navisworks 2022 can be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution.	2022-04-11	not yet calculated	CVE-2022-27528 MISC
samsung — google_and_samsung	Null pointer dereference vulnerability in parser_hvcC function of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attackers.	2022-04-11	not yet calculated	CVE-2022-27567 MISC
samsung — google_and_samsung	Heap-based buffer overflow vulnerability in parser_iloc function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker.	2022-04-11	not yet calculated	CVE-2022-27568 MISC
samsung — google_and_samsung	Heap-based buffer overflow vulnerability in parser_infe function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker.	2022-04-11	not yet calculated	CVE-2022-27569 MISC
samsung — google_and_samsung	Heap-based buffer overflow vulnerability in parser_single_iref function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker.	2022-04-11	not yet calculated	CVE-2022-27570 MISC
samsung — google_and_samsung	Heap-based buffer overflow vulnerability in sheifd_get_info_image function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker.	2022-04-11	not yet calculated	CVE-2022-27571 MISC
samsung — google_and_samsung	Heap-based buffer overflow vulnerability in parser_ipma function of libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attackers.	2022-04-11	not yet calculated	CVE-2022-27572 MISC
samsung — mobile	Improper input validation vulnerability in parser_infe and sheifd_find_itemIndexin fuctions of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by privileged attackers.	2022-04-11	not yet calculated	CVE-2022-27573 MISC
samsung — mobile	Improper input validation vulnerability in parser_iloc and sheifd_find_itemIndexin fuctions of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by privileged attacker.	2022-04-11	not yet calculated	CVE-2022-27574 MISC
samsung — one_ui_home	Information exposure vulnerability in One UI Home prior to SMR April-2022 Release 1 allows to access currently launched foreground app information without permission.	2022-04-11	not yet calculated	CVE-2022-27575 MISC
samsung — dex_home	Information exposure vulnerability in Samsung DeX Home prior to SMR April-2022 Release 1 allows to access currently launched foreground app information without permission	2022-04-11	not yet calculated	CVE-2022-27576 MISC
sick_ag — msc800	The vulnerability in the MSC800 in all versions before 4.15 allows for an attacker to predict the TCP initial sequence number. When the TCP sequence is predictable, an attacker can send packets that are forged to appear to come from a trusted computer. These forged packets could compromise services on the MSC800. SICK has released a new firmware version of the SICK MSC800 and recommends updating to the newest version.	2022-04-11	not yet calculated	CVE-2022-27577 MISC
sick_ag — oee	An attacker can perform a privilege escalation through the SICK OEE if the application is installed in a directory where non authenticated or low privilege users can modify its content.	2022-04-11	not yet calculated	CVE-2022-27578 MISC
sap — 3d_visual	When a user opens a manipulated Photoshop Document (.psd, 2d.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer – version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.	2022-04-12	not yet calculated	CVE-2022-27654 MISC MISC
sap — universal_3d	When a user opens a manipulated Universal 3D (.u3d, 3difr.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer – version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.	2022-04-12	not yet calculated	CVE-2022-27655 MISC MISC
sap — focused_run	A highly privileged remote attacker, can gain unauthorized access to display contents of restricted directories by exploiting insufficient validation of path information in SAP Focused Run (Simple Diagnostics Agent 1.0) – version 1.0.	2022-04-12	not yet calculated	CVE-2022-27657 MISC MISC
sap — businessobjects_business_intelligence	Under certain conditions, SAP BusinessObjects Business Intelligence platform, Client Management Console (CMC) – version 430, allows an attacker to access information which would otherwise be restricted, leading to Information Disclosure.	2022-04-12	not yet calculated	CVE-2022-27667 MISC MISC
sap — xml_data_archiving_service	An unauthenticated user can use functions of XML Data Archiving Service of SAP NetWeaver Application Server for Java – version 7.50, to which access should be restricted. This may result in an escalation of privileges.	2022-04-12	not yet calculated	CVE-2022-27669 MISC MISC
sap — sql	SAP SQL Anywhere – version 17.0, allows an authenticated attacker to prevent legitimate users from accessing a SQL Anywhere database server by crashing the server with some queries that use indirect identifiers.	2022-04-12	not yet calculated	CVE-2022-27670 MISC MISC
sap — csrf	A CSRF token visible in the URL may possibly lead to information disclosure vulnerability.	2022-04-12	not yet calculated	CVE-2022-27671 MISC MISC
swhkd — swhkd	SWHKD 1.1.5 allows arbitrary file-existence tests via the -c option.	2022-04-14	not yet calculated	CVE-2022-27814 MISC MISC
swhkd — swhkd	SWHKD 1.1.5 consumes the keyboard events of unintended users. This could potentially cause an information leak, but is usually a denial of functionality.	2022-04-14	not yet calculated	CVE-2022-27817 MISC MISC
samsung — mobile	Improper boundary check in Quram Agif library prior to SMR Apr-2022 Release 1 allows attackers to cause denial of service via crafted image file.	2022-04-11	not yet calculated	CVE-2022-27821 MISC
samsung — mobile	Information exposure vulnerability in ril property setting prior to SMR April-2022 Release 1 allows access to EF_RUIMID value without permission.	2022-04-11	not yet calculated	CVE-2022-27822 MISC
samsung — libsapeextractor	Improper size check in sapefd_parse_meta_HEADER_old function of libsapeextractor library prior to SMR Apr-2022 Release 1 allows out of bounds read via a crafted media file.	2022-04-11	not yet calculated	CVE-2022-27823 MISC
samsung — libsapeextractor	Improper size check of in sapefd_parse_meta_DESCRIPTION function of libsapeextractor library prior to SMR Apr-2022 Release 1 allows out of bounds read via a crafted media file	2022-04-11	not yet calculated	CVE-2022-27824 MISC
samsung — libsapeextractor	Improper size check in sapefd_parse_meta_HEADER function of libsapeextractor library prior to SMR Apr-2022 Release 1 allows out of bounds read via a crafted media file.	2022-04-11	not yet calculated	CVE-2022-27825 MISC
samsung — semsuspenddialoginfo	Improper validation vulnerability in SemSuspendDialogInfo prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities.	2022-04-11	not yet calculated	CVE-2022-27826 MISC
samsung — mediamonitordimension	Improper validation vulnerability in MediaMonitorDimension prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities.	2022-04-11	not yet calculated	CVE-2022-27827 MISC
samsung — mediamonitorevent	Improper validation vulnerability in MediaMonitorEvent prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities.	2022-04-11	not yet calculated	CVE-2022-27828 MISC
samsung — verifycredentialresponse	Improper validation vulnerability in VerifyCredentialResponse prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities.	2022-04-11	not yet calculated	CVE-2022-27829 MISC
samsung — semblurinfo	Improper validation vulnerability in SemBlurInfo prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities.	2022-04-11	not yet calculated	CVE-2022-27830 MISC
samsung — libsapeextractor	Improper boundary check in sflvd_rdbuf_bits of libsflvextractor prior to SMR Apr-2022 Release 1 allows attackers to read out of bounds memory.	2022-04-11	not yet calculated	CVE-2022-27831 MISC
samsung — media_extractor	Improper boundary check in media.extractor library prior to SMR Apr-2022 Release 1 allows attackers to cause denial of service via a crafted media file.	2022-04-11	not yet calculated	CVE-2022-27832 MISC
samsung — dsp_driver	Improper input validation in DSP driver prior to SMR Apr-2022 Release 1 allows out-of-bounds write by integer overflow.	2022-04-11	not yet calculated	CVE-2022-27833 MISC
samsung — dsp_contect_unload_graph	Use after free vulnerability in dsp_context_unload_graph function of DSP driver prior to SMR Apr-2022 Release 1 allows attackers to perform malicious actions.	2022-04-11	not yet calculated	CVE-2022-27834 MISC
samsung — uwb	Improper boundary check in UWB firmware prior to SMR Apr-2022 Release 1 allows arbitrary memory write.	2022-04-11	not yet calculated	CVE-2022-27835 MISC
samsung — storagemanager	Improper access control and path traversal vulnerability in StroageManager and StroageManagerService prior to SMR Apr-2022 Release 1 allow local attackers to access arbitrary system files without a proper permission.	2022-04-11	not yet calculated	CVE-2022-27836 MISC
samsung — pendingintent	A vulnerability using PendingIntent in Accessibility prior to version 12.5.3.2 in Android R(11.0) and 13.0.1.1 in Android S(12.0) allows attacker to access the file with system privilege.	2022-04-11	not yet calculated	CVE-2022-27837 MISC
samsung — factorycamera	Improper access control vulnerability in FactoryCamera prior to version 2.1.96 allows attacker to access the file with system privilege.	2022-04-11	not yet calculated	CVE-2022-27838 MISC
samsung — secret_mode	Improper authentication vulnerability in SecretMode in Samsung Internet prior to version 16.2.1 allows attackers to access bookmark tab without proper credentials.	2022-04-11	not yet calculated	CVE-2022-27839 MISC
samsung — samsung_recovery	Improper access control vulnerability in SamsungRecovery prior to version 8.1.43.0 allows local attckers to delete arbitrary files as SamsungRecovery permission.	2022-04-11	not yet calculated	CVE-2022-27840 MISC
samsung — samsung_pass	Improper exception handling in Samsung Pass prior to version 3.7.07.5 allows physical attacker to view the screen that is previously running without authentication	2022-04-11	not yet calculated	CVE-2022-27841 MISC
samsung — smart_switch	DLL hijacking vulnerability in Smart Switch PC prior to version 4.2.22022_4 allows attacker to execute abitrary code.	2022-04-11	not yet calculated	CVE-2022-27842 MISC
samsung — kies	DLL hijacking vulnerability in Kies prior to version 2.6.4.22014_2 allows attacker to execute abitrary code.	2022-04-11	not yet calculated	CVE-2022-27843 MISC
wordpress — wpvivid	Arbitrary File Read vulnerability in WPvivid Team Migration, Backup, Staging – WPvivid (WordPress plugin) versions <= 0.9.70	2022-04-11	not yet calculated	CVE-2022-27844 CONFIRM CONFIRM
wordpress — plausiblehq_plausible_analytics	Authenticated (admin or higher user role) Stored Cross-Site Scripting (XSS) in PlausibleHQ Plausible Analytics (WordPress plugin) <= 1.2.2	2022-04-11	not yet calculated	CVE-2022-27845 CONFIRM CONFIRM
wordpress — yooslider_yoo_slider	Cross-Site Request Forgery (CSRF) vulnerability in Yooslider Yoo Slider <= 2.0.0 on WordPress allows attackers to create or modify slider.	2022-04-13	not yet calculated	CVE-2022-27846 CONFIRM CONFIRM
wordpress — yooslider_yoo_slider	Cross-Site Request Forgery (CSRF) vulnerability in Yooslider Yoo Slider <= 2.0.0 on WordPress allows attackers to import templates.	2022-04-13	not yet calculated	CVE-2022-27847 CONFIRM CONFIRM
wordpress — modern_events_calendar_lite	Authenticated (admin+ user) Stored Cross-Site Scripting (XSS) in Modern Events Calendar Lite (WordPress plugin) <= 6.5.1	2022-04-14	not yet calculated	CVE-2022-27848 CONFIRM CONFIRM
wordpress — simple_ajax_chat	Sensitive Information Disclosure (sac-export.csv) in Simple Ajax Chat (WordPress plugin) <= 20220115	2022-04-15	not yet calculated	CVE-2022-27849 CONFIRM CONFIRM
wordpress — simple_ajax_chat	Cross-Site Request Forgery (CSRF) in Simple Ajax Chat (WordPress plugin) <= 20220115 allows an attacker to clear the chat log or delete a chat message.	2022-04-15	not yet calculated	CVE-2022-27850 CONFIRM CONFIRM
wordpress — use_any_font	Cross-Site Request Forgery (CSRF) in Use Any Font (WordPress plugin) <= 6.1.7 allows an attacker to deactivate the API key.	2022-04-15	not yet calculated	CVE-2022-27851 CONFIRM CONFIRM
wordpress — kb_support	Multiple Unauthenticated Stored Cross-Site Scripting (XSS) vulnerabilities in KB Support (WordPress plugin) <= 1.5.5	2022-04-15	not yet calculated	CVE-2022-27852 CONFIRM CONFIRM
wordpress — payloadcms	An arbitrary file upload vulnerability in the file upload module of PayloadCMS v0.15.0 allows attackers to execute arbitrary code via a crafted SVG file.	2022-04-12	not yet calculated	CVE-2022-27952 MISC MISC
github — AtomCMS 2.0	AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_pages.php	2022-04-12	not yet calculated	CVE-2022-28032 MISC
github — AtomCMS 2.0	Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_uploads.php	2022-04-12	not yet calculated	CVE-2022-28033 MISC
github — AtomCMS 2.0	AtomCMS 2.0 is vulnerabie to SQL Injection via Atom.CMS_admin_ajax_list-sort.php	2022-04-12	not yet calculated	CVE-2022-28034 MISC
github — AtomCMS 2.0	Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_blur-save.php	2022-04-12	not yet calculated	CVE-2022-28035 MISC
github — AtomCMS 2.0	AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_navigation.php	2022-04-12	not yet calculated	CVE-2022-28036 MISC
github — stb	stb_image.h v2.27 was discovered to contain an integer overflow via the function stbi__jpeg_decode_block_prog_dc. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors.	2022-04-15	not yet calculated	CVE-2022-28041 MISC MISC
githib — stb	stb_image.h v2.27 was discovered to contain an heap-based use-after-free via the function stbi__jpeg_huff_decode.	2022-04-15	not yet calculated	CVE-2022-28042 MISC MISC
github — stb	Irzip v0.640 was discovered to contain a heap memory corruption via the component lrzip.c:initialise_control.	2022-04-15	not yet calculated	CVE-2022-28044 MISC MISC
github — stb	STB v2.27 was discovered to contain an integer shift of invalid size in the component stbi__jpeg_decode_block_prog_ac.	2022-04-15	not yet calculated	CVE-2022-28048 MISC MISC
njs — nginx	NGINX NJS 0.7.2 was discovered to contain a NULL pointer dereference via the component njs_vmcode_array at /src/njs_vmcode.c.	2022-04-15	not yet calculated	CVE-2022-28049 MISC MISC
roothub — roothub	Directory Traversal vulnerability in file cn/roothub/store/FileSystemStorageService in function store in Roothub 2.6.0 allows remote attackers with low privlege to arbitrarily upload files via /common/upload API, which could lead to remote arbitrary code execution.	2022-04-13	not yet calculated	CVE-2022-28052 MISC MISC
selenium — selenium_grid	Selenium Selenium Grid (formerly Selenium Standalone Server) Fixed in 4.0.0-alpha-7 is affected by: DNS rebinding. The impact is: execute arbitrary code (remote). The component is: WebDriver endpoint of Selenium Grid / Selenium Standalone Server. The attack vector is: Triggered by browsing to to a malicious remote web server. The WebDriver endpoint of Selenium Server (Grid) is vulnerable to DNS rebinding. This can be used to execute arbitrary code on the machine.	2022-04-15	not yet calculated	CVE-2022-28109 MISC MISC MLIST
fantec_gmbh — mwids_ds_firmware	An issue in upload.csp of FANTEC GmbH MWiD25-DS Firmware v2.000.030 allows attackers to write files and reset the user passwords without having a valid session cookie.	2022-04-15	not yet calculated	CVE-2022-28113 MISC MISC MISC MISC
sap — businessobject_business_intelligence_platform	When a user access SOAP Web services in SAP BusinessObjects Business Intelligence Platform – version 420, 430, it does not sufficiently validate the XML document accepted from an untrusted source, which might result in arbitrary files retrieval from the server and in successful exploits of DoS.	2022-04-12	not yet calculated	CVE-2022-28213 MISC MISC
sap — netweaver_abap_server_andabap_platform	SAP NetWeaver ABAP Server and ABAP Platform – versions 740, 750, 787, allows an unauthenticated attacker to redirect users to a malicious site due to insufficient URL validation. This could lead to the user being tricked to disclose personal information.	2022-04-12	not yet calculated	CVE-2022-28215 MISC MISC
sap — businessobject_business_intelligence_platform	SAP BusinessObjects Business Intelligence Platform (BI Workspace) – version 420, is susceptible to a Cross-Site Scripting attack by an unauthenticated attacker due to improper sanitization of the user inputs on the network. On successful exploitation, an attacker can access certain reports causing a limited impact on confidentiality of the application data.	2022-04-12	not yet calculated	CVE-2022-28216 MISC MISC
seimens — scalance	A vulnerability has been identified in SCALANCE W1788-1 M12 (All versions < V3.0.0), SCALANCE W1788-2 EEC M12 (All versions < V3.0.0), SCALANCE W1788-2 M12 (All versions < V3.0.0), SCALANCE W1788-2IA M12 (All versions < V3.0.0). Affected devices do not properly handle malformed Multicast LLC frames. This could allow an attacker to trigger a denial of service condition.	2022-04-12	not yet calculated	CVE-2022-28328 CONFIRM
seimens — scalance	A vulnerability has been identified in SCALANCE W1788-1 M12 (All versions < V3.0.0), SCALANCE W1788-2 EEC M12 (All versions < V3.0.0), SCALANCE W1788-2 M12 (All versions < V3.0.0), SCALANCE W1788-2IA M12 (All versions < V3.0.0). Affected devices do not properly handle malformed TCP packets received over the RemoteCapture feature. This could allow an attacker to lead to a denial of service condition which only affects the port used by the RemoteCapture feature.	2022-04-12	not yet calculated	CVE-2022-28329 CONFIRM
signal_app — ios	The Signal app before 5.34 for iOS allows URI spoofing via RTLO injection. It incorrectly renders RTLO encoded URLs beginning with a non-breaking space, when there is a hash character in the URL. This technique allows a remote unauthenticated attacker to send legitimate looking links, appearing to be any website URL, by abusing the non-http/non-https automatic rendering of URLs. An attacker can spoof, for example, example.com, and masquerade any URL with a malicious destination. An attacker requires a subdomain such as gepj, txt, fdp, or xcod, which would appear backwards as jpeg, txt, pdf, and docx respectively.	2022-04-15	not yet calculated	CVE-2022-28345 MISC MISC MISC
django — django	An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs.	2022-04-12	not yet calculated	CVE-2022-28346 MISC MISC MISC MISC MLIST
django — django	A SQL injection issue was discovered in QuerySet.explain() in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. This occurs by passing a crafted dictionary (with dictionary expansion) as the **options argument, and placing the injection payload in an option name.	2022-04-12	not yet calculated	CVE-2022-28347 MISC MISC MISC MISC
apostrophe — apostrophe_cms	Apostrophe v3.16.1 was discovered to contain a remote code execution (RCE) vulnerability via the component uploadfs.	2022-04-12	not yet calculated	CVE-2022-28396 MISC
ghost — cms	An arbitrary file upload vulnerability in the file upload module of Ghost CMS v4.42.0 allows attackers to execute arbitrary code via a crafted file.	2022-04-12	not yet calculated	CVE-2022-28397 MISC MISC MISC MISC MISC
samsung — samsung_update	Uncontrolled search path element vulnerability in Samsung Update prior to version 3.0.77.0 allows attackers to execute arbitrary code as Samsung Update permission.	2022-04-11	not yet calculated	CVE-2022-28541 MISC
samsung — galaxy_store	Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.40.5 allows local attackers to access privileged content providers as Galaxy Store permission.	2022-04-11	not yet calculated	CVE-2022-28542 MISC
samsung — flow	Path traversal vulnerability in Samsung Flow prior to version 4.8.07.4 allows local attackers to read arbitrary files as Samsung Flow permission.	2022-04-11	not yet calculated	CVE-2022-28543 MISC
samsung — galaxy	Path traversal vulnerability in unzip method of InstallAgentCommonHelper in Galaxy store prior to version 4.5.40.5 allows attacker to access the file of Galaxy store.	2022-04-11	not yet calculated	CVE-2022-28544 MISC
siemens — simcenter_femap	A vulnerability has been identified in Simcenter Femap (All versions < V2022.1.2). The affected application contains an out of bounds read past the end of an allocated buffer while parsing specially crafted .NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15114)	2022-04-12	not yet calculated	CVE-2022-28661 CONFIRM
siemens — simcenter_femap	A vulnerability has been identified in Simcenter Femap (All versions < V2022.1.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted .NEU files. This could allow an attacker to leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-15307)	2022-04-12	not yet calculated	CVE-2022-28662 CONFIRM
siemens — simcenter_femap	A vulnerability has been identified in Simcenter Femap (All versions < V2022.1.2). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted .NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15592)	2022-04-12	not yet calculated	CVE-2022-28663 CONFIRM
talosintelligence — ardupilot_apweb_master_branch	A memory corruption vulnerability exists in the cgi.c unescape functionality of ArduPilot APWeb master branch 50b6b7ac – master branch 46177cb9. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability.	2022-04-14	not yet calculated	CVE-2022-28711 MISC
sap — sapui5_library	Due to insufficient input validation, SAPUI5 library(vbm) – versions 750, 753, 754, 755, 75, allows an unauthenticated attacker to inject a script into the URL and execute code. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.	2022-04-12	not yet calculated	CVE-2022-28770 MISC MISC
sap — web_dispatcher	By overlong input values an attacker may force overwrite of the internal program stack in SAP Web Dispatcher – versions 7.53, 7.77, 7.81, 7.85, 7.86, or Internet Communication Manager – versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, which makes these programs unavailable, leading to denial of service.	2022-04-12	not yet calculated	CVE-2022-28772 MISC MISC
sap — web_dispatcher	Due to an uncontrolled recursion in SAP Web Dispatcher and SAP Internet Communication Manager, the application may crash, leading to denial of service, but can be restarted automatically.	2022-04-12	not yet calculated	CVE-2022-28773 MISC MISC
samsung — flow	Improper access control vulnerability in Samsung Flow prior to version 4.8.06.5 allows attacker to write the file without Samsung Flow permission.	2022-04-11	not yet calculated	CVE-2022-28775 MISC
samsung — galaxy	Improper access control vulnerability in Galaxy Store prior to version 4.5.36.4 allows attacker to install applications from Galaxy Store without user interactions.	2022-04-11	not yet calculated	CVE-2022-28776 MISC
samsung — members	Improper access control vulnerability in Samsung Members prior to version 13.6.08.5 allows local attacker to execute call function without CALL_PHONE permission.	2022-04-11	not yet calculated	CVE-2022-28777 MISC
samsung — security_supporter	Improper access control vulnerability in Samsung Security Supporter prior to version 1.2.40.0 allows attacker to set the arbitrary folder as Secret Folder without Samsung Security Supporter permission	2022-04-11	not yet calculated	CVE-2022-28778 MISC
samsung — android_usb_driver	Uncontrolled search path element vulnerability in Samsung Android USB Driver windows installer program prior to version 1.7.50 allows attacker to execute arbitrary code.	2022-04-11	not yet calculated	CVE-2022-28779 MISC
avira — password_manager_browser_extensions	A vulnerability within the Avira Password Manager Browser Extensions provided a potential loophole where, if a user visited a page crafted by an attacker, the discovered vulnerability could trigger the Password Manager Extension to fill in the password field automatically. An attacker could then access this information via JavaScript. The issue was fixed with the browser extensions version 2.18.5 for Chrome, MS Edge, Opera, Firefox, and Safari.	2022-04-12	not yet calculated	CVE-2022-28795 MISC
f-secure — safe_browser	An Address bar spoofing vulnerability was discovered in Safe Browser for Android. When user clicks on a specially crafted malicious webpage/URL, user may be tricked for a short period of time (until the page loads) to think content may be coming from a valid domain, while the content comes from the attacker controlled site.	2022-04-15	not yet calculated	CVE-2022-28868 MISC MISC
f-secure — safe_browser	A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the browser did not show full URL, such as port number.	2022-04-15	not yet calculated	CVE-2022-28869 MISC MISC
f-secure — safe_browser	A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the address bar was not correct if navigation fails.	2022-04-15	not yet calculated	CVE-2022-28870 MISC MISC
wasm3 — wasm3	Wasm3 0.5.0 has a heap-based buffer overflow in NewCodePage in m3_code.c (called indirectly from Compile_BranchTable in m3_compile.c).	2022-04-16	not yet calculated	CVE-2022-28966 MISC
forestblog — forestblog	ForestBlog through 2022-02-16 allows admin/profile/save userAvatar XSS during addition of a user avatar.	2022-04-16	not yet calculated	CVE-2022-29020 MISC
jenkins — credentials_plugin	Jenkins Credentials Plugin 1111.v35a_307992395 and earlier, except 1087.1089.v2f1b_9a_b_040e4, 1074.1076.v39c30cecb_0e2, and 2.6.1.1, does not escape the name and description of Credentials parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.	2022-04-12	not yet calculated	CVE-2022-29036 CONFIRM
jenkins — cvs_plugin	Jenkins CVS Plugin 2.19 and earlier does not escape the name and description of CVS Symbolic Name parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.	2022-04-12	not yet calculated	CVE-2022-29037 CONFIRM
jenkins — extended_choice_parameter_plugin	Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier does not escape the name and description of Extended Choice parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.	2022-04-12	not yet calculated	CVE-2022-29038 CONFIRM
jenkins — gerrit_trigger_plugin	Jenkins Gerrit Trigger Plugin 2.35.2 and earlier does not escape the name and description of Base64 Encoded String parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.	2022-04-12	not yet calculated	CVE-2022-29039 CONFIRM
jenkins — git_parameter	Jenkins Git Parameter Plugin 0.9.15 and earlier does not escape the name and description of Git parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.	2022-04-12	not yet calculated	CVE-2022-29040 CONFIRM
jenkins — jira_plugin	Jenkins Jira Plugin 3.7 and earlier, except 3.6.1, does not escape the name and description of Jira Issue and Jira Release Version parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.	2022-04-12	not yet calculated	CVE-2022-29041 CONFIRM
jenkins — job_generator_plugin	Jenkins Job Generator Plugin 1.22 and earlier does not escape the name and description of Generator Parameter and Generator Choice parameters on Job Generator jobs’ Build With Parameters views, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.	2022-04-12	not yet calculated	CVE-2022-29042 CONFIRM
jenkins — mask_passwords_plugin	Jenkins Mask Passwords Plugin 3.0 and earlier does not escape the name and description of Non-Stored Password parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.	2022-04-12	not yet calculated	CVE-2022-29043 CONFIRM
jenkins — node_and_label_parameter_plugin	Jenkins Node and Label parameter Plugin 1.10.3 and earlier does not escape the name and description of Node and Label parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.	2022-04-12	not yet calculated	CVE-2022-29044 CONFIRM
jenkins — jenkins	Jenkins promoted builds Plugin 873.v6149db_d64130 and earlier, except 3.10.1, does not escape the name and description of Promoted Build parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.	2022-04-12	not yet calculated	CVE-2022-29045 CONFIRM
jenkins — subversion_plugin	Jenkins Subversion Plugin 2.15.3 and earlier does not escape the name and description of List Subversion tags (and more) parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.	2022-04-12	not yet calculated	CVE-2022-29046 CONFIRM
jenkins — pipeline	Jenkins Pipeline: Shared Groovy Libraries Plugin 564.ve62a_4eb_b_e039 and earlier, except 2.21.3, allows attackers able to submit pull requests (or equivalent), but not able to commit directly to the configured SCM, to effectively change the Pipeline behavior by changing the definition of a dynamically retrieved library in their pull request, even if the Pipeline is configured to not trust them.	2022-04-12	not yet calculated	CVE-2022-29047 CONFIRM
jenkins — subversion_plugin	A cross-site request forgery (CSRF) vulnerability in Jenkins Subversion Plugin 2.15.3 and earlier allows attackers to connect to an attacker-specified URL.	2022-04-12	not yet calculated	CVE-2022-29048 CONFIRM
jenkins — jenkins	Jenkins promoted builds Plugin 873.v6149db_d64130 and earlier, except 3.10.1, does not validate the names of promotions defined in Job DSL, allowing attackers with Job/Configure permission to create a promotion with an unsafe name.	2022-04-12	not yet calculated	CVE-2022-29049 CONFIRM
jenkins — publish_over_ftp_plugin	A cross-site request forgery (CSRF) vulnerability in Jenkins Publish Over FTP Plugin 1.16 and earlier allows attackers to connect to an FTP server using attacker-specified credentials.	2022-04-12	not yet calculated	CVE-2022-29050 CONFIRM
jenkins — publish_over_ftp_plugin	Missing permission checks in Jenkins Publish Over FTP Plugin 1.16 and earlier allow attackers with Overall/Read permission to connect to an FTP server using attacker-specified credentials.	2022-04-12	not yet calculated	CVE-2022-29051 CONFIRM
jenkins — google_compute_engine_plugin	Jenkins Google Compute Engine Plugin 4.3.8 and earlier stores private keys unencrypted in cloud agent config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system.	2022-04-12	not yet calculated	CVE-2022-29052 CONFIRM
microsoft — windows	7-Zip through 21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area. This is caused by misconfiguration of 7z.dll and a heap overflow. The command runs in a child process under the 7zFM.exe process,	2022-04-15	not yet calculated	CVE-2022-29072 MISC MISC MISC
npm — npm	The npm-dependency-versions package through 0.3.0 for Node.js allows command injection if an attacker is able to call dependencyVersions with a JSON object in which pkgs is a key, and there are shell metacharacters in a value.	2022-04-12	not yet calculated	CVE-2022-29080 MISC MISC
linux — linux_kernel	drivers/infiniband/ulp/rtrs/rtrs-clt.c in the Linux kernel before 5.16.12 has a double free related to rtrs_clt_dev_release.	2022-04-13	not yet calculated	CVE-2022-29156 MISC MISC
bitrix — bitrix	Bitrix through 7.5.0 allows remote attackers to execute arbitrary code by using the restore.php Upload From Local Disk feature.	2022-04-15	not yet calculated	CVE-2022-29268 MISC
notable — notable_insiders	Notable before 1.9.0-beta.8 doesn’t effectively prevent the opening of executable files when clicking on a link. There is improper validation of the file URI scheme. A hyperlink to an SMB share could lead to execution of an arbitrary program (or theft of NTLM credentials via an SMB relay attack, because the application resolves UNC paths).	2022-04-15	not yet calculated	CVE-2022-29281 MISC MISC
kentico — kentico_cms	Kentico CMS before 13.0.66 has an Insecure Direct Object Reference vulnerability. It allows an attacker with user management rights (default is Administrator) to export the user options of any user, even ones with higher privileges (like Global Administrators) than the current user. The exported XML contains every option of the exported user (even the hashed password).	2022-04-16	not yet calculated	CVE-2022-29287 MISC MISC

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts.

CISA recently updated an anonymous product survey;they’d welcome your feedback.

Tags: threatintel, US-CERT

US-CERT Bulletin (SB22-108)yokogawa — centum:Vulnerability Summary for the Week of April 11, 2022

High Vulnerabilities

Medium Vulnerabilities

Low Vulnerabilities

Severity Not Yet Assigned

yokogawa — centum

CISA: Cisco Releases Security Advisories for Cisco Integrated Management Controller

Cryptographic Vulnerability in PuTTY

Black Basta Ransomware Victim: fluenthome[.]com

Black Basta Ransomware Victim: macphie[.]com

Black Basta Ransomware Victim: columbiapipe[.]com

High Vulnerabilities

Medium Vulnerabilities

Low Vulnerabilities

Severity Not Yet Assigned

yokogawa — centum

You may have missed

CISA: Cisco Releases Security Advisories for Cisco Integrated Management Controller

Cryptographic Vulnerability in PuTTY

Black Basta Ransomware Victim: fluenthome[.]com

Black Basta Ransomware Victim: macphie[.]com

Black Basta Ransomware Victim: columbiapipe[.]com