US-CERT Bulletin (SB22-199):Vulnerability Summary for the Week of July 11, 2022

The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

High: vulnerabilities with a CVSS base score of 7.0–10.0
Medium: vulnerabilities with a CVSS base score of 4.0–6.9
Low: vulnerabilities with a CVSS base score of 0.0–3.9

Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.

High Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
ceneo-web-scrapper_project — ceneo-web-scrapper	The adriankoczuruek/ceneo-web-scrapper repository through 2021-03-15 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	7.5	CVE-2022-31570 MISC
clinic\’s_patient_management_system_project — clinic\’s_patient_management_system	A vulnerability has been found in SourceCodester Clinics Patient Management System 2.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /pms/index.php of the component Login Page. The manipulation of the argument user_name with the input admin’ or ‘1’=’1 leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.	2022-07-12	7.5	CVE-2022-2298 MISC MISC
google — android	Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allow allows attackers to launch certain activities with privilege of Finder.	2022-07-12	7.2	CVE-2022-30756 MISC
google — android	Implicit Intent hijacking vulnerability in AppLinker prior to SMR Jul-2022 Release 1 allow allows attackers to launch certain activities with privilege of AppLinker.	2022-07-12	7.2	CVE-2022-30754 MISC
huawei — ese620x_vess_firmware	There is a buffer overflow vulnerability in eSE620X vESS V100R001C10SPC200 and V100R001C20SPC200. An attacker can exploit this vulnerability by sending a specific message to the target device due to insufficient validation of packets. Successful exploit could cause a denial of service condition.	2022-07-12	7.8	CVE-2021-39999 MISC
microsoft — windows_10	Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22022, CVE-2022-30206, CVE-2022-30226.	2022-07-12	9	CVE-2022-22041 MISC
microsoft — windows_10	Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30202, CVE-2022-30224.	2022-07-12	8.5	CVE-2022-22037 MISC
microsoft — windows_10	Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22026, CVE-2022-22049.	2022-07-12	7.2	CVE-2022-22047 MISC
microsoft — windows_10	Windows Fast FAT File System Driver Elevation of Privilege Vulnerability.	2022-07-12	7.2	CVE-2022-22043 MISC
microsoft — windows_10	Windows Graphics Component Elevation of Privilege Vulnerability.	2022-07-12	7.2	CVE-2022-22034 MISC
microsoft — windows_10	Windows Credential Guard Domain-joined Public Key Elevation of Privilege Vulnerability.	2022-07-12	7.2	CVE-2022-22031 MISC
microsoft — windows_10	Internet Information Services Dynamic Compression Module Denial of Service Vulnerability.	2022-07-12	7.5	CVE-2022-22040 MISC
microsoft — windows_10	Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22047, CVE-2022-22049.	2022-07-12	7.2	CVE-2022-22026 MISC
microweber — microweber	Business Logic Errors in GitHub repository microweber/microweber prior to 1.2.20.	2022-07-11	7.5	CVE-2022-2368 CONFIRM MISC
redhat — keycloak	A privilege escalation flaw was found in the token exchange feature of keycloak. Missing authorization allows a client application holding a valid access token to exchange tokens for any target client by passing the client_id of the target. This could allow a client to gain unauthorized access to additional services.	2022-07-08	7.5	CVE-2022-1245 MISC
roxy-wi — roxy-wi	Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Versions prior to 6.1.1.0 are subject to a remote code execution vulnerability. System commands can be run remotely via the subprocess_execute function without processing the inputs received from the user in the /app/options.py file. Attackers need not be authenticated to exploit this vulnerability. Users are advised to upgrade. There are no known workarounds for this vulnerability.	2022-07-08	10	CVE-2022-31137 CONFIRM MISC
rpc.py_project — rpc.py	rpc.py through 0.6.0 allows Remote Code Execution because an unpickle occurs when the “serializer: pickle” HTTP header is sent. In other words, although JSON (not Pickle) is the default data format, an unauthenticated client can cause the data to be processed with unpickle.	2022-07-08	7.5	CVE-2022-35411 MISC MISC MISC
samsung — galaxy_store	Improper input validation vulnerability in AppsPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege.	2022-07-12	7.2	CVE-2022-33708 MISC
samsung — galaxy_store	Improper input validation vulnerability in ApexPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege.	2022-07-12	7.2	CVE-2022-33709 MISC
samsung — galaxy_store	Improper input validation vulnerability in BillingPackageInsraller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege.	2022-07-12	7.2	CVE-2022-33710 MISC
siemens — scalance_x200-4p_irt_firmware	A vulnerability has been identified in SCALANCE X200-4P IRT (All versions), SCALANCE X200-4P IRT (All versions), SCALANCE X201-3P IRT (All versions), SCALANCE X201-3P IRT (All versions), SCALANCE X201-3P IRT PRO (All versions), SCALANCE X201-3P IRT PRO (All versions), SCALANCE X202-2IRT (All versions), SCALANCE X202-2IRT (All versions), SCALANCE X202-2P IRT (All versions), SCALANCE X202-2P IRT (All versions), SCALANCE X202-2P IRT PRO (All versions), SCALANCE X202-2P IRT PRO (All versions), SCALANCE X204-2 (All versions < V5.2.6), SCALANCE X204-2FM (All versions < V5.2.6), SCALANCE X204-2LD (All versions < V5.2.6), SCALANCE X204-2LD TS (All versions < V5.2.6), SCALANCE X204-2TS (All versions < V5.2.6), SCALANCE X204IRT (All versions), SCALANCE X204IRT (All versions), SCALANCE X204IRT PRO (All versions), SCALANCE X204IRT PRO (All versions), SCALANCE X206-1 (All versions < V5.2.6), SCALANCE X206-1LD (All versions < V5.2.6), SCALANCE X208 (All versions < V5.2.6), SCALANCE X208PRO (All versions < V5.2.6), SCALANCE X212-2 (All versions < V5.2.6), SCALANCE X212-2LD (All versions < V5.2.6), SCALANCE X216 (All versions < V5.2.6), SCALANCE X224 (All versions < V5.2.6), SCALANCE XF201-3P IRT (All versions), SCALANCE XF202-2P IRT (All versions), SCALANCE XF204 (All versions < V5.2.6), SCALANCE XF204-2 (All versions < V5.2.6), SCALANCE XF204-2BA IRT (All versions), SCALANCE XF204IRT (All versions), SCALANCE XF204IRT (All versions), SCALANCE XF206-1 (All versions < V5.2.6), SCALANCE XF208 (All versions < V5.2.6). The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions.	2022-07-12	7.5	CVE-2022-26647 CONFIRM
siemens — scalance_x204-2_firmware	A vulnerability has been identified in SCALANCE X200-4P IRT (All versions), SCALANCE X200-4P IRT (All versions), SCALANCE X201-3P IRT (All versions), SCALANCE X201-3P IRT (All versions), SCALANCE X201-3P IRT PRO (All versions), SCALANCE X201-3P IRT PRO (All versions), SCALANCE X202-2IRT (All versions), SCALANCE X202-2IRT (All versions), SCALANCE X202-2P IRT (All versions), SCALANCE X202-2P IRT (All versions), SCALANCE X202-2P IRT PRO (All versions), SCALANCE X202-2P IRT PRO (All versions), SCALANCE X204-2 (All versions < V5.2.6), SCALANCE X204-2FM (All versions < V5.2.6), SCALANCE X204-2LD (All versions < V5.2.6), SCALANCE X204-2LD TS (All versions < V5.2.6), SCALANCE X204-2TS (All versions < V5.2.6), SCALANCE X204IRT (All versions), SCALANCE X204IRT (All versions), SCALANCE X204IRT PRO (All versions), SCALANCE X204IRT PRO (All versions), SCALANCE X206-1 (All versions < V5.2.6), SCALANCE X206-1LD (All versions < V5.2.6), SCALANCE X208 (All versions < V5.2.6), SCALANCE X208PRO (All versions < V5.2.6), SCALANCE X212-2 (All versions < V5.2.6), SCALANCE X212-2LD (All versions < V5.2.6), SCALANCE X216 (All versions < V5.2.6), SCALANCE X224 (All versions < V5.2.6), SCALANCE XF201-3P IRT (All versions), SCALANCE XF202-2P IRT (All versions), SCALANCE XF204 (All versions < V5.2.6), SCALANCE XF204-2 (All versions < V5.2.6), SCALANCE XF204-2BA IRT (All versions), SCALANCE XF204IRT (All versions), SCALANCE XF204IRT (All versions), SCALANCE XF206-1 (All versions < V5.2.6), SCALANCE XF208 (All versions < V5.2.6). Affected devices do not properly validate the URI of incoming HTTP GET requests. This could allow an unauthenticated remote attacker to crash affected devices.	2022-07-12	7.8	CVE-2022-26649 CONFIRM
siemens — scalance_x204-2_firmware	A vulnerability has been identified in SCALANCE X200-4P IRT (All versions), SCALANCE X200-4P IRT (All versions), SCALANCE X201-3P IRT (All versions), SCALANCE X201-3P IRT (All versions), SCALANCE X201-3P IRT PRO (All versions), SCALANCE X201-3P IRT PRO (All versions), SCALANCE X202-2IRT (All versions), SCALANCE X202-2IRT (All versions), SCALANCE X202-2P IRT (All versions), SCALANCE X202-2P IRT (All versions), SCALANCE X202-2P IRT PRO (All versions), SCALANCE X202-2P IRT PRO (All versions), SCALANCE X204-2 (All versions < V5.2.6), SCALANCE X204-2FM (All versions < V5.2.6), SCALANCE X204-2LD (All versions < V5.2.6), SCALANCE X204-2LD TS (All versions < V5.2.6), SCALANCE X204-2TS (All versions < V5.2.6), SCALANCE X204IRT (All versions), SCALANCE X204IRT (All versions), SCALANCE X204IRT PRO (All versions), SCALANCE X204IRT PRO (All versions), SCALANCE X206-1 (All versions < V5.2.6), SCALANCE X206-1LD (All versions < V5.2.6), SCALANCE X208 (All versions < V5.2.6), SCALANCE X208PRO (All versions < V5.2.6), SCALANCE X212-2 (All versions < V5.2.6), SCALANCE X212-2LD (All versions < V5.2.6), SCALANCE X216 (All versions < V5.2.6), SCALANCE X224 (All versions < V5.2.6), SCALANCE XF201-3P IRT (All versions), SCALANCE XF202-2P IRT (All versions), SCALANCE XF204 (All versions < V5.2.6), SCALANCE XF204-2 (All versions < V5.2.6), SCALANCE XF204-2BA IRT (All versions), SCALANCE XF204IRT (All versions), SCALANCE XF204IRT (All versions), SCALANCE XF206-1 (All versions < V5.2.6), SCALANCE XF208 (All versions < V5.2.6). Affected devices do not properly validate the GET parameter XNo of incoming HTTP requests. This could allow an unauthenticated remote attacker to crash affected devices.	2022-07-12	7.8	CVE-2022-26648 CONFIRM
siemens — simatic_cp_1242-7_v2_firmware	A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions), SIPLUS S7-1200 CP 1243-1 RAIL (All versions). The application lacks proper validation of user-supplied data when parsing specific messages. This could result in a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of device.	2022-07-12	9.3	CVE-2022-34819 CONFIRM
siemens — simatic_cp_1242-7_v2_firmware	A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions), SIPLUS S7-1200 CP 1243-1 RAIL (All versions). By injecting code to specific configuration options for OpenVPN, an attacker could execute arbitrary code with elevated privileges.	2022-07-12	9.3	CVE-2022-34821 CONFIRM
siemens — simatic_cp_1242-7_v2_firmware	A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions), SIPLUS S7-1200 CP 1243-1 RAIL (All versions). The application does not correctly escape some user provided fields during the authentication process. This could allow an attacker to inject custom commands and execute arbitrary code with elevated privileges.	2022-07-12	9.3	CVE-2022-34820 CONFIRM
syntactics — free_booking_plugin_for_hotels\,_restaurant_and_car_rental	The Free Booking Plugin for Hotels, Restaurant and Car Rental WordPress plugin before 1.1.16 suffers from insufficient input validation which leads to arbitrary file upload and subsequently to remote code execution. An AJAX action accessible to unauthenticated users is affected by this issue. An allowlist of valid file extensions is defined but is not used during the validation steps.	2022-07-11	7.5	CVE-2022-1952 MISC
varktech — pricing_deals_for_woocommerce	The Pricing Deals for WooCommerce WordPress plugin through 2.0.2.02 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to an unauthenticated SQL injection	2022-07-11	7.5	CVE-2022-1057 MISC
zimbra — collaboration	Zimbra Collaboration Open Source 8.8.15 does not encrypt the initial-login randomly created password (from the “zmprove ca” command). It is visible in cleartext on port UDP 514 (aka the syslog port).	2022-07-11	7.5	CVE-2022-32294 MISC MISC MISC MISC

Medium Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
admin_management_xtended_project — admin_management_xtended	The Admin Management Xtended WordPress plugin before 2.4.5 does not have CSRF checks in some of its AJAX actions, allowing attackers to make a logged users with the right capabilities to call them. This can lead to changes in post status (draft, published), slug, post date, comment status (enabled, disabled) and more.	2022-07-11	4.3	CVE-2022-1599 MISC
anuvaad-corpus_project — anuvaad-corpus	The project-anuvaad/anuvaad-corpus repository through 2020-11-23 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31552 MISC
audio_aligner_app_project — audio_aligner_app	The longmaoteamtf/audio_aligner_app repository through 2020-01-10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31577 MISC
automatedquizeval_project — automatedquizeval	The sravaniboinepelli/AutomatedQuizEval repository through 2020-04-27 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31583 MISC
averta — shortcodes_and_extra_features_for_phlox_theme	The Shortcodes and extra features for Phlox WordPress plugin before 2.9.8 does not sanitise and escape a parameter before outputting it back in the response, leading to a Reflected Cross-Site Scripting	2022-07-11	4.3	CVE-2022-1910 MISC
awin — awin_data_feed	The Awin Data Feed WordPress plugin through 1.6 does not sanitise and escape a parameter before outputting it back via an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting	2022-07-11	4.3	CVE-2022-1937 MISC
baiduwenkuspider_flaskweb_project — baiduwenkuspider_flaskweb	The ChangeWeDer/BaiduWenkuSpider_flaskWeb repository before 2021-11-29 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31504 MISC MISC
barry_voice_assistant_project — barry_voice_assistant	The lyubolp/Barry-Voice-Assistant repository through 2021-01-18 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31541 MISC
bonn_activity_maps_annotation_tool_project — bonn_activity_maps_annotation_tool	The bonn-activity-maps/bam_annotation_tool repository through 2021-08-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31528 MISC
bt_lnmp_project — bt_lnmp	The piaoyunsoft/bt_lnmp repository through 2019-10-10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	5	CVE-2022-31578 MISC
carceresbe_project — carceresbe	The Delor4/CarceresBE repository through 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31515 MISC
caretakerr-api_project — caretakerr-api	The sanojtharindu/caretakerr-api repository through 2021-05-17 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31580 MISC
chainer — chainerrl-visualizer	The chainer/chainerrl-visualizer repository through 0.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31573 MISC
changepop-back_project — changepop-back	The unizar-30226-2019-06/ChangePop-Back repository through 2019-06-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31586 MISC
clinic\’s_patient_management_system_project — clinic\’s_patient_management_system	A vulnerability, which was classified as critical, was found in SourceCodester Clinics Patient Management System 2.0. Affected is an unknown function of the file /pms/update_user.php?user_id=1. The manipulation of the argument profile_picture with the input <?php phpinfo();?> leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.	2022-07-12	6.5	CVE-2022-2297 MISC MISC
cmu — opendiamond	The cmusatyalab/opendiamond repository through 10.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31506 MISC MISC
cockybook_project — cockybook	The ceee-vip/cockybook repository through 2015-04-16 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31572 MISC
codesys — opc_da_server	The CODESYS OPC DA Server prior V3.5.18.20 stores PLC passwords as plain text in its configuration file so that it is visible to all authorized Microsoft Windows users of the system.	2022-07-11	4.7	CVE-2022-1794 CONFIRM
comment_license_project — comment_license	The Comment License WordPress plugin before 1.4.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack	2022-07-11	4.3	CVE-2022-1957 MISC
csm_server_project — csm_server	The csm-aut/csm repository through 3.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31530 MISC
cuyz — valinor	Valinor is a PHP library that helps to map any input into a strongly-typed value object structure. Prior to version 0.12.0, Valinor can use `Throwable#getMessage()` when it should not have permission to do so. This is a problem with cases such as an SQL exception showing an SQL snippet, a database connection exception showing database IP address/username/password, or a timeout detail / out of memory detail. Attackers could use this information for potential data exfiltration, denial of service attacks, enumeration attacks, etc. Version 0.12.0 contains a patch for this vulnerability.	2022-07-11	6.4	CVE-2022-31140 CONFIRM MISC
cybozu — garoon	Operation restriction bypass in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to alter the file information and/or delete the files.	2022-07-11	5.5	CVE-2022-30602 MISC MISC
cybozu — garoon	Browsing restriction bypass vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data of Bulletin.	2022-07-11	4	CVE-2022-30943 MISC MISC
cybozu — garoon	Browse restriction bypass vulnerability in Cabinet of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to obtain the data of Cabinet.	2022-07-11	4	CVE-2022-31472 MISC MISC
cybozu — garoon	Exposure of sensitive information to an unauthorized actor issue in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data without the viewing privilege.	2022-07-11	4	CVE-2022-29512 MISC MISC
dainst — cilantro	The dainst/cilantro repository through 0.0.4 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31531 MISC
data_stream_algorithm_benchmark_project — data_stream_algorithm_benchmark	The DSAB-local/DSAB repository through 2019-02-18 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	5	CVE-2022-31566 MISC
data_stream_algorithm_benchmark_project — data_stream_algorithm_benchmark	The DSABenchmark/DSAB repository through 2.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31567 MISC
deep_learning_studio_project — deep_learning_studio	The SummaLabs/DLS repository through 0.1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31525 MISC
eclipse — equinox_p2	In Eclipse p2, installable units are able to alter the Eclipse Platform installation and the local machine via touchpoints during installation. Those touchpoints can, for example, alter the command-line used to start the application, injecting things like agent or other settings that usually require particular attention in term of security. Although p2 has built-in strategies to ensure artifacts are signed and then to help establish trust, there is no such strategy for the metadata part that does configure such touchpoints. As a result, it’s possible to install a unit that will run malicious code during installation without user receiving any warning about this installation step being risky when coming from untrusted source.	2022-07-08	6.8	CVE-2021-41037 CONFIRM
equanimity_project — equanimity	The AFDudley/equanimity repository through 2014-04-23 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31511 MISC
fan_platform_project — fan_platform	The Caoyongqi912/Fan_Platform repository through 2021-04-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31514 MISC
fishtank_project — fishtank	The freefood89/Fishtank repository through 2015-06-24 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31535 MISC
flask-file-server_project — flask-file-server	The Wildog/flask-file-server repository through 2020-02-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31527 MISC
flask-mongo-skel_project — flask-mongo-skel	The pleomax00/flask-mongo-skel repository through 2012-11-01 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31551 MISC
flask-mvc_project — flask-mvc	The Atom02/flask-mvc repository through 2020-09-14 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31512 MISC
flask-yeoman_project — flask-yeoman	The tsileo/flask-yeoman repository through 2013-09-13 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31559 MISC
foxy-shop — foxyshop	The FoxyShop WordPress plugin before 4.8.2 does not sanitise and escape a parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting	2022-07-11	4.3	CVE-2022-1220 MISC
ganga_project — ganga	The ganga-devs/ganga repository before 8.5.10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31507 MISC MISC MISC
glance_project — glance	The nlpweb/glance repository through 2014-06-27 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31546 MISC
golem_project — golem	The seveas/golem repository through 2016-05-17 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31557 MISC
google — android	Improper authentication vulnerability in AppLock prior to SMR Jul-2022 Release 1 allows attacker to bypass password confirm activity by hijacking the implicit intent.	2022-07-12	4.6	CVE-2022-30755 MISC
google — android	Improper validation vulnerability in ucmRetParcelable of KnoxSDK prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities.	2022-07-12	4.6	CVE-2022-33704 MISC
google — android	Use of improper permission in InputManagerService prior to SMR Jul-2022 Release 1 allows unauthorized access to the service.	2022-07-12	4.6	CVE-2022-33695 MISC
google — android	Improper validation vulnerability in CACertificateInfo prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities.	2022-07-12	4.6	CVE-2022-33703 MISC
h3c — ssl_vpn	H3C SSL VPN through 2022-07-10 allows wnm/login/login.json svpnlang cookie XSS.	2022-07-11	4.3	CVE-2022-35416 MISC
harveyzyh_python_project — harveyzyh_python	The Harveyzyh/Python repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31516 MISC
helm-flask-celery_project — helm-flask-celery	The olmax99/helm-flask-celery repository before 2022-05-25 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31549 MISC MISC
hin-eng-preprocessing_project — hin-eng-preprocessing	The kumardeepak/hin-eng-preprocessing repository through 2019-07-16 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31540 MISC
home__internet_project — home__internet	The umeshpatil-dev/Home__internet repository through 2020-08-28 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31585 MISC
homepage_project — homepage	The nrlakin/homepage repository through 2017-03-06 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31548 MISC
hotel_management_system_project — hotel_management_system	A vulnerability was found in SourceCodester Hotel Management System 2.0. It has been rated as problematic. This issue affects some unknown processing of the file /ci_hms/search of the component Search. The manipulation of the argument search with the input “><script>alert(“XSS”)</script> leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.	2022-07-12	4.3	CVE-2022-2291 MISC MISC
huawei — emui	Vulnerability of pointers being incorrectly used during data transmission in the video framework. Successful exploitation of this vulnerability may affect confidentiality.	2022-07-12	5	CVE-2021-40012 MISC
iasset_project — iasset	The ralphjzhang/iasset repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31579 MISC
ibm — cics_tx	IBM CICS TX Standard and Advanced 11.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim’s Web browser within the security context of the hosting site. IBM X-Force ID: 229330.	2022-07-08	5.8	CVE-2022-34160 CONFIRM CONFIRM XF
ibm — cics_tx	IBM CICS TX Standard and Advanced 11.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 229435.	2022-07-08	5.5	CVE-2022-34306 XF CONFIRM CONFIRM
ibm — open_liberty	IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and Open Liberty are vulnerable to identity spoofing by an authenticated user using a specially crafted request. IBM X-Force ID: 225604.	2022-07-08	6	CVE-2022-22476 CONFIRM XF
ibm — qradar_network_security	IBM QRadar Network Security 5.4.0 and 5.5.0 discloses sensitive information to unauthorized users which could be used to mount further attacks against the system. IBM X-Force ID: 174339.	2022-07-12	5	CVE-2020-4159 XF CONFIRM
ibm — qradar_network_security	IBM QRadar Network Security 5.4.0 and 5.5.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174337.	2022-07-12	5	CVE-2020-4157 CONFIRM XF
ibm — qradar_security_information_and_event_manager	IBM QRadar SIEM 7.3, 7.4, and 7.5 may be vulnerable to partial denial of service attack, resulting in some protocols not listening to specified ports. IBM X-Force ID: 214028.	2022-07-12	5	CVE-2021-39041 CONFIRM XF
ibm — security_verify_access	IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 225079.	2022-07-08	6.4	CVE-2022-22463 CONFIRM XF
ibm — security_verify_access	IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225081.	2022-07-08	5	CVE-2022-22464 CONFIRM XF
ibm — security_verify_access	IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 could allow a local user to obtain elevated privileges due to improper access permissions. IBM X-Force ID: 225082.	2022-07-08	4.6	CVE-2022-22465 CONFIRM XF
idayrus — e-voting	The idayrus/evoting repository before 2022-05-08 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31508 MISC MISC
iedadata — usap-dc_web_submission_and_dataset_search	The iedadata/usap-dc-website repository through 1.0.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31509 MISC
internshipsystem_project — internshipsystem	The waveyan/internshipsystem repository through 2018-05-22 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31562 MISC
karaokey_project — karaokey	The NotVinay/karaokey repository through 2019-12-11 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31522 MISC
kg-fashion-chatbot_project — kg-fashion-chatbot	The yuriyouzhou/KG-fashion-chatbot repository through 2018-05-22 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31587 MISC
kitestudio — core_plugin_for_kitestudio_themes	The core plugin for kitestudio WordPress plugin before 2.3.1 does not sanitise and escape some parameters before outputting them back in a response of an AJAX action, available to both unauthenticated and authenticated users when a premium theme from the vendor is active, leading to a Reflected Cross-Site Scripting.	2022-07-11	4.3	CVE-2022-1951 MISC
kotekan_project — kotekan	The kotekan/kotekan repository through 2021.11 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31539 MISC
krypton_project — krypton	The BolunHan/Krypton repository through 2021-06-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31513 MISC
linuxfoundation — kubeedge	KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, a large response received by the viaduct WSClient can cause a DoS from memory exhaustion. The entire body of the response is being read into memory which could allow an attacker to send a request that returns a response with a large body. The consequence of the exhaustion is that the process which invokes a WSClient will be in a denial of service. The software is affected If users who are authenticated to the edge side connect to `cloudhub` from the edge side through WebSocket protocol. This bug has been fixed in Kubeedge 1.11.1, 1.10.2, and 1.9.4. There are currently no known workarounds.	2022-07-11	4	CVE-2022-31080 CONFIRM
linuxfoundation — kubeedge	KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, several endpoints in the Cloud AdmissionController may be susceptible to a DoS attack if an HTTP request containing a very large Body is sent to it. The consequence of the exhaustion is that the Cloud AdmissionController will be in denial of service. This bug has been fixed in Kubeedge 1.11.1, 1.10.2, and 1.9.4. There is currently no known workaround.	2022-07-11	4	CVE-2022-31074 CONFIRM
linuxfoundation — kubeedge	KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, the ServiceBus server on the edge side may be susceptible to a DoS attack if an HTTP request containing a very large Body is sent to it. It is possible for the node to be exhausted of memory. The consequence of the exhaustion is that other services on the node, e.g. other containers, will be unable to allocate memory and thus causing a denial of service. Malicious apps accidentally pulled by users on the host and have the access to send HTTP requests to localhost may make an attack. It will be affected only when users enable the `ServiceBus` module in the config file `edgecore.yaml`. This bug has been fixed in Kubeedge 1.11.1, 1.10.2, and 1.9.4. As a workaround, disable the `ServiceBus` module in the config file `edgecore.yaml`.	2022-07-11	4.3	CVE-2022-31073 MISC CONFIRM MISC MISC
litecart — litecart	Cross-site scripting vulnerability in LiteCart versions prior to 2.4.2 allows a remote attacker to inject an arbitrary script via unspecified vectors.	2022-07-11	4.3	CVE-2022-27168 MISC MISC MISC MISC
livro_python_project — livro_python	The duducosmos/livro_python repository through 2018-06-06 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31575 MISC
logstash-management-api_project — logstash-management-api	The Luxas98/logstash-management-api repository through 2020-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31520 MISC
mdweb_project — mdweb	The mandoku/mdweb repository through 2015-05-07 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31542 MISC
mercadoenlineaback_project — mercadoenlineaback	The cheo0/MercadoEnLineaBack repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31505 MISC
mercury_sample_manager_project — mercury_sample_manager	The HolgerGraef/MSM repository through 2021-04-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31517 MISC
microsoft — windows_10	Windows Hyper-V Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30223.	2022-07-12	4	CVE-2022-22042 MISC
microsoft — windows_10	Windows.Devices.Picker.dll Elevation of Privilege Vulnerability.	2022-07-12	6.9	CVE-2022-22045 MISC
microsoft — windows_10	Remote Procedure Call Runtime Remote Code Execution Vulnerability.	2022-07-12	6.8	CVE-2022-22038 MISC
microsoft — windows_10	Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability.	2022-07-12	6.9	CVE-2022-22023 MISC
microsoft — windows_10	Windows Internet Information Services Cachuri Module Denial of Service Vulnerability.	2022-07-12	5	CVE-2022-22025 MISC
microsoft — windows_10	Windows Kernel Information Disclosure Vulnerability.	2022-07-12	4.7	CVE-2022-21845 MISC
microsoft — windows_10	Performance Counters for Windows Elevation of Privilege Vulnerability.	2022-07-12	4.4	CVE-2022-22036 MISC
microsoft — windows_10	Windows Fax Service Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22024.	2022-07-12	6.8	CVE-2022-22027 MISC
microsoft — windows_10	Windows Fax Service Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22027.	2022-07-12	5.1	CVE-2022-22024 MISC
microsoft — windows_server_2008	Windows Network File System Information Disclosure Vulnerability.	2022-07-12	4.3	CVE-2022-22028 MISC
microsoft — windows_server_2008	Windows Network File System Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22039.	2022-07-12	6.8	CVE-2022-22029 MISC
microsoft — windows_server_2008	Windows Network File System Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22029.	2022-07-12	6	CVE-2022-22039 MISC
microweber — microweber	Prior to microweber/microweber v1.2.20, due to improper neutralization of input, an attacker can steal tokens to perform cross-site request forgery, fetch contents from same-site and redirect a user.	2022-07-09	4.3	CVE-2022-2353 MISC CONFIRM
modelconverter_project — modelconverter	The ml-inory/ModelConverter repository through 2021-04-26 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31545 MISC
monorepo_project — monorepo	The cinemaproject/monorepo repository through 2021-03-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31529 MISC
mosaic_project — mosaic	The Niyaz-Mohamed/mosaic repository through 1.0.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31521 MISC
movie-review-sentiment-analysis_project — movie-review-sentiment-analysis	The rohitnayak/movie-review-sentiment-analysis repository through 2017-05-07 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31554 MISC
mp-m08-interface_project — mp-m08-interface	The joaopedro-fg/mp-m08-interface repository through 2020-12-10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31538 MISC
munhak — munhak-moa	The woduq1414/munhak-moa repository before 2022-05-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31564 MISC MISC
novastar — novaicare	An issue has been discovered in Novastar-VNNOX-iCare Novaicare 7.16.0 that gives attacker privilege escalation and allows attackers to view corporate information and SMTP server details, delete users, view roles, and other unspecified impacts.	2022-07-12	6.5	CVE-2021-38289 MISC MISC
nurse_quest_project — nurse_quest	The romain20100/nursequest repository through 2018-02-22 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31555 MISC
onyxforum_project — onyxforum	The ChaoticOnyx/OnyxForum repository before 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31501 MISC MISC
orchest — orchest	The orchest/orchest repository before 2022.05.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31503 MISC MISC MISC
paddlepaddle — anakin	The PaddlePaddle/Anakin repository through 0.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31523 MISC
photo_tag_project — photo_tag	The uncleYiba/photo_tag repository through 2020-08-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31560 MISC
portswigger — burp_suite	A URL disclosure issue was discovered in Burp Suite before 2022.6. If a user views a crafted response in the Repeater or Intruder, it may be incorrectly interpreted as a redirect.	2022-07-08	4.3	CVE-2022-35406 MISC
projects_project — projects	The RipudamanKaushikDal/projects repository through 2022-04-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31569 MISC
purestorage — pure_swagger	The PureStorage-OpenConnect/swagger repository through 1.1.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31524 MISC
python-flask-restful-api_project — python-flask-restful-api	The akashtalole/python-flask-restful-api repository through 2019-09-16 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31571 MISC
python-recipe-database_project — python-recipe-database	The JustAnotherSoftwareDeveloper/Python-Recipe-Database repository through 2021-03-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31518 MISC
python_athena_stack_project — python_athena_stack	The olmax99/pyathenastack repository through 2019-11-08 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31550 MISC
pythonweb_project — pythonweb	The echoleegroup/PythonWeb repository through 2018-10-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31534 MISC
realestate_project — realestate	The deepaliupadhyay/RealEstate repository through 2018-11-30 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31574 MISC
rename_wp-login_project — rename_wp-login	The Rename wp-login.php WordPress plugin through 2.6.0 does not have CSRF check in place when updating the secret login URL, which could allow attackers to make a logged in admin change them via a CSRF attack	2022-07-11	4.3	CVE-2022-1732 MISC
rexians — rex-web	The Rexians/rex-web repository through 2022-06-05 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31568 MISC
s3label_project — s3label	The stonethree/s3label repository through 2019-08-14 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31584 MISC
samsung — find_my_mobile	Improper identifier creation logic in Find My Mobile prior to version 7.2.24.12 allows attacker to identify the device.	2022-07-12	5	CVE-2022-33707 MISC
sap — business_objects_business_intelligence_platform	Due to insufficient input validation, SAP Business Objects – version 420, allows an authenticated attacker to submit a malicious request through an allowed operation. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.	2022-07-12	4.9	CVE-2022-31598 MISC MISC
sap — business_one	SAP Business One client – version 10.0 allows an attacker with low privileges, to inject code that can be executed by the application. An attacker could thereby control the behavior of the application.	2022-07-12	6.5	CVE-2022-31593 MISC MISC
sap — businessobjects_business_intelligence_platform	SAP BusinessObjects CMC allows an unauthenticated attacker to retrieve token information over the network which would otherwise be restricted. This can be achieved only when a legitimate user accesses the application and a local compromise occurs, like sniffing or social engineering. On successful exploitation, the attacker can completely compromise the application.	2022-07-12	6.8	CVE-2022-35228 MISC MISC
sap — businessobjects_business_intelligence_platform	Under certain conditions SAP BusinessObjects Business Intelligence Platform 4.x – versions 420,430 allows user Administrator to view, edit or modify rights of objects it doesn’t own and which would otherwise be restricted.	2022-07-12	5.5	CVE-2022-29619 MISC MISC
sap — businessobjects_bw_publisher_service	SAP BusinessObjects BW Publisher Service – versions 420, 430, uses a search path that contains an unquoted element. A local attacker can gain elevated privileges by inserting an executable file in the path of the affected service	2022-07-12	4.6	CVE-2022-31591 MISC MISC
sap — enterprise_extension_defense_forces_\&_public_security	The application SAP Enterprise Extension Defense Forces & Public Security – versions 605, 606, 616,617,618, 802, 803, 804, 805, 806, does not perform necessary authorization checks for an authenticated user over the network, resulting in escalation of privileges leading to a limited impact on confidentiality.	2022-07-12	4	CVE-2022-31592 MISC MISC
sap — enterprise_portal	SAP Enterprise Portal – versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. This attack can be used to non-permanently deface or modify portal content. The execution of script content by a victim registered on the portal could compromise the confidentiality and integrity of victim?s web browser session.	2022-07-12	4.3	CVE-2022-35224 MISC MISC
scorelab — openmf	The scorelab/OpenMF repository before 2022-05-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31581 MISC MISC
setupbox_project — setupbox	The maxtortime/SetupBox repository through 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31543 MISC
shackerpanel_project — shackerpanel	The heidi-luong1109/shackerpanel repository through 2021-05-25 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31576 MISC
shiva-server_project — shiva-server	The tooxie/shiva-server repository through 0.10.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31558 MISC
shortcut_macros_project — shortcut_macros	The Shortcut Macros WordPress plugin through 1.3 does not have authorisation and CSRF checks in place when updating its settings, which could allow any authenticated users, such as subscriber, to update them.	2022-07-11	4	CVE-2022-1956 MISC
siemens — pads_viewer	A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to execute code in the context of the current process. (FG-VD-22-037, FG-VD-22-059)	2022-07-12	6.8	CVE-2022-34272 CONFIRM
siemens — pads_viewer	A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-038)	2022-07-12	6.8	CVE-2022-34273 CONFIRM
siemens — pads_viewer	A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-039)	2022-07-12	6.8	CVE-2022-34274 CONFIRM
siemens — pads_viewer	A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-040)	2022-07-12	6.8	CVE-2022-34275 CONFIRM
siemens — pads_viewer	A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-041)	2022-07-12	6.8	CVE-2022-34276 CONFIRM
siemens — pads_viewer	A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-042)	2022-07-12	6.8	CVE-2022-34277 CONFIRM
siemens — pads_viewer	A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains a stack corruption vulnerability while parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-055)	2022-07-12	4.3	CVE-2022-34290 CONFIRM
siemens — pads_viewer	A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-051)	2022-07-12	6.8	CVE-2022-34286 CONFIRM
siemens — pads_viewer	A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains a stack corruption vulnerability while parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-057, FG-VD-22-058, FG-VD-22-060)	2022-07-12	4.3	CVE-2022-34291 CONFIRM
siemens — pads_viewer	A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-047)	2022-07-12	4.3	CVE-2022-34282 CONFIRM
siemens — pads_viewer	A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-054)	2022-07-12	6.8	CVE-2022-34289 CONFIRM
siemens — pads_viewer	A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains a stack corruption vulnerability while parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-052, FG-VD-22-056)	2022-07-12	4.3	CVE-2022-34287 CONFIRM
siemens — pads_viewer	A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-050)	2022-07-12	4.3	CVE-2022-34285 CONFIRM
siemens — pads_viewer	A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-048)	2022-07-12	4.3	CVE-2022-34283 CONFIRM
siemens — pads_viewer	A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-043)	2022-07-12	6.8	CVE-2022-34278 CONFIRM
siemens — pads_viewer	A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to execute code in the context of the current process. (FG-VD-22-044)	2022-07-12	6.8	CVE-2022-34279 CONFIRM
siemens — pads_viewer	A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to execute code in the context of the current process. (FG-VD-22-045)	2022-07-12	6.8	CVE-2022-34280 CONFIRM
siemens — pads_viewer	A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to execute code in the context of the current process. (FG-VD-22-046)	2022-07-12	6.8	CVE-2022-34281 CONFIRM
siemens — pads_viewer	A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-049)	2022-07-12	6.8	CVE-2022-34284 CONFIRM
siemens — pads_viewer	A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-053)	2022-07-12	4.3	CVE-2022-34288 CONFIRM
siemens — simatic_easie_core_package	A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00). The underlying MQTT service of affected systems does not perform authentication in the default configuration. This could allow an unauthenticated remote attacker to send arbitrary messages to the service and thereby issue arbitrary requests in the affected system.	2022-07-12	6.4	CVE-2021-44222 CONFIRM
siemens — simatic_easie_core_package	A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00). The affected systems do not properly validate input that is sent to the underlying message passing framework. This could allow an remote attacker to trigger a denial of service of the affected system.	2022-07-12	5	CVE-2021-44221 CONFIRM
siemens — simatic_mv540_h_firmware	A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All versions < V3.3), SIMATIC MV550 H (All versions < V3.3), SIMATIC MV550 S (All versions < V3.3), SIMATIC MV560 U (All versions < V3.3), SIMATIC MV560 X (All versions < V3.3). Affected devices do not perform authentication for several web API endpoints. This could allow an unauthenticated remote attacker to read and download data from the device.	2022-07-12	5	CVE-2022-33138 CONFIRM
siemens — simatic_mv540_h_firmware	A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All versions < V3.3), SIMATIC MV550 H (All versions < V3.3), SIMATIC MV550 S (All versions < V3.3), SIMATIC MV560 U (All versions < V3.3), SIMATIC MV560 X (All versions < V3.3). The web session management of affected devices does not invalidate session ids in certain logout scenarios. This could allow an authenticated remote attacker to hijack other users’ sessions.	2022-07-12	6	CVE-2022-33137 CONFIRM
siemens — simcenter_femap	A vulnerability has been identified in Simcenter Femap (All versions < V2022.2). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17293)	2022-07-12	6.8	CVE-2022-34748 CONFIRM
simple-rat_project — simple-rat	The sergeKashkin/Simple-RAT repository before 2022-05-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31510 MISC MISC
sleep_learner_project — sleep_learner	The rainsoupah/sleep-learner repository through 2021-02-21 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31553 MISC
solar-system-simulator_project — solar-system-simulator	The jmcginty15/Solar-system-simulator repository through 2021-07-26 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31537 MISC
sphere_imagebackend_project — sphere_imagebackend	The varijkapil13/Sphere_ImageBackend repository through 2019-10-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31561 MISC
sphere_project — sphere	The noamezekiel/sphere repository through 2020-05-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31547 MISC
syrabond_project — syrabond	The yogson/syrabond repository through 2020-05-25 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31565 MISC
testplatform_project — testplatform	The zippies/testplatform repository through 2016-07-19 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31588 MISC
themeisle — wp_maintenance_mode_\&_coming_soon	The WP Maintenance Mode & Coming Soon WordPress plugin before 2.4.5 is lacking CSRF when emptying the subscribed users list, which could allow attackers to make a logged in admin perform such action via a CSRF attack	2022-07-11	4.3	CVE-2022-1576 MISC
thunderatz — thunderdocs	The ThundeRatz/ThunderDocs repository through 2020-05-01 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31526 MISC
trainenergyserver_project — trainenergyserver	The rusyasoft/TrainEnergyServer repository through 2017-08-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31556 MISC
travel_blahg_project — travel_blahg	The dankolbman/travel_blahg repository through 2016-01-16 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31532 MISC
umbral_project — umbral	The decentraminds/umbral repository through 2020-01-15 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31533 MISC
videoserver_project — videoserver	The shaolo1/VideoServer repository through 2019-09-21 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31582 MISC
vim — vim	Use After Free in GitHub repository vim/vim prior to 9.0.0046.	2022-07-08	6.8	CVE-2022-2345 CONFIRM MISC
vim — vim	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045.	2022-07-08	6.8	CVE-2022-2344 MISC CONFIRM
visser — woocommerce_-_product_importer	The WooCommerce – Product Importer WordPress plugin through 1.5.2 does not sanitise and escape the imported data before outputting it back in the page, leading to a Reflected Cross-Site Scripting	2022-07-11	4.3	CVE-2022-1546 MISC
vprj_project — vprj	The whmacmac/vprj repository through 2022-04-06 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31563 MISC
webswing — webswing	Webswing before 22.1.3 allows X-Forwarded-For header injection. The client IP address is associated with a variable in the configuration page. The {clientIp} variable can be used as an application startup argument. The X-Forwarded-For header can be manipulated by a client to store an arbitrary value that is used to replace the clientIp variable (without sanitization). A client can thus inject multiple arguments into the session startup. Systems that do not use the clientIP variable in the configuration are not vulnerable. The vulnerability is fixed in these versions: 20.1.16, 20.2.19, 21.1.8, 21.2.12, and 22.1.3.	2022-07-08	6.8	CVE-2022-34914 MISC MISC
windmill_project — windmill	The Lukasavicus/WindMill repository through 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31519 MISC
withknown — known	An issue in the isSVG() function of Known v1.2.2+2020061101 allows attackers to execute arbitrary code via a crafted SVG file.	2022-07-08	4.3	CVE-2022-32115 MISC MISC MISC
withknown — known	Known v1.3.1 was discovered to contain an Insecure Direct Object Reference (IDOR).	2022-07-08	4	CVE-2022-30852 MISC MISC MISC
wormnest_project — wormnest	The operatorequals/wormnest repository through 0.4.7 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31502 MISC MISC
wp-eventmanager — wp_event_manager	The WP Event Manager WordPress plugin before 3.1.28 does not sanitise and escape its search before outputting it back in an attribute on the event dashboard, leading to a Reflected Cross-Site Scripting	2022-07-11	4.3	CVE-2022-1474 MISC
wp_opt-in_project — wp_opt-in	The WP Opt-in WordPress plugin through 1.4.1 is vulnerable to CSRF which allows changed plugin settings and can be used for sending spam emails.	2022-07-11	4.3	CVE-2022-2123 MISC
xtomo — robo-tom	The meerstein/rbtm repository through 1.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31544 MISC
ytdl-sync_project — ytdl-sync	The jaygarza1982/ytdl-sync repository through 2021-01-02 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.	2022-07-11	6.4	CVE-2022-31536 MISC

Low Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
awin — awin_data_feed	The Awin Data Feed WordPress plugin through 1.6 does not sanitise and escape a header when processing request to generate analytics data, allowing unauthenticated users to perform Stored Cross-Site Scripting attacks against a logged in admin viewing the plugin’s settings	2022-07-11	3.5	CVE-2022-1938 MISC
bold-themes — bold_page_builder	The Bold Page Builder WordPress plugin before 4.3.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed.	2022-07-11	3.5	CVE-2022-2089 MISC
digitalguardian — digital_guardian	Digital Guardian Agent 7.7.4.0042 allows an administrator (who ordinarily does not have a supported way to uninstall the product) to disable some of the agent functionality and then exfiltrate files to an external USB device.	2022-07-08	3.6	CVE-2022-35412 MISC MISC
google — android	Improper access control vulnerability in sendDHCPACKBroadcast function of SemWifiApClient prior to SMR Jul-2022 Release 1 allows attacker to access wifi ap client mac address that connected by using WIFI_AP_STA_STATE_CHANGED action.	2022-07-12	2.1	CVE-2022-30752 MISC
google — android	Improper authorization vulnerability in Knoxguard prior to SMR Jul-2022 Release 1 allows local attacker to disable keyguard and bypass Knoxguard lock by factory reset.	2022-07-12	2.1	CVE-2022-33702 MISC
google — android	Improper access control vulnerability in KnoxCustomManagerService prior to SMR Jul-2022 Release 1 allows attacker to call PowerManaer.goToSleep method which is protected by system permission by sending braodcast intent.	2022-07-12	2.1	CVE-2022-33701 MISC
google — android	Exposure of Sensitive Information in putDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log.	2022-07-12	2.1	CVE-2022-33700 MISC
google — android	Exposure of Sensitive Information in getDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log.	2022-07-12	2.1	CVE-2022-33699 MISC
google — android	Exposure of Sensitive Information in Telecom application prior to SMR Jul-2022 Release 1 allows local attackers to access ICCID via log.	2022-07-12	2.1	CVE-2022-33698 MISC
google — android	Sensitive information exposure vulnerability in ImsServiceSwitchBase in ImsCore prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log.	2022-07-12	2.1	CVE-2022-33697 MISC
google — android	Exposure of Sensitive Information in Telephony service prior to SMR Jul-2022 Release 1 allows local attacker to access imsi and iccid via log.	2022-07-12	2.1	CVE-2022-33696 MISC
google — android	Exposure of Sensitive Information in CSC application prior to SMR Jul-2022 Release 1 allows local attacker to access wifi information via unprotected intent broadcasting.	2022-07-12	2.1	CVE-2022-33694 MISC
google — android	Exposure of Sensitive Information in CID Manager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log.	2022-07-12	2.1	CVE-2022-33693 MISC
google — android	Improper access control vulnerability in sendDHCPACKBroadcast function of SemWifiApClient prior to SMR Jul-2022 Release 1 allows attacker to access wifi ap client mac address that connected by using WIFI_AP_STA_DHCPACK_EVENT action.	2022-07-12	2.1	CVE-2022-30751 MISC
google — android	Exposure of Sensitive Information in Messaging application prior to SMR Jul-2022 Release 1 allows local attacker to access imsi and iccid via log.	2022-07-12	2.1	CVE-2022-33692 MISC
google — android	Improper authorization in isemtelephony prior to SMR Jul-2022 Release 1 allows attacker to obtain CID without ACCESS_FINE_LOCATION permission.	2022-07-12	2.1	CVE-2022-30757 MISC
google — android	A possible race condition vulnerability in score driver prior to SMR Jul-2022 Release 1 can allow local attackers to interleave malicious operations.	2022-07-12	1.9	CVE-2022-33691 MISC
google — android	Improper input validation in Contacts Storage prior to SMR Jul-2022 Release 1 allows attacker to access arbitrary file.	2022-07-12	2.1	CVE-2022-33690 MISC
google — android	Improper use of a unique device ID in unprotected SecSoterService prior to SMR Jul-2022 Release 1 allows local attackers to get the device ID without permission.	2022-07-12	2.1	CVE-2022-30753 MISC
google — android	Improper access control vulnerability in updateLastConnectedClientInfo function of SemWifiApClient prior to SMR Jul-2022 Release 1 allows attacker to access wifi ap client mac address that connected.	2022-07-12	2.1	CVE-2022-30750 MISC
google — android	Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allow allows attackers to access some protected information with privilege of Finder.	2022-07-12	2.1	CVE-2022-30758 MISC
google — android	Unprotected dynamic receiver in Wearable Manager Service prior to SMR Jul-2022 Release 1 allows attacker to launch arbitray activity and access senstive information.	2022-07-12	2.1	CVE-2022-33685 MISC
google — android	Exposure of Sensitive Information in GsmAlarmManager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log.	2022-07-12	2.1	CVE-2022-33686 MISC
google — android	Exposure of Sensitive Information in telephony-common.jar prior to SMR Jul-2022 Release 1 allows local attackers to access IMSI via log.	2022-07-12	2.1	CVE-2022-33687 MISC
google — android	Sensitive information exposure vulnerability in EventType in SecTelephonyProvider prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log.	2022-07-12	2.1	CVE-2022-33688 MISC
google — android	Improper access control vulnerability in TelephonyUI prior to SMR Jul-2022 Release 1 allows attackers to change preferred network type by unprotected binder call.	2022-07-12	2.1	CVE-2022-33689 MISC
hotel_management_system_project — hotel_management_system	A vulnerability classified as problematic has been found in SourceCodester Hotel Management System 2.0. Affected is an unknown function of the file /ci_hms/massage_room/edit/1 of the component Room Edit Page. The manipulation of the argument massageroomDetails with the input “><script>alert(“XSS”)</script> leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.	2022-07-12	3.5	CVE-2022-2292 MISC MISC
hpe — flexnetwork_5130_ei_firmware	A potential security vulnerability has been identified in certain HPE FlexNetwork and FlexFabric switch products. The vulnerability could be remotely exploited to allow cross site scripting (XSS). HPE has made the following software updates to resolve the vulnerability. HPE FlexNetwork 5130EL_7.10.R3507P02 and HPE FlexFabric 5945_7.10.R6635.	2022-07-08	3.5	CVE-2022-28624 MISC
huawei — magic_ui	Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect confidentiality.	2022-07-12	3.3	CVE-2021-40016 MISC
huawei — magic_ui	Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect integrity.	2022-07-12	3.3	CVE-2021-40013 MISC
ibm — cics_tx	IBM CICS TX Standard and Advanced 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229430.	2022-07-08	3.5	CVE-2022-34166 CONFIRM XF CONFIRM
ibm — cics_tx	IBM CICS TX Standard and Advanced 11.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229432.	2022-07-08	3.5	CVE-2022-34167 CONFIRM XF CONFIRM
linuxfoundation — kubeedge	KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, the Cloud Stream server and the Edge Stream server reads the entire message into memory without imposing a limit on the size of this message. An attacker can exploit this by sending a large message to exhaust memory and cause a DoS. The Cloud Stream server and the Edge Stream server are under DoS attack in this case. The consequence of the exhaustion is that the CloudCore and EdgeCore will be in a denial of service. Only an authenticated user can cause this issue. It will be affected only when users enable `cloudStream` module in the config file `cloudcore.yaml` and enable `edgeStream` module in the config file `edgecore.yaml`. This bug has been fixed in Kubeedge 1.11.1, 1.10.2, and 1.9.4. As a workaround, disable cloudStream module in the config file `cloudcore.yaml` and disable edgeStream module in the config file `edgecore.yaml`.	2022-07-11	3.5	CVE-2022-31079 CONFIRM
linuxfoundation — kubeedge	KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, the CloudCore Router does not impose a limit on the size of responses to requests made by the REST handler. An attacker could use this weakness to make a request that will return an HTTP response with a large body and cause DoS of CloudCore. In the HTTP Handler API, the rest handler makes a request to a pre-specified handle. The handle will return an HTTP response that is then read into memory. The consequence of the exhaustion is that CloudCore will be in a denial of service. Only an authenticated user of the cloud can make an attack. It will be affected only when users enable `router` module in the config file `cloudcore.yaml`. This bug has been fixed in Kubeedge 1.11.1, 1.10.2, and 1.9.4. As a workaround, disable the router switch in the config file `cloudcore.yaml`.	2022-07-11	3.5	CVE-2022-31078 CONFIRM
linuxfoundation — kubeedge	KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, EdgeCore may be susceptible to a DoS attack on CloudHub if an attacker was to send a well-crafted HTTP request to `/edge.crt`. If an attacker can send a well-crafted HTTP request to CloudHub, and that request has a very large body, that request can crash the HTTP service through a memory exhaustion vector. The request body is being read into memory, and a body that is larger than the available memory can lead to a successful attack. Because the request would have to make it through authorization, only authorized users may perform this attack. The consequence of the exhaustion is that CloudHub will be in denial of service. KubeEdge is affected only when users enable the CloudHub module in the file `cloudcore.yaml`. This bug has been fixed in Kubeedge 1.11.1, 1.10.2, and 1.9.4. As a workaround, disable the CloudHub switch in the config file `cloudcore.yaml`.	2022-07-11	3.5	CVE-2022-31075 CONFIRM
maxfoundry — wp-paginate	The WP-Paginate WordPress plugin before 2.1.9 does not escape one of its settings, which could allow high privilege users to perform Stored Cross-Site Scripting attacks when unfiltered_html is disallowed	2022-07-11	3.5	CVE-2022-2050 MISC
microsoft — windows_10	Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22041, CVE-2022-30206, CVE-2022-30226.	2022-07-12	3.6	CVE-2022-22022 MISC
ninjateam — wp_duplicate_page	The WP Duplicate Page WordPress plugin before 1.3 does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed.	2022-07-11	3.5	CVE-2022-2093 MISC
pagebar_project — pagebar	The Pagebar WordPress plugin through 2.65 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack. Furthermore, due to the lack of sanitisation in some of them, it could also lead to Stored XSS issues	2022-07-11	3.5	CVE-2022-1757 MISC
samsung — samsung_gallery	Improper access control vulnerability in Samsung Gallery prior to version 13.1.05.8 allows physical attackers to access the pictures using S Pen air gesture.	2022-07-12	2.1	CVE-2022-33706 MISC
sharebar_project — sharebar	The Sharebar WordPress plugin through 1.4.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and also lead to Stored Cross-Site Scripting issue due to the lack of sanitisation and escaping in some of them	2022-07-11	3.5	CVE-2022-1626 MISC
simple_parking_management_system_project — simple_parking_management_system	A vulnerability, which was classified as problematic, has been found in SourceCodester Simple Parking Management System 1.0. Affected by this issue is some unknown functionality of the file /ci_spms/admin/search/searching/. The manipulation of the argument search with the input “><script>alert(“XSS”)</script> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.	2022-07-12	3.5	CVE-2022-2363 MISC MISC
simple_parking_management_system_project — simple_parking_management_system	A vulnerability, which was classified as problematic, was found in SourceCodester Simple Parking Management System 1.0. This affects an unknown part of the file /ci_spms/admin/category. The manipulation of the argument vehicle_type with the input “><script>alert(“XSS”)</script> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.	2022-07-12	3.5	CVE-2022-2364 MISC MISC
simple_sales_management_system_project — simple_sales_management_system	A vulnerability classified as problematic was found in SourceCodester Simple Sales Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /ci_ssms/index.php/orders/create. The manipulation of the argument customer_name with the input <script>alert(“XSS”)</script> leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.	2022-07-12	3.5	CVE-2022-2293 MISC MISC
sygnoos — popup_builder	The Popup Builder WordPress plugin before 4.1.11 does not escape and sanitize some settings, which could allow high privilege users to perform Stored Cross-Site Scripting attacks when the unfiltred_html is disallowed	2022-07-11	3.5	CVE-2022-1894 MISC
synology — calendar	Improper neutralization of input during web page generation (‘Cross-site Scripting’) vulnerability in Event Management in Synology Calendar before 2.4.5-10930 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.	2022-07-12	3.5	CVE-2022-22682 CONFIRM
trilium_project — trilium	Cross-site Scripting (XSS) – Stored in GitHub repository zadam/trilium prior to 0.53.3.	2022-07-10	3.5	CVE-2022-2365 MISC CONFIRM
vmware — vrealize_log_insight	VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in configurations.	2022-07-12	3.5	CVE-2022-31654 MISC
vmware — vrealize_log_insight	VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in alerts.	2022-07-12	3.5	CVE-2022-31655 MISC
withknown — known	A cross-site scripting (XSS) vulnerability in Known v1.2.2+2020061101 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Your Name text field.	2022-07-08	3.5	CVE-2022-31290 MISC MISC MISC MISC

Severity Not Yet Assigned

adobe — acrobat_reader

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34219 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34230 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Access of Resource Using Incompatible Type (‘Type Confusion’) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34221 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34222 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34223 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34225 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34220 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34228 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34229 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34226 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34215 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34233 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34216 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34234 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34236 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file..	2022-07-15	not yet calculated	CVE-2022-34237 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34239 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34217 MISC
adobe — acrobat_reader	Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34232 MISC
adobe — character_animator	Adobe Character Animator version 4.4.7 (and earlier) and 22.4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34241 MISC
adobe — character_animator	Adobe Character Animator version 4.4.7 (and earlier) and 22.4 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34242 MISC
adobe — incopy	Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34252 MISC
adobe — incopy	Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34249 MISC
adobe — incopy	Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34250 MISC
adobe — incopy	Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34251 MISC
adobe — indesign	Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34247 MISC
adobe — indesign	Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34245 MISC
adobe — indesign	Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34248 MISC
adobe — indesign	Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34246 MISC
adobe — photoshop	Adobe Photoshop versions 22.5.7 (and earlier) and 23.3.2 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34244 MISC
adobe — photoshop	Adobe Photoshop versions 22.5.7 (and earlier) and 23.3.2 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2022-07-15	not yet calculated	CVE-2022-34243 MISC
adobe — robohelp	Adobe RoboHelp versions 2020.0.7 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.	2022-07-15	not yet calculated	CVE-2022-23201 MISC
amazon_eks — aws-iam-authenticator	A security issue was discovered in aws-iam-authenticator where an allow-listed IAM identity may be able to modify their username and escalate privileges.	2022-07-12	not yet calculated	CVE-2022-2385 MISC MISC
amd — branch_predictor	Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure.	2022-07-14	not yet calculated	CVE-2022-23825 MISC FEDORA FEDORA DEBIAN FEDORA
amd — microprocessor_families	AMD microprocessor families 15h to 18h are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.	2022-07-12	not yet calculated	CVE-2022-29900 CONFIRM MLIST CONFIRM MLIST MLIST MLIST FEDORA FEDORA DEBIAN FEDORA
amd — system_management_interface	A malformed SMI (System Management Interface) command may allow an attacker to establish a corrupted SMI Trigger Info data structure, potentially leading to out-of-bounds memory reads and writes when triggering an SMI resulting in a potential loss of resources.	2022-07-14	not yet calculated	CVE-2021-26384 MISC
amd — audio_co-processor_firmware	An attacker with root account privileges can load any legitimately signed firmware image into the Audio Co-Processor (ACP,) irrespective of the respective signing key being declared as usable for authenticating an ACP firmware image, potentially resulting in a denial of service.	2022-07-14	not yet calculated	CVE-2021-26382 MISC
apache — hive	Apache Hive before 3.1.3 “CREATE” and “DROP” function operations does not check for necessary authorization of involved entities in the query. It was found that an unauthorized user can manipulate an existing UDF without having the privileges to do so. This allowed unauthorized or underprivileged users to drop and recreate UDFs pointing them to new jars that could be potentially malicious.	2022-07-16	not yet calculated	CVE-2021-34538 CONFIRM
apache — tapestry	Apache Tapestry up to version 5.8.1 is vulnerable to Regular Expression Denial of Service (ReDoS) in the way it handles Content Types. Specially crafted Content Types may cause catastrophic backtracking, taking exponential time to complete. Specifically, this is about the regular expression used on the parameter of the org.apache.tapestry5.http.ContentType class. Apache Tapestry 5.8.2 has a fix for this vulnerability. Notice the vulnerability cannot be triggered by web requests in Tapestry code alone. It would only happen if there’s some non-Tapestry codepath passing some outside input to the ContentType class constructor.	2022-07-13	not yet calculated	CVE-2022-31781 MISC
argo_project — argo_cd	All unpatched versions of Argo CD starting with v1.0.0 are vulnerable to an improper access control bug, allowing a malicious user to potentially escalate their privileges to admin-level.	2022-07-12	not yet calculated	CVE-2022-1025 MISC
argo_project — argo_cd	Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with 2.3.0 and prior to 2.3.6 and 2.4.5 is vulnerable to a cross-site scripting (XSS) bug which could allow an attacker to inject arbitrary JavaScript in the `/auth/callback` page in a victim’s browser. This vulnerability only affects Argo CD instances which have single sign on (SSO) enabled. The exploit also assumes the attacker has 1) access to the API server’s encryption key, 2) a method to add a cookie to the victim’s browser, and 3) the ability to convince the victim to visit a malicious `/auth/callback` link. The vulnerability is classified as low severity because access to the API server’s encryption key already grants a high level of access. Exploiting the XSS would allow the attacker to impersonate the victim, but would not grant any privileges which the attacker could not otherwise gain using the encryption key. A patch for this vulnerability has been released in the following Argo CD versions 2.4.5 and 2.3.6. There is currently no known workaround.	2022-07-12	not yet calculated	CVE-2022-31102 CONFIRM MISC MISC
argo_project — argo_cd	Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 0.4.0 and prior to 2.2.11, 2.3.6, and 2.4.5 is vulnerable to an improper certificate validation bug which could cause Argo CD to trust a malicious (or otherwise untrustworthy) OpenID Connect (OIDC) provider. A patch for this vulnerability has been released in Argo CD versions 2.4.5, 2.3.6, and 2.2.11. There are no complete workarounds, but a partial workaround is available. Those who use an external OIDC provider (not the bundled Dex instance), can mitigate the issue by setting the `oidc.config.rootCA` field in the `argocd-cm` ConfigMap. This mitigation only forces certificate validation when the API server handles login flows. It does not force certificate verification when verifying tokens on API calls.	2022-07-12	not yet calculated	CVE-2022-31105 CONFIRM MISC MISC
arox — arox_school_erp_pro	Arox School ERP Pro v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the dispatchcategory parameter in backoffice.inc.php.	2022-07-15	not yet calculated	CVE-2022-32118 MISC MISC
arox — arox_school_erp_pro	Arox School ERP Pro v1.0 was discovered to contain multiple arbitrary file upload vulnerabilities via the Add Photo function at photogalleries.inc.php and the import staff excel function at 1finance_master.inc.php.	2022-07-15	not yet calculated	CVE-2022-32119 MISC MISC MISC
atlassian — jira	The Transition Scheduler add-on 6.5.0 for Atlassian Jira is prone to stored XSS via the project name to the creation function.	2022-07-13	not yet calculated	CVE-2022-32274 MISC MISC
autotrace — autotrace	AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660.	2022-07-14	not yet calculated	CVE-2022-32323 MISC
aws — aws_sdk_for_java	The AWS SDK for Java enables Java developers to work with Amazon Web Services. A partial-path traversal issue exists within the `downloadDirectory` method in the AWS S3 TransferManager component of the AWS SDK for Java v1 prior to version 1.12.261. Applications using the SDK control the `destinationDirectory` argument, but S3 object keys are determined by the application that uploaded the objects. The `downloadDirectory` method allows the caller to pass a filesystem object in the object key but contained an issue in the validation logic for the key name. A knowledgeable actor could bypass the validation logic by including a UNIX double-dot in the bucket key. Under certain conditions, this could permit them to retrieve a directory from their S3 bucket that is one level up in the filesystem from their working directory. This issue’s scope is limited to directories whose name prefix matches the destinationDirectory. E.g. for destination directory`/tmp/foo`, the actor can cause a download to `/tmp/foo-bar`, but not `/tmp/bar`. If `com.amazonaws.services.s3.transfer.TransferManager::downloadDirectory` is used to download an untrusted buckets contents, the contents of that bucket can be written outside of the intended destination directory. Version 1.12.261 contains a patch for this issue. As a workaround, when calling `com.amazonaws.services.s3.transfer.TransferManager::downloadDirectory`, pass a `KeyFilter` that forbids `S3ObjectSummary` objects that `getKey` method return a string containing the substring `..` .	2022-07-15	not yet calculated	CVE-2022-31159 CONFIRM
aws –aws_credentials	Implemented protections on AWS credentials that were not properly protected.	2022-07-12	not yet calculated	CVE-2022-22998 MISC
bentley — bentley_microstation	An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a DGN file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of DGN files could enable an attacker to read information in the context of the current process.	2022-07-15	not yet calculated	CVE-2022-35906 MISC
bentley — bentley_microstation	An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a JP2 file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of JP2 files could enable an attacker to read information in the context of the current process.	2022-07-15	not yet calculated	CVE-2022-35900 MISC
bentley — bentley_microstation	An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open an OBJ file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of OBJ files could enable an attacker to read information in the context of the current process.	2022-07-15	not yet calculated	CVE-2022-35902 MISC
bentley — bentley_microstation	An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a 3DS file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of 3DS files could enable an attacker to read information in the context of the current process.	2022-07-15	not yet calculated	CVE-2022-35903 MISC
bentley — bentley_microstation	An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open an FBX file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of FBX files could enable an attacker to read information in the context of the current process.	2022-07-15	not yet calculated	CVE-2022-35905 MISC
bentley — bentley_microstation	An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open an IFC file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of IFC files could enable an attacker to read information in the context of the current process.	2022-07-15	not yet calculated	CVE-2022-35904 MISC
bentley — bentley_microstation	An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a J2K file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of J2K files could enable an attacker to read information in the context of the current process.	2022-07-15	not yet calculated	CVE-2022-35901 MISC
best_practical_solutions — best_practical_request_tracker	Best Practical Request Tracker (RT) before 4.4.6 and 5.x before 5.0.3 allows XSS via a crafted content type for an attachment.	2022-07-14	not yet calculated	CVE-2022-25802 MISC CONFIRM CONFIRM
best_practical_solutions — best_practical_request_tracker	Best Practical Request Tracker (RT) before 5.0.3 has an Open Redirect via a ticket search.	2022-07-14	not yet calculated	CVE-2022-25803 MISC CONFIRM
best_practical_solutions — best_practical_rt_for_incident_response	Best Practical RT for Incident Response (RTIR) before 4.0.3 and 5.x before 5.0.3 allows SSRF via Scripted Action tools.	2022-07-14	not yet calculated	CVE-2022-25801 MISC CONFIRM CONFIRM
best_practical_solutions — best_practical_rt_for_incident_response	Best Practical RT for Incident Response (RTIR) before 4.0.3 and 5.x before 5.0.3 allows SSRF via the whois lookup tool.	2022-07-14	not yet calculated	CVE-2022-25800 MISC CONFIRM CONFIRM
codecov — codecov	This affects the package codecov before 2.0.16. The vulnerability occurs due to not sanitizing gcov arguments before being being provided to the popen method.	2022-07-13	not yet calculated	CVE-2019-10800 MISC MISC
codesys — codesys	In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not affected.	2022-07-11	not yet calculated	CVE-2022-30791 CONFIRM
codesys — codesys	In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Existing connections are not affected.	2022-07-11	not yet calculated	CVE-2022-30792 CONFIRM
couchbase — couchbase_server	An algorithm-downgrade issue was discovered in Couchbase Server before 7.0.4. Analytics Remote Links may temporarily downgrade to non-TLS connection to determine the TLS port number, using SCRAM-SHA instead.	2022-07-12	not yet calculated	CVE-2022-33173 MISC MISC MISC
couchbase — couchbase_server	In Couchbase Server 7.1.x before 7.1.1, an encrypted Private Key passphrase may be leaked in the logs.	2022-07-15	not yet calculated	CVE-2022-34826 MISC
couchbase — couchbase_server	An issue was discovered in Couchbase Server 7.x before 7.0.4. Field names are not redacted in logged validation messages for Analytics Service. An Unauthorized Actor may be able to obtain Sensitive Information.	2022-07-12	not yet calculated	CVE-2022-33911 MISC MISC MISC
debian — mat2	mat2 (aka metadata anonymisation toolkit) before 0.13.0 allows ../ directory traversal during the ZIP archive cleaning process. This primarily affects mat2 web instances, in which clients could obtain sensitive information via a crafted archive.	2022-07-08	not yet calculated	CVE-2022-35410 MISC MISC MISC DEBIAN
dell — bsafe_crypto-c_micro_edition_and_bsafe_micro_edition_suite	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability.	2022-07-11	not yet calculated	CVE-2020-35166 CONFIRM
dell — bsafe_crypto-c_micro_edition_and_bsafe_micro_edition_suite	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability.	2022-07-11	not yet calculated	CVE-2020-35168 CONFIRM
dell — bsafe_crypto-c_micro_edition_and_bsafe_micro_edition_suite	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Improper Input Validation Vulnerability.	2022-07-11	not yet calculated	CVE-2020-35169 CONFIRM
dell — bsafe_crypto-c_micro_edition_and_bsafe_micro_edition_suite	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability.	2022-07-11	not yet calculated	CVE-2020-35167 CONFIRM
dell — bsafe_crypto-c_micro_edition_and_bsafe_micro_edition_suite	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain a Use of Insufficiently Random Values Vulnerability.	2022-07-11	not yet calculated	CVE-2020-35163 CONFIRM
dell — bsafe_crypto-c_micro_edition_and_bsafe_micro_edition_suite	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability.	2022-07-11	not yet calculated	CVE-2020-35164 CONFIRM
dell — bsafe_crypto-c_micro_edition_and_bsafe_micro_edition_suite	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Improper Input Validation Vulnerability.	2022-07-11	not yet calculated	CVE-2020-29508 CONFIRM
dell — bsafe_crypto-c_micro_edition_and_bsafe_micro_edition_suite	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.4, and Dell BSAFE Micro Edition Suite, versions before 4.4, contain an Improper Input Validation Vulnerability.	2022-07-11	not yet calculated	CVE-2020-29507 CONFIRM
dell — bsafe_crypto-c_micro_edition_and_bsafe_micro_edition_suite	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain a Key Management Error Vulnerability.	2022-07-11	not yet calculated	CVE-2020-29505 CONFIRM
dell — bsafe_crypto-c_micro_edition_and_bsafe_micro_edition_suite	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability.	2022-07-11	not yet calculated	CVE-2020-29506 CONFIRM
druva — druva	An issue was discovered in Druva 6.9.0 for MacOS, allows attackers to gain escalated local privileges via the inSyncDecommission.	2022-07-12	not yet calculated	CVE-2021-36666 MISC MISC MISC
druva — druva	An issue was discovered in Druva 6.9.0 for macOS, allows attackers to gain escalated local privileges via the inSyncUpgradeDaemon.	2022-07-12	not yet calculated	CVE-2021-36665 MISC MISC MISC
druva — druva_insync	URL injection in Druva inSync 6.9.0 for MacOS, allows attackers to force a visit to an arbitrary url via the port parameter to the Electron App.	2022-07-12	not yet calculated	CVE-2021-36668 MISC MISC MISC
druva — druva_insync	Command injection vulnerability in Druva inSync 6.9.0 for MacOS, allows attackers to execute arbitrary commands via crafted payload to the local HTTP server due to un-sanitized call to the python os.system library.	2022-07-12	not yet calculated	CVE-2021-36667 MISC MISC MISC
egt-kommunikationstechnik_ug — mediacenter	EGT-Kommunikationstechnik UG Mediacenter before v2.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component Online_Update.php.	2022-07-12	not yet calculated	CVE-2022-31904 MISC MISC MISC
eip_stack_group — opener	EIPStackGroup OpENer v2.3.0 was discovered to contain a stack overflow via /bin/posix/src/ports/POSIX/OpENer+0x56073d.	2022-07-15	not yet calculated	CVE-2022-32434 MISC MISC
fast_food_ordering_system — fast_food_ordering_system	Fast Food Ordering System v1.0 was discovered to contain a persistent cross-site scripting (XSS) vulnerability via the component /ffos/classes/Master.php?f=save_category.	2022-07-14	not yet calculated	CVE-2022-32318 MISC
fastify — fastify	@fastify/bearer-auth is a Fastify plugin to require bearer Authorization headers. @fastify/bearer-auth prior to versions 7.0.2 and 8.0.1 does not securely use crypto.timingSafeEqual. A malicious attacker could estimate the length of one valid bearer token. According to the corresponding RFC 6750, the bearer token has only base64 valid characters, reducing the range of characters for a brute force attack. Version 7.0.2 and 8.0.1 of @fastify/bearer-auth contain a patch. There are currently no known workarounds. The package fastify-bearer-auth, which covers versions 6.0.3 and prior, is also vulnerable starting at version 5.0.1. Users of fastify-bearer-auth should upgrade to a patched version of @fastify/bearer-auth.	2022-07-14	not yet calculated	CVE-2022-31142 MISC MISC CONFIRM MISC MISC
flyte — flyte	FlyteAdmin is the control plane for Flyte responsible for managing entities and administering workflow executions. In versions 1.1.30 and prior, authenticated users using an external identity provider can continue to use Access Tokens and ID Tokens even after they expire. Users who use FlyteAdmin as the OAuth2 Authorization Server are unaffected by this issue. A patch is available on the `master` branch of the repository. As a workaround, rotating signing keys immediately will invalidate all open sessions and force all users to attempt to obtain new tokens. Those who use this workaround should continue to rotate keys until FlyteAdmin has been upgraded and hide FlyteAdmin deployment ingress URL from the internet.	2022-07-13	not yet calculated	CVE-2022-31145 MISC CONFIRM MISC
git — git	Git is a distributed revision control system. Git prior to versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5, is vulnerable to privilege escalation in all platforms. An unsuspecting user could still be affected by the issue reported in CVE-2022-24765, for example when navigating as root into a shared tmp directory that is owned by them, but where an attacker could create a git repository. Versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5 contain a patch for this issue. The simplest way to avoid being affected by the exploit described in the example is to avoid running git as root (or an Administrator in Windows), and if needed to reduce its use to a minimum. While a generic workaround is not possible, a system could be hardened from the exploit described in the example by removing any such repository if it exists already and creating one as root to block any future attacks.	2022-07-12	not yet calculated	CVE-2022-29187 MISC MISC CONFIRM MLIST
git — git	Git for Windows is a fork of Git that contains Windows-specific patches. This vulnerability in versions prior to 2.37.1 lets Git for Windows’ installer execute a binary into `C:\mingw64\bin\git.exe` by mistake. This only happens upon a fresh install, not when upgrading Git for Windows. A patch is included in version 2.37.1. Two workarounds are available. Create the `C:\mingw64` folder and remove read/write access from this folder, or disallow arbitrary authenticated users to create folders in `C:\`.	2022-07-12	not yet calculated	CVE-2022-31012 MISC CONFIRM
golang — go	Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 << 32 – 1 bytes.	2022-07-15	not yet calculated	CVE-2022-30634 MISC MISC MISC MISC
gollum — gollum	Cross site scripting (XSS) in gollum 5.0 to 5.1.2 via the filename parameter to the ‘New Page’ dialog.	2022-07-15	not yet calculated	CVE-2020-35305 MISC MISC MISC MISC
google — android	In assertSafeToStartCustomActivity of AppRestrictionsFragment.java, there is a possible way to start a phone call without permissions due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-223578534	2022-07-13	not yet calculated	CVE-2022-20223 MISC
google — android	A drm driver have oob problem, could cause the system crash or EOPProduct: AndroidVersions: Android SoCAndroid ID: A-233124709	2022-07-13	not yet calculated	CVE-2022-20236 MISC
google — android	In Car Settings app, the NotificationAccessConfirmationActivity is exported. In NotificationAccessConfirmationActivity, it gets both ‘mComponentName’ and ‘pkgTitle’ from user.An unprivileged app can use a malicous mComponentName with a benign pkgTitle (e.g. Settings app) to make users enable notification access permission for the malicious app. That is, users believe they enable the notification access permission for the Settings app, but actually they enable the notification access permission for the malicious app.Once the malicious app gets the notification access permission, it can read all notifications, including users’ personal information.Product: AndroidVersions: Android-12LAndroid ID: A-225189301	2022-07-13	not yet calculated	CVE-2022-20234 MISC
google — android	In choosePrivateKeyAlias of KeyChain.java, there is a possible access to the user’s certificate due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-221859869	2022-07-13	not yet calculated	CVE-2022-20230 MISC
google — android	In bta_hf_client_handle_cind_list_item of bta_hf_client_at.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-224536184	2022-07-13	not yet calculated	CVE-2022-20229 MISC
google — android	In various functions of C2DmaBufAllocator.cpp, there is a possible memory corruption due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-213850092	2022-07-13	not yet calculated	CVE-2022-20228 MISC
google — android	In USB driver, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-216825460References: Upstream kernel	2022-07-13	not yet calculated	CVE-2022-20227 MISC
google — android	In finishDrawingWindow of WindowManagerService.java, there is a possible tapjacking due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-213644870	2022-07-13	not yet calculated	CVE-2022-20226 MISC
google — android	In AT_SKIP_REST of bta_hf_client_at.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure in the Bluetooth stack with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-220732646	2022-07-13	not yet calculated	CVE-2022-20224 MISC
google — android	In openFile of CallLogProvider.java, there is a possible permission bypass due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-219015884	2022-07-13	not yet calculated	CVE-2022-20220 MISC
google — android	In avrc_ctrl_pars_vendor_cmd of avrc_pars_ct.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-205571133	2022-07-13	not yet calculated	CVE-2022-20221 MISC
google — android	In read_attr_value of gatt_db.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-228078096	2022-07-13	not yet calculated	CVE-2022-20222 MISC
google — android	In multiple functions of StorageManagerService.java and UserManagerService.java, there is a possible way to leave user’s directories unencrypted due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-224585613	2022-07-13	not yet calculated	CVE-2022-20219 MISC
google — android	In PermissionController, there is a possible way to get and retain permissions without user’s consent due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-223907044	2022-07-13	not yet calculated	CVE-2022-20218 MISC
google — android	There is a unauthorized broadcast in the SprdContactsProvider. A third-party app could use this issue to delete Fdn contact.Product: AndroidVersions: Android SoCAndroid ID: A-232441378	2022-07-13	not yet calculated	CVE-2022-20217 MISC
google — android	android exported is used to set third-party app access permissions, and the default value of intent-filter is true. com.sprd.firewall has set exported as true.Product: AndroidVersions: Android SoCAndroid ID: A-231911916	2022-07-13	not yet calculated	CVE-2022-20216 MISC
google — android	In wifi.RequestToggleWifiActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11Android ID: A-182282630	2022-07-13	not yet calculated	CVE-2022-20212 MISC
google — android	‘remap_pfn_range’ here may map out of size kernel memory (for example, may map the kernel area), and because the ‘vma->vm_page_prot’ can also be controlled by userspace, so userspace may map the kernel area to be writable, which is easy to be exploitedProduct: AndroidVersions: Android SoCAndroid ID: A-233154555	2022-07-13	not yet calculated	CVE-2022-20238 MISC
google — android	In getSubscriptionProperty of SubscriptionController.java, there is a possible read of a sensitive identifier due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-213457638	2022-07-13	not yet calculated	CVE-2022-20225 MISC
gradle — gradle	Gradle is a build tool. Dependency verification is a security feature in Gradle Build Tool that was introduced to allow validation of external dependencies either through their checksum or cryptographic signatures. In versions 6.2 through 7.4.2, there are some cases in which Gradle may skip that verification and accept a dependency that would otherwise fail the build as an untrusted external artifact. This can occur in two ways. When signature verification is disabled but the verification metadata contains entries for dependencies that only have a `gpg` element but no `checksum` element. When signature verification is enabled, the verification metadata contains entries for dependencies with a `gpg` element but there is no signature file on the remote repository. In both cases, the verification will accept the dependency, skipping signature verification and not complaining that the dependency has no checksum entry. For builds that are vulnerable, there are two risks. Gradle could download a malicious binary from a repository outside your organization due to name squatting. For those still using HTTP only and not HTTPS for downloading dependencies, the build could download a malicious library instead of the expected one. Gradle 7.5 patches this issue by making sure to run checksum verification if signature verification cannot be completed, whatever the reason. Two workarounds are available: Remove all `gpg` elements from dependency verification metadata if you disable signature validation and/or avoid adding `gpg` entries for dependencies that do not have signature files.	2022-07-14	not yet calculated	CVE-2022-31156 MISC CONFIRM
grafana — grafana	Grafana is an open-source platform for monitoring and observability. In versions 5.3 until 9.0.3, 8.5.9, 8.4.10, and 8.3.10, it is possible for a malicious user who has authorization to log into a Grafana instance via a configured OAuth IdP which provides a login name to take over the account of another user in that Grafana instance. This can occur when the malicious user is authorized to log in to Grafana via OAuth, the malicious user’s external user id is not already associated with an account in Grafana, the malicious user’s email address is not already associated with an account in Grafana, and the malicious user knows the Grafana username of the target user. If these conditions are met, the malicious user can set their username in the OAuth provider to that of the target user, then go through the OAuth flow to log in to Grafana. Due to the way that external and internal user accounts are linked together during login, if the conditions above are all met then the malicious user will be able to log in to the target user’s Grafana account. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch for this issue. As a workaround, concerned users can disable OAuth login to their Grafana instance, or ensure that all users authorized to log in via OAuth have a corresponding user account in Grafana linked to their email address.	2022-07-15	not yet calculated	CVE-2022-31107 MISC MISC CONFIRM MISC
grafana — grafana	Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch prior to 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable to stored cross-site scripting via the Unified Alerting feature of Grafana. An attacker can exploit this vulnerability to escalate privilege from editor to admin by tricking an authenticated admin to click on a link. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch. As a workaround, it is possible to disable alerting or use legacy alerting.	2022-07-15	not yet calculated	CVE-2022-31097 MISC CONFIRM MISC MISC
gtkradiant — gtkradiant	GtkRadiant v1.6.6 was discovered to contain a buffer overflow via the component q3map2. This vulnerability can cause a Denial of Service (DoS) via a crafted MAP file.	2022-07-14	not yet calculated	CVE-2022-32406 MISC
honeywell — honeywell_alerton_ascent_control_module	Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated configuration changes from remote users. This enables configuration data to be stored on the controller and then implemented. A user with malicious intent can send a crafted packet to change the controller configuration without the knowledge of other users, altering the controller’s function capabilities. The changed configuration is not updated in the User Interface, which creates an inconsistency between the configuration display and the actual configuration on the controller. After the configuration change, remediation requires reverting to the correct configuration, requiring either physical or remote access depending on the configuration that was altered.	2022-07-15	not yet calculated	CVE-2022-30242 MISC MISC MISC
honeywell — honeywell_alerton_ascent_control_module	Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated programming writes from remote users. This enables code to be store on the controller and then run without verification. A user with malicious intent can send a crafted packet to change and/or stop the program without the knowledge of other users, altering the controller’s function. After the programming change, the program needs to be overwritten in order for the controller to restore its original operational function.	2022-07-15	not yet calculated	CVE-2022-30244 MISC MISC MISC
honeywell — honeywell_alerton_compass_software	Honeywell Alerton Compass Software 1.6.5 allows unauthenticated configuration changes from remote users. This enables configuration data to be stored on the controller and then implemented. A user with malicious intent can send a crafted packet to change the controller configuration without the knowledge of other users, altering the controller’s function capabilities. The changed configuration is not updated in the User Interface, which creates an inconsistency between the configuration display and the actual configuration on the controller. After the configuration change, remediation requires reverting to the correct configuration, requiring either physical or remote access depending on the configuration that was altered.	2022-07-15	not yet calculated	CVE-2022-30245 MISC MISC MISC
honeywell — honeywell_alerton_visual_logic	Honeywell Alerton Visual Logic through 2022-05-04 allows unauthenticated programming writes from remote users. This enables code to be stored on the controller and then run without verification. A user with malicious intent can send a crafted packet to change and/or stop the program without the knowledge of other users, altering the controller’s function. After the programming change, the program needs to be overwritten in order for the controller to restore its original operational function.	2022-07-15	not yet calculated	CVE-2022-30243 MISC MISC MISC
huawei — emui/magic_ui	The application security module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may affect data integrity and confidentiality.	2022-07-12	not yet calculated	CVE-2022-34737 MISC MISC
huawei — emui/magic_ui	The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.	2022-07-12	not yet calculated	CVE-2022-34736 MISC MISC
huawei — emui/magic_ui	The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.	2022-07-12	not yet calculated	CVE-2022-34735 MISC MISC
huawei — harmony_os	The basic framework and setting module have defects, which were introduced during the design. Successful exploitation of this vulnerability may affect system integrity.	2022-07-12	not yet calculated	CVE-2021-46741 MISC MISC
huawei — harmonyos	The SystemUI module has a vulnerability in permission control. If this vulnerability is successfully exploited, users are unaware of the service running in the background.	2022-07-12	not yet calculated	CVE-2022-34738 MISC MISC
huawei — harmonyos	The fingerprint module has a vulnerability of overflow in arithmetic addition. Successful exploitation of this vulnerability may result in the acquisition of data from unknown addresses in address mappings.	2022-07-12	not yet calculated	CVE-2022-34739 MISC MISC
huawei — harmonyos	The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation.	2022-07-12	not yet calculated	CVE-2022-34740 MISC MISC
huawei — harmonyos	The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation.	2022-07-12	not yet calculated	CVE-2022-34741 MISC MISC
huawei — harmonyos	The system module has a read/write vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.	2022-07-12	not yet calculated	CVE-2022-34742 MISC MISC
huawei — harmonyos	The AT commands of the USB port have an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability.	2022-07-12	not yet calculated	CVE-2022-34743 MISC MISC
ibm — digital_certificate_manager	IBM i 7.2, 7.3, 7.4, and 7.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 230516.	2022-07-13	not yet calculated	CVE-2022-34358 CONFIRM XF
ibm — engineering_lifecycle_optimization_publishing	IBM Engineering Lifecycle Optimization – Publishing 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 213655.	2022-07-14	not yet calculated	CVE-2021-39015 CONFIRM XF
ibm — engineering_lifecycle_optimization_publishing	IBM Engineering Lifecycle Optimization – Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 does not sufficiently monitor or control transmitted network traffic volume, so that an actor can cause the software to transmit more traffic than should be allowed for that actor. IBM X-Force ID: 213722.	2022-07-14	not yet calculated	CVE-2021-39016 XF CONFIRM
ibm — engineering_lifecycle_optimization_publishing	IBM Engineering Lifecycle Optimization – Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to upload arbitrary files, caused by improper access controls. IBM X-Force ID: 213725.	2022-07-14	not yet calculated	CVE-2021-39017 CONFIRM XF
ibm — engineering_lifecycle_optimization_publishing	IBM Engineering Lifecycle Optimization – Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could disclose sensitive information in a SQL error message that could aid in further attacks against the system. IBM X-Force ID: 213726.	2022-07-14	not yet calculated	CVE-2021-39018 CONFIRM XF
ibm — engineering_lifecycle_optimization_publishing	IBM Engineering Lifecycle Optimization – Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could disclose highly sensitive information through an HTTP GET request to an authenticated user. IBM X-Force ID: 213728.	2022-07-14	not yet calculated	CVE-2021-39019 CONFIRM XF
ibm — engineering_lifecycle_optimization_publishing	IBM Engineering Lifecycle Optimization – Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 213866.	2022-07-14	not yet calculated	CVE-2021-39028 XF CONFIRM
ibm — security_verify_access	IBM Security Verify Access 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 221194.	2022-07-08	not yet calculated	CVE-2022-22370 CONFIRM XF
ibm — security_verify_identify_manager	IBM Security Verify Identity Manager 10.0 could allow a privileged user to upload a malicious file by bypassing extension security in an HTTP request. IBM X-Force ID: 224916.	2022-07-14	not yet calculated	CVE-2022-22450 CONFIRM XF
ibm — security_verify_identify_manager	IBM Security Verify Identity Manager 10.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 224919.	2022-07-14	not yet calculated	CVE-2022-22453 XF CONFIRM
ibm — security_verify_identify_manager	IBM Security Verify Identity Manager 10.0 contains sensitive information in the source code repository that could be used in further attacks against the system. IBM X-Force ID: 225013.	2022-07-14	not yet calculated	CVE-2022-22460 XF CONFIRM
ibm — security_verify_identify_manager	IBM Security Verify Identity Manager 10.0 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 224918.	2022-07-14	not yet calculated	CVE-2022-22452 CONFIRM XF
ibm — security_verify_information_queue	IBM Security Verify Information Queue 10.0.2 could allow an authenticated user to cause a denial of service with a specially crafted HTTP request.	2022-07-14	not yet calculated	CVE-2022-35283 XF CONFIRM
ibm — siteprotector_appliance	IBM SiteProtector Appliance 3.1.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174142.	2022-07-11	not yet calculated	CVE-2020-4150 XF CONFIRM
ibm — siteprotector_appliance	IBM SiteProtector Appliance 3.1.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 174049.	2022-07-11	not yet calculated	CVE-2020-4138 XF CONFIRM
ibm — websphere_application_server	IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to obtain sensitive information caused by improper handling of Administrative Console data. This information could be used in further attacks against the system. IBM X-Force ID: 225347.	2022-07-14	not yet calculated	CVE-2022-22473 XF CONFIRM
ibm — websphere_application_server	IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 225605.	2022-07-14	not yet calculated	CVE-2022-22477 CONFIRM XF
inductive_automation — inductive_automation_ignition	An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x before 8.1.17. Designer and Vision Client Session IDs are mishandled. An attacker can determine which session IDs were generated in the past and then hijack sessions assigned to these IDs via Randy.	2022-07-15	not yet calculated	CVE-2022-35890 MISC MISC
inductive_automation — inductive_automation_ignition	An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x before 8.1.17. The ScriptInvoke function allows remote attackers to execute arbitrary code by supplying a Python script.	2022-07-16	not yet calculated	CVE-2022-36126 MISC MISC MISC
intel — intel_microprocessor	Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.	2022-07-12	not yet calculated	CVE-2022-29901 MLIST CONFIRM CONFIRM MLIST MLIST MLIST FEDORA FEDORA
isode — swift	Isode SWIFT v4.0.2 was discovered to contain hard-coded credentials in the Registry Editor. This allows attackers to access sensitive information such as user credentials and certificates.	2022-07-14	not yet calculated	CVE-2022-32389 MISC MISC MISC
itechscripts — auction_script	A vulnerability was found in Itech Auction Script 6.49. It has been classified as critical. This affects an unknown part of the file /mcategory.php. The manipulation of the argument mcid with the input 4′ AND 1734=1734 AND ‘Ggks’=’Ggks leads to sql injection (Blind). It is possible to initiate the attack remotely.	2022-07-16	not yet calculated	CVE-2017-20138 MISC
itechscripts — b2b_script	A vulnerability was found in Itech B2B Script 4.28. It has been rated as critical. This issue affects some unknown processing of the file /catcompany.php. The manipulation of the argument token with the input 704667c6a1e7ce56d3d6fa748ab6d9af3fd7′ AND 6539=6539 AND ‘Fakj’=’Fakj leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.	2022-07-16	not yet calculated	CVE-2017-20137 MISC MISC
itechscripts — classifieds_script	A vulnerability classified as critical has been found in Itech Classifieds Script 7.27. Affected is an unknown function of the file /subpage.php. The manipulation of the argument scat with the input =51′ AND 4941=4941 AND ‘hoCP’=’hoCP leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.	2022-07-16	not yet calculated	CVE-2017-20136 MISC MISC
itechscripts — dating_script	A vulnerability classified as critical was found in Itech Dating Script 3.26. Affected by this vulnerability is an unknown functionality of the file /see_more_details.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.	2022-07-16	not yet calculated	CVE-2017-20135 MISC MISC
itechscripts — freelancer_script	A vulnerability, which was classified as critical, has been found in Itech Freelancer Script 5.13. Affected by this issue is some unknown functionality of the file /category.php. The manipulation of the argument sk leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.	2022-07-16	not yet calculated	CVE-2017-20134 MISC MISC
itechscripts — job_portal_script	A vulnerability, which was classified as critical, was found in Itech Job Portal Script 9.13. This affects an unknown part of the file /admin. The manipulation leads to improper authentication. It is possible to initiate the attack remotely.	2022-07-16	not yet calculated	CVE-2017-20133 MISC
itechscripts — multi_vendor_script	A vulnerability was found in Itech Multi Vendor Script 6.49 and classified as critical. This issue affects some unknown processing of the file /multi-vendor-shopping-script/product-list.php. The manipulation of the argument pl leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.	2022-07-16	not yet calculated	CVE-2017-20132 MISC MISC
itechscripts — news_portal	A vulnerability was found in Itech News Portal 6.28. It has been classified as critical. Affected is an unknown function of the file /news-portal-script/information.php. The manipulation of the argument inf leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.	2022-07-16	not yet calculated	CVE-2017-20131 MISC MISC
itechscripts — real_estate_script	A vulnerability was found in Itech Real Estate Script 3.12. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /real-estate-script/search_property.php. The manipulation of the argument property_for leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.	2022-07-16	not yet calculated	CVE-2017-20130 MISC MISC
jerryscript — jerryscript	Jerryscript v2.4.0 was discovered to contain a stack buffer overflow via the function jerryx_print_unhandled_exception in /util/print.c.	2022-07-13	not yet calculated	CVE-2022-32117 MISC
joomla — joomlatools_docman	In Joomla component ‘Joomlatools – DOCman 3.5.13 (and likely most versions below)’ are affected to an reflected Cross-Site Scripting (XSS) in an image upload function	2022-07-10	not yet calculated	CVE-2022-27910 MISC
jquery_validation — jquery_validation	The jQuery Validation Plugin (jquery-validation) provides drop-in validation for forms. Versions of jquery-validation prior to 1.19.5 are vulnerable to regular expression denial of service (ReDoS) when an attacker is able to supply arbitrary input to the url2 method. This is due to an incomplete fix for CVE-2021-43306. Users should upgrade to version 1.19.5 to receive a patch.	2022-07-14	not yet calculated	CVE-2022-31147 MISC CONFIRM MISC
kb_software — login_authentication	A vulnerability was found in KB Login Authentication Script 1.1 and classified as critical. Affected by this issue is some unknown functionality. The manipulation of the argument username/password with the input ‘or”=’ leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.	2022-07-13	not yet calculated	CVE-2017-20127 MISC MISC
kb_software — messages_php_script	A vulnerability has been found in KB Messages PHP Script 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument username/password with the input ‘or”=’ leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.	2022-07-13	not yet calculated	CVE-2017-20128 MISC MISC
kb_software — referral_script	A vulnerability was found in KB Affiliate Referral Script 1.0. It has been classified as critical. This affects an unknown part of the file /index.php. The manipulation of the argument username/password with the input ‘or”=’ leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.	2022-07-13	not yet calculated	CVE-2017-20126 MISC MISC
kvf-admin — kvf-admin	kvf-admin through 2022-02-12 allows remote attackers to execute arbitrary code because deserialization is mishandled. The rememberMe parameter is encrypted with a hardcoded key from the com.kalvin.kvf.common.shiro.ShiroConfig file.	2022-07-13	not yet calculated	CVE-2022-35857 MISC
lacuna_software — pki-core	A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the adjacent network to impersonate another user within the scope of the domain, but they would not be able to decrypt message content.	2022-07-14	not yet calculated	CVE-2022-2393 MISC
lenze — cabinet_series	Multiple Lenze products of the cabinet series skip the password verification upon second login. After a user has been logged on to the device once, a remote attacker can get full access without knowledge of the password.	2022-07-11	not yet calculated	CVE-2022-2302 CONFIRM
libguestfs — libguestfs	A vulnerability was found in libguestfs. This issue occurs while calculating the greatest possible number of matching keys in the get_keys() function. This flaw leads to a denial of service, either by mistake or malicious actor.	2022-07-12	not yet calculated	CVE-2022-2211 MISC
linux — kernel	A memory leak vulnerability was found in the Linux kernel’s eBPF for the Simulated networking device driver in the way user uses BPF for the device such that function nsim_map_alloc_elem being called. A local user could use this flaw to get unauthorized access to some data.	2022-07-14	not yet calculated	CVE-2021-4135 MISC
linux — linux_kernel	The Linux kernel was found vulnerable out of bounds memory access in the drivers/video/fbdev/sm712fb.c:smtcfb_read() function. The vulnerability could result in local attackers being able to crash the kernel.	2022-07-13	not yet calculated	CVE-2022-2380 MISC
linux — linux_kernel	Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /dev/pts/ and /dev/tty*.	2022-07-12	not yet calculated	CVE-2011-4916 MISC MISC
live555 — live555	Live555 through 1.08 does not handle socket connections properly. A huge number of incoming socket connections in a short time invokes the error-handling module, in which a heap-based buffer overflow happens. An attacker can leverage this to launch a DoS attack.	2022-07-12	not yet calculated	CVE-2021-41396 MISC MISC
logostore — logostore	A vulnerability was found in LogoStore. It has been classified as critical. Affected is an unknown function of the file /LogoStore/search.php. The manipulation of the argument query with the input test’ UNION ALL SELECT CONCAT(CONCAT(‘qqkkq’,’VnPVWVaYxljWqGpLLbEIyPIHBjjjjASQTnaqfKaV’),’qvvpq’),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL– oCrh&search= leads to sql injection. It is possible to launch the attack remotely.	2022-07-14	not yet calculated	CVE-2017-20129 MISC
mailcow — mailcow	mailcow is a mailserver suite. Prior to mailcow-dockerized version 2022-06a, an extended privilege vulnerability can be exploited by manipulating the custom parameters regexmess, skipmess, regexflag, delete2foldersonly, delete2foldersbutnot, regextrans2, pipemess, or maxlinelengthcmd to execute arbitrary code. Users should update their mailcow instances with the `update.sh` script in the mailcow root directory to 2022-06a or newer to receive a patch for this issue. As a temporary workaround, the Syncjob ACL can be removed from all mailbox users, preventing changes to those settings.	2022-07-11	not yet calculated	CVE-2022-31138 MISC MISC CONFIRM MISC
mattermost — guest_account_feature	The Guest account feature in Mattermost version 6.7.0 and earlier fails to properly restrict the permissions, which allows a guest user to fetch a list of all public channels in the team, in spite of not being part of those channels.	2022-07-14	not yet calculated	CVE-2022-2408 MISC
mattermost — legacy_slack_import_feature	The legacy Slack import feature in Mattermost version 6.7.0 and earlier fails to properly limit the sizes of imported files, which allows an authenticated attacker to crash the server by importing large files via the Slack import REST API.	2022-07-14	not yet calculated	CVE-2022-2406 MISC
mattermost — mattermost	Unrestricted information disclosure of all users in Mattermost version 6.7.0 and earlier allows team members to access some sensitive information by directly accessing the APIs.	2022-07-14	not yet calculated	CVE-2022-2401 MISC
mattermost — trusted_ip_header	Incorrect default configuration for trusted IP header in Mattermost version 6.7.0 and earlier allows attacker to bypass some of the rate limitations in place or use manipulated IPs for audit logging via manipulating the request headers.	2022-07-12	not yet calculated	CVE-2022-2366 MISC
mealie — mealie	The login function of Mealie v1.0.0beta-2 allows attackers to enumerate existing usernames by timing the server’s response time.	2022-07-14	not yet calculated	CVE-2022-32425 MISC
mendix — mendix	A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.31), Mendix Applications using Mendix 8 (All versions < V8.18.18), Mendix Applications using Mendix 9 (All versions < V9.14.0), Mendix Applications using Mendix 9 (V9.12) (All versions < V9.12.2), Mendix Applications using Mendix 9 (V9.6) (All versions < V9.6.12). In case of access to an active user session in an application that is built with an affected version, it’s possible to change that user’s password bypassing password validations within a Mendix application. This could allow to set weak passwords.	2022-07-12	not yet calculated	CVE-2022-31257 CONFIRM
microsoft — active_directory_federation_services	Active Directory Federation Services Elevation of Privilege Vulnerability.	2022-07-12	not yet calculated	CVE-2022-30215 MISC
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.	2022-07-12	not yet calculated	CVE-2022-33667 MISC
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.	2022-07-12	not yet calculated	CVE-2022-33663 MISC
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.	2022-07-12	not yet calculated	CVE-2022-33664 MISC
microsoft — azure	Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-33678.	2022-07-12	not yet calculated	CVE-2022-33676 MISC
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.	2022-07-12	not yet calculated	CVE-2022-33665 MISC
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33677.	2022-07-12	not yet calculated	CVE-2022-33675 MISC
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.	2022-07-12	not yet calculated	CVE-2022-33666 MISC
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.	2022-07-12	not yet calculated	CVE-2022-33671 MISC
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.	2022-07-12	not yet calculated	CVE-2022-33668 MISC
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.	2022-07-12	not yet calculated	CVE-2022-33669 MISC
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675.	2022-07-12	not yet calculated	CVE-2022-33677 MISC
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.	2022-07-12	not yet calculated	CVE-2022-33673 MISC
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.	2022-07-12	not yet calculated	CVE-2022-33658 MISC
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.	2022-07-12	not yet calculated	CVE-2022-30181 MISC
microsoft — azure	Azure Storage Library Information Disclosure Vulnerability.	2022-07-12	not yet calculated	CVE-2022-30187 MISC
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.	2022-07-12	not yet calculated	CVE-2022-33662 MISC
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.	2022-07-12	not yet calculated	CVE-2022-33650 MISC
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.	2022-07-12	not yet calculated	CVE-2022-33661 MISC
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.	2022-07-12	not yet calculated	CVE-2022-33652 MISC
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33675, CVE-2022-33677.	2022-07-12	not yet calculated	CVE-2022-33674 MISC
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.	2022-07-12	not yet calculated	CVE-2022-33657 MISC
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.	2022-07-12	not yet calculated	CVE-2022-33641 MISC
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.	2022-07-12	not yet calculated	CVE-2022-33642 MISC
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.	2022-07-12	not yet calculated	CVE-2022-33643 MISC
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.	2022-07-12	not yet calculated	CVE-2022-33660 MISC
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.	2022-07-12	not yet calculated	CVE-2022-33651 MISC
microsoft — azure	Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-33676.	2022-07-12	not yet calculated	CVE-2022-33678 MISC
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.	2022-07-12	not yet calculated	CVE-2022-33653 MISC
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.	2022-07-12	not yet calculated	CVE-2022-33654 MISC
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.	2022-07-12	not yet calculated	CVE-2022-33655 MISC
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.	2022-07-12	not yet calculated	CVE-2022-33656 MISC
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.	2022-07-12	not yet calculated	CVE-2022-33659 MISC
microsoft — azure	Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.	2022-07-12	not yet calculated	CVE-2022-33672 MISC
microsoft — bitlocker	BitLocker Security Feature Bypass Vulnerability.	2022-07-12	not yet calculated	CVE-2022-22048 MISC
microsoft — bitlocker	Windows BitLocker Information Disclosure Vulnerability.	2022-07-12	not yet calculated	CVE-2022-22711 MISC
microsoft — defender_for_endpoint_for_linux	Microsoft Defender for Endpoint Tampering Vulnerability.	2022-07-12	not yet calculated	CVE-2022-33637 MISC
microsoft — microsoft_office	Microsoft Office Security Feature Bypass Vulnerability.	2022-07-12	not yet calculated	CVE-2022-33632 MISC
microsoft — microsoft_system_center	A reflected DOM-Based XSS vulnerability has been discovered in the Help directory of Veeam Management Pack for Microsoft System Center 8.0. This vulnerability could be exploited by an attacker by convincing a legitimate user to visit a crafted URL on a Veeam Management Pack for Microsoft System Center server, allowing for the execution of arbitrary scripts.	2022-07-14	not yet calculated	CVE-2022-32225 MISC
microsoft — skype_and_lync	Skype for Business and Lync Remote Code Execution Vulnerability.	2022-07-12	not yet calculated	CVE-2022-33633 MISC
microsoft — windows_advanced_local_procedure_call	Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22037, CVE-2022-30202.	2022-07-12	not yet calculated	CVE-2022-30224 MISC
microsoft — windows_advanced_local_procedure_call	Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22037, CVE-2022-30224.	2022-07-12	not yet calculated	CVE-2022-30202 MISC
microsoft — windows_boot_manager	Windows Boot Manager Security Feature Bypass Vulnerability.	2022-07-12	not yet calculated	CVE-2022-30203 MISC
microsoft — windows_common_log_file_system_driver	Windows Common Log File System Driver Elevation of Privilege Vulnerability.	2022-07-12	not yet calculated	CVE-2022-30220 MISC
microsoft — windows_connected_devices_platform_service	Windows Connected Devices Platform Service Information Disclosure Vulnerability.	2022-07-12	not yet calculated	CVE-2022-30212 MISC
microsoft — windows_csrss	Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22026, CVE-2022-22047.	2022-07-12	not yet calculated	CVE-2022-22049 MISC
microsoft — windows_dns_server	Windows DNS Server Remote Code Execution Vulnerability.	2022-07-12	not yet calculated	CVE-2022-30214 MISC
microsoft — windows_fax_service	Windows Fax Service Elevation of Privilege Vulnerability.	2022-07-12	not yet calculated	CVE-2022-22050 MISC
microsoft — windows_gdi+	Windows GDI+ Information Disclosure Vulnerability.	2022-07-12	not yet calculated	CVE-2022-30213 MISC
microsoft — windows_graphics_component	Windows Graphics Component Remote Code Execution Vulnerability.	2022-07-12	not yet calculated	CVE-2022-30221 MISC
microsoft — windows_group_policy	Windows Group Policy Elevation of Privilege Vulnerability.	2022-07-12	not yet calculated	CVE-2022-30205 MISC
microsoft — windows_hyper-v	Windows Hyper-V Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-22042.	2022-07-12	not yet calculated	CVE-2022-30223 MISC
microsoft — windows_iis_server	Windows IIS Server Elevation of Privilege Vulnerability.	2022-07-12	not yet calculated	CVE-2022-30209 MISC
microsoft — windows_layer_2_tunneling_protocol	Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability.	2022-07-12	not yet calculated	CVE-2022-30211 MISC
microsoft — windows_media_player_network_sharing_service	Windows Media Player Network Sharing Service Elevation of Privilege Vulnerability.	2022-07-12	not yet calculated	CVE-2022-30225 MISC
microsoft — windows_print_spooler	Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22022, CVE-2022-22041, CVE-2022-30206.	2022-07-12	not yet calculated	CVE-2022-30226 MISC
microsoft — windows_print_spooler	Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22022, CVE-2022-22041, CVE-2022-30226.	2022-07-12	not yet calculated	CVE-2022-30206 MISC
microsoft — windows_security_account_manager	Windows Security Account Manager (SAM) Denial of Service Vulnerability.	2022-07-12	not yet calculated	CVE-2022-30208 MISC
microsoft — windows_server	Windows Server Service Tampering Vulnerability.	2022-07-12	not yet calculated	CVE-2022-30216 MISC
microsoft — windows_shell	Windows Shell Remote Code Execution Vulnerability.	2022-07-12	not yet calculated	CVE-2022-30222 MISC
microsoft — xbox	Xbox Live Save Service Elevation of Privilege Vulnerability.	2022-07-12	not yet calculated	CVE-2022-33644 MISC
microweber — microweber	An Arbitrary File Upload vulnerability exists in Microweber 1.1.3 that allows attackers to getshell via the Settings Upload Picture section by uploading pictures with malicious code, user.ini.	2022-07-15	not yet calculated	CVE-2021-36461 MISC
mogu_blog — mogu_blog	Mogu blog 5.2 is vulnerable to Cross Site Scripting (XSS).	2022-07-12	not yet calculated	CVE-2022-30517 MISC
mplayer_project — mplayer_project	The MPlayer Project v1.5 was discovered to contain a heap use-after-free resulting in a double free in the preinit function at libvo/vo_v4l2.c. This vulnerability can lead to a Denial of Service (DoS) via a crafted file.	2022-07-14	not yet calculated	CVE-2022-32317 MISC
multi_restaurant_table_reservation_system — multi_restaurant_table_reservation_system	Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Area(food_type) field to /dashboard/menu-list.php.	2022-07-15	not yet calculated	CVE-2020-36553 MISC MISC MISC MISC
multi_restaurant_table_reservation_system — multi_restaurant_table_reservation_system	Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Item Name field to /dashboard/menu-list.php.	2022-07-15	not yet calculated	CVE-2020-36551 MISC MISC MISC MISC
multi_restaurant_table_reservation_system — multi_restaurant_table_reservation_system	Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Table Name field to /dashboard/table-list.php.	2022-07-15	not yet calculated	CVE-2020-36550 MISC MISC MISC MISC
multi_restaurant_table_reservation_system — multi_restaurant_table_reservation_system	Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Made field to /dashboard/menu-list.php.	2022-07-15	not yet calculated	CVE-2020-36552 MISC MISC MISC MISC
multi_restaurant_table_reservation_system — multi_restaurant_table_reservation_system	Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Restaurant Name field to /dashboard/profile.php.	2022-07-15	not yet calculated	CVE-2020-35261 MISC MISC MISC MISC
nautilus — multiple_treadmills	Nautilus treadmills T616 S/N 100672PRO21140001 through 100672PRO21171980 and T618 S/N 100647PRO21130111 through 100647PRO21183960 with software before 2022-06-09 allow physically proximate attackers to cause a denial of service (fall) by connecting the power cord to a 120V circuit (which may lead to self-starting at an inopportune time).	2022-07-12	not yet calculated	CVE-2022-35648 MISC MISC MISC
october_cms — october_cms	October/System is the system module for October CMS, a self-hosted CMS platform based on the Laravel PHP Framework. Prior to versions 1.0.476, 1.1.12, and 2.2.15, when the developer allows the user to specify their own filename in the `fromData` method, an unauthenticated user can perform remote code execution (RCE) by exploiting a race condition in the temporary storage directory. This vulnerability affects plugins that expose the `October\Rain\Database\Attach\File::fromData` as a public interface and does not affect vanilla installations of October CMS since this method is not exposed or used by the system internally or externally. The issue has been patched in Build 476 (v1.0.476), v1.1.12, and v2.2.15. Those who are unable to upgrade may apply with patch to their installation manually as a workaround.	2022-07-12	not yet calculated	CVE-2022-24800 CONFIRM MISC
octobot — octobot	WebInterface in OctoBot before 0.4.4 allows remote code execution because Tentacles upload is mishandled.	2022-07-16	not yet calculated	CVE-2021-36711 MISC MISC MISC MISC MISC
octopus — octopus_server	In affected versions of Octopus Server the help sidebar can be customized to include a Cross-Site Scripting payload in the support link.	2022-07-15	not yet calculated	CVE-2022-29890 MISC
octopus — octopus_server	In affected versions of Octopus Server an Insecure Direct Object Reference vulnerability exists where it is possible for a user to download Project Exports from a Project they do not have permissions to access. This vulnerability only impacts projects within the same Space.	2022-07-15	not yet calculated	CVE-2022-1881 MISC
online_hotel_booking_system — online_hotel_booking_system	A vulnerability has been found in Online Hotel Booking System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file edit_all_room.php of the component Room Handler. The manipulation of the argument id with the input 2828%27%20AND%20(SELECT%203766%20FROM%20(SELECT(SLEEP(5)))BmIK)%20AND%20%27YLPl%27=%27YLPl leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.	2022-07-12	not yet calculated	CVE-2022-2262 MISC MISC
online_hotel_booking_system — online_hotel_booking_system	A vulnerability was found in Online Hotel Booking System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file edit_room_cat.php of the component Room Handler. The manipulation of the argument roomname leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.	2022-07-12	not yet calculated	CVE-2022-2263 MISC MISC
openjs_foundation — node.js	A OS Command Injection vulnerability exists in Node.js versions <14.20.0, <16.20.0, <18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks.	2022-07-14	not yet calculated	CVE-2022-32212 MISC MISC MISC
openjs_foundation — node.js	The llhttp parser in the http module in Node.js does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS).	2022-07-14	not yet calculated	CVE-2022-32214 MISC MISC
openjs_foundation — node.js	The llhttp parser in the http module in Node v17.6.0 does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS).	2022-07-14	not yet calculated	CVE-2022-32215 MISC MISC
openjs_foundation — node.js	A cryptographic vulnerability exists on Node.js on linux in versions of 18.x prior to 18.40.0 which allowed a default path for openssl.cnf that might be accessible under some circumstances to a non-admin user instead of /etc/ssl as was the case in versions prior to the upgrade to OpenSSL 3.	2022-07-14	not yet calculated	CVE-2022-32222 MISC
openjs_foundation — node.js	Node.js is vulnerable to Hijack Execution Flow: DLL Hijacking under certain conditions on Windows platforms.This vulnerability can be exploited if the victim has the following dependencies on a Windows machine:* OpenSSL has been installed and “C:\Program Files\Common Files\SSL\openssl.cnf” exists.Whenever the above conditions are present, `node.exe` will search for `providers.dll` in the current user directory.After that, `node.exe` will try to search for `providers.dll` by the DLL Search Order in Windows.It is possible for an attacker to place the malicious file `providers.dll` under a variety of paths and exploit this vulnerability.	2022-07-14	not yet calculated	CVE-2022-32223 MISC MISC
openjs_foundation — node.js	The llhttp parser in the http module in Node.js v17.x does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling (HRS).	2022-07-14	not yet calculated	CVE-2022-32213 MISC
openzeppelin — contracts_for_cairo	OpenZeppelin Contracts for Cairo is a library for contract development written in Cairo for StarkNet, a decentralized ZK Rollup. Version 0.2.0 is vulnerable to an error that renders account contracts unusable on live networks. This issue affects all accounts (vanilla and ethereum flavors) in the v0.2.0 release of OpenZeppelin Contracts for Cairo, which are not whitelisted on StarkNet mainnet. Only goerli deployments of v0.2.0 accounts are affected. This faulty behavior is not observed in StarkNet’s testing framework. This bug has been patched in v0.2.1.	2022-07-15	not yet calculated	CVE-2022-31153 MISC MISC MISC CONFIRM MISC MISC
osticket — osticket	A stored cross-site scripting (XSS) vulnerability in the component audit/class.audit.php of osTicket-plugins – Storage-FS before commit a7842d494889fd5533d13deb3c6a7789768795ae allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file.	2022-07-13	not yet calculated	CVE-2022-32074 MISC MISC MISC
oxygen_xml_webhelp — oxygen_xml_webhelp	An issue was discovered in Oxygen XML WebHelp before 22.1 build 2021082006 and 23.x before 23.1 build 2021090310. An XSS vulnerability in search terms proposals (in online documentation generated using Oxygen XML WebHelp) allows attackers to execute JavaScript by convincing a user to type specific text in the WebHelp output search field.	2022-07-13	not yet calculated	CVE-2021-46827 MISC
packback — lti_1.3_tool_library	LTI 1.3 Tool Library is a library used for building IMS-certified LTI 1.3 tool providers in PHP. Prior to version 5.0, the Nonce Claim Value was not being validated against the nonce value sent in the Authentication Request. Users should upgrade to version 5.0 to receive a patch. There are currently no known workarounds.	2022-07-15	not yet calculated	CVE-2022-31158 CONFIRM
packback — lti_1.3_tool_library	LTI 1.3 Tool Library is a library used for building IMS-certified LTI 1.3 tool providers in PHP. Prior to version 5.0, the function used to generate random nonces was not sufficiently cryptographically complex. Users should upgrade to version 5.0 to receive a patch. There are currently no known workarounds.	2022-07-15	not yet calculated	CVE-2022-31157 CONFIRM
parallels — parallels_desktop	This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.5.1 (49187). An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the HDAudio virtual device. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-14969.	2022-07-15	not yet calculated	CVE-2021-34987 N/A N/A
parallels — parallels_desktop	This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.5.0 (49183). An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Parallels Service. By creating a symbolic link, an attacker can abuse the service to execute a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-13932.	2022-07-15	not yet calculated	CVE-2021-34986 N/A N/A
pbootcms — pbootcms	PbootCMS v3.1.2 was discovered to contain a remote code execution (RCE) vulnerability via the function parserIfLabel at function.php.	2022-07-14	not yet calculated	CVE-2022-32417 MISC
piwigo — piwigo	Piwigo v12.2.0 was discovered to contain SQL injection vulnerability via the Search function.	2022-07-14	not yet calculated	CVE-2022-32297 MISC
prestashop — prestashop	File upload vulnerability in the Catalog feature in Prestashop 1.7.6.7 allows remote attackers to run arbitrary code via the add new file page.	2022-07-13	not yet calculated	CVE-2020-21967 MISC MISC
product_show_room_site — product_show_room_site	Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/classes/Master.php?f=delete_product.	2022-07-14	not yet calculated	CVE-2022-32416 MISC
product_show_room_site — product_show_room_site	Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/?p=products/view_product&id=.	2022-07-14	not yet calculated	CVE-2022-32415 MISC
pyramid_solutions — ethernet/ip_adapter_and_ethernet/ip_scanner	Pyramid Solutions’ affected products, the Developer and DLL kits for EtherNet/IP Adapter and EtherNet/IP Scanner, are vulnerable to an out-of-bounds write, which may allow an unauthorized attacker to send a specially crafted packet that may result in a denial-of-service condition.	2022-07-12	not yet calculated	CVE-2022-1737 MISC
qemu — qemu	softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized read on the translate_fail path, leading to an io_readx or io_writex crash.	2022-07-11	not yet calculated	CVE-2022-35414 MISC MISC MISC MISC MISC MISC MISC MISC
redhat — convert2rhel	In convert2rhel, there’s an ansible playbook named ansible/run-convert2rhel.yml which passes the Red Hat Subscription Manager user password via the CLI to convert2rhel. This could allow unauthorized local users to view the password via the process list while convert2rhel is running. However, this ansible playbook is only an example in the upstream repository and it is not shipped in officially supported versions of convert2rhel.	2022-07-14	not yet calculated	CVE-2022-1662 MISC
rhonabwy — rhonabwy	Rhonabwy before v1.1.5 was discovered to contain a buffer overflow via the component r_jwe_aesgcm_key_unwrap. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted JWE token.	2022-07-13	not yet calculated	CVE-2022-32096 MISC MISC
roxy-wi — roxy-wi	Roxy-WI is a Web interface for managing HAProxy, Nginx and Keepalived servers. Prior to version 6.1.1.0, the system command can be run remotely via the subprocess_execute function without processing the inputs received from the user in the /app/options.py file. Version 6.1.1.0 contains a patch for this issue.	2022-07-15	not yet calculated	CVE-2022-31161 CONFIRM MISC
ruoyi — ruoyi	An arbitrary file upload vulnerability in the background management module of RuoYi v4.7.3 and below allows attackers to execute arbitrary code via a crafted HTML file.	2022-07-13	not yet calculated	CVE-2022-32065 MISC MISC MISC MISC
sage — sage300	In Sage 300 ERP (formerly accpac) through 6.8.x, the installer configures the C:\Sage\Sage300\Runtime directory to be the first entry in the system-wide PATH environment variable. However, this directory is writable by unprivileged users because the Sage installer fails to set explicit permissions and therefore inherits weak permissions from the C:\ folder. Because entries in the system-wide PATH variable are included in the search order for DLLs, an attacker could perform DLL search-order hijacking to escalate their privileges to SYSTEM. Furthermore, if the Global Search or Web Screens functionality is enabled, then privilege escalation is possible via the GlobalSearchService and Sage.CNA.WindowsService services, again via DLL search-order hijacking because unprivileged users would have modify permissions on the application directory. Note that while older versions of the software default to installing in %PROGRAMFILES(X86)% (which would allow the Sage folder to inherit strong permissions, making the installation not vulnerable), the official Sage 300 installation guides for those versions recommend installing in C:\Sage, which would make the installation vulnerable.	2022-07-14	not yet calculated	CVE-2021-45492 MISC MISC
samsung — calendar	Information exposure in Calendar prior to version 12.3.05.10000 allows attacker to access calendar schedule without READ_CALENDAR permission.	2022-07-12	not yet calculated	CVE-2022-33705 MISC
samsung — samsung_camera	Intent redirection vulnerability using implict intent in Camera prior to versions 12.0.01.64 ,12.0.3.23, 12.0.0.98, 12.0.6.11, 12.0.3.19 in Android S(12) allows attacker to get sensitive information.	2022-07-12	not yet calculated	CVE-2022-33712 MISC
samsung — samsung_cloud	Implicit Intent hijacking vulnerability in Samsung Cloud prior to version 5.2.0 allows attacker to get sensitive information.	2022-07-12	not yet calculated	CVE-2022-33713 MISC
samsung — usb_driver_windows_installer_for_mobile_phones	Improper validation of integrity check vulnerability in Samsung USB Driver Windows Installer for Mobile Phones prior to version 1.7.56.0 allows local attackers to delete arbitrary directory using directory junction.	2022-07-12	not yet calculated	CVE-2022-33711 MISC
sap — 3d_visual_enterprise_viewer	When a user opens manipulated JPEG 2000 (.jp2, jp2k.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. The file format details along with their CVE relevant information can be found below	2022-07-12	not yet calculated	CVE-2022-35171 MISC MISC
sap — busines_objects_business_intelligence_platform	SAP BusinessObjects Business Intelligence Platform (LCM) – versions 420, 430, allows an attacker with an admin privilege to read and decrypt LCMBIAR file’s password under certain conditions, enabling the attacker to modify the password or import the file into another system causing high impact on confidentiality but a limited impact on the availability and integrity of the application.	2022-07-12	not yet calculated	CVE-2022-35169 MISC MISC
sap — busines_objects_business_intelligence_platform	SAP Busines Objects Business Intelligence Platform (Visual Difference Application) – versions 420, 430, allows an authenticated attacker who has access to BI admin console to send crafted queries and extract data from the SQL backend. On successful exploitation, the attacker can cause limited impact on confidentiality and integrity of the application	2022-07-12	not yet calculated	CVE-2022-32246 MISC MISC
sap — busines_one	Due to improper input sanitization of XML input in SAP Business One – version 10.0, an attacker can perform a denial-of-service attack rendering the system temporarily inoperative.	2022-07-12	not yet calculated	CVE-2022-35168 MISC MISC
sap — hana	Under special integration scenario of SAP Business one and SAP HANA – version 10.0, an attacker can exploit HANA cockpit?s data volume to gain access to highly sensitive information (e.g., high privileged account credentials)	2022-07-12	not yet calculated	CVE-2022-32249 MISC MISC
sap — netweaver_enterprise_portal	A vulnerability in SAP NW EP (WPC) – versions 7.30, 7.31, 7.40, 7.50, which does not sufficiently validate user-controlled input, allows a remote attacker to conduct a Cross-Site (XSS) scripting attack. A successful exploit could allow the attacker to execute arbitrary script code which could lead to stealing or modifying of authentication information of the user, such as data relating to his or her current session.	2022-07-12	not yet calculated	CVE-2022-35227 MISC MISC
sap — netweaver_enterprise_portal	SAP NetWeaver Enterprise Portal – versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting (XSS) vulnerability, therefore changing the scope of the attack. This leads to limited impact on confidentiality and integrity of data.	2022-07-12	not yet calculated	CVE-2022-35225 MISC MISC
sap — netweaver_enterprise_portal	SAP NetWeaver Enterprise Portal – versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in reflected Cross-Site Scripting (XSS) vulnerability.	2022-07-12	not yet calculated	CVE-2022-35172 MISC MISC
sap — netweaver_enterprise_portal	SAP NetWeaver Enterprise Portal does – versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting (XSS) vulnerability, therefore changing the scope of the attack. This leads to limited impact on confidentiality and integrity of data.	2022-07-12	not yet calculated	CVE-2022-35170 MISC MISC
sap — netweaver_enterprise_portal	SAP NetWeaver Enterprise Portal – versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, is susceptible to script execution attack by an unauthenticated attacker due to improper sanitization of the User inputs while interacting on the Network. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.	2022-07-12	not yet calculated	CVE-2022-32247 MISC MISC
sap — s/4hana	Due to missing input validation in the Manage Checkbooks component of SAP S/4HANA – version 101, 102, 103, 104, 105, 106, an attacker could insert or edit the value of an existing field in the database. This leads to an impact on the integrity of the data.	2022-07-12	not yet calculated	CVE-2022-32248 MISC MISC
sap — s/4hana	Within SAP S/4HANA – versions S4CORE 101, 102, 103, 104, 105, 106, SAPSCORE 127, the application business partner extension for Spain/Slovakia does not perform necessary authorization checks for a low privileged authenticated user over the network, resulting in escalation of privileges leading to low impact on confidentiality and integrity of the data.	2022-07-12	not yet calculated	CVE-2022-31597 MISC MISC
sap_se — sap_business_one_license_service_api	Due to missing authentication check, SAP Business one License service API – version 10.0 allows an unauthenticated attacker to send malicious http requests over the network. On successful exploitation, an attacker can break the whole application making it inaccessible.	2022-07-12	not yet calculated	CVE-2022-28771 MISC MISC
schneider_electric — acti9_powertag_link_c	A CWE-269: Improper Privilege Management vulnerability exists that could allow elevated functionality when guessing credentials. Affected Products: Acti9 PowerTag Link C (A9XELC10-A) (V1.7.5 and prior), Acti9 PowerTag Link C (A9XELC10-B) (V2.12.0 and prior)	2022-07-13	not yet calculated	CVE-2022-34754 CONFIRM
schneider_electric — easergy_p5	A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in remote code execution or the crash of HTTPs stack which is used for the device Web HMI. Affected Products: Easergy P5 (V01.401.102 and prior)	2022-07-13	not yet calculated	CVE-2022-34756 CONFIRM
schneider_electric — easergy_p5	A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists where weak cipher suites can be used for the SSH connection between Easergy Pro software and the device, which may allow an attacker to observe protected communication details. Affected Products: Easergy P5 (V01.401.102 and prior)	2022-07-13	not yet calculated	CVE-2022-34757 CONFIRM
schneider_electric — easergy_p5	A CWE-20: Improper Input Validation vulnerability exists that could cause the device watchdog function to be disabled if the attacker had access to privileged user credentials. Affected Products: Easergy P5 (V01.401.102 and prior)	2022-07-13	not yet calculated	CVE-2022-34758 CONFIRM
schneider_electric — spacelogic_c-bus_home_controller	A CWE-78: Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) vulnerability exists that could cause remote root exploit when the command is compromised. Affected Products: SpaceLogic C-Bus Home Controller (5200WHC2), formerly known as C-Bus Wiser Homer Controller MK2 (V1.31.460 and prior)	2022-07-13	not yet calculated	CVE-2022-34753 CONFIRM
schneider_electric — x80_advanced_rtu_communication_module_and_opc_ua_modicon_communication_module	A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists that could cause loading of unauthorized firmware images due to improper verification of the firmware signature. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V2.01 and later), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior)	2022-07-13	not yet calculated	CVE-2022-34763 CONFIRM
schneider_electric — x80_advanced_rtu_communication_module_and_opc_ua_modicon_communication_module	A CWE-73: External Control of File Name or Path vulnerability exists that could cause loading of unauthorized firmware images when user-controlled data is written to the file path. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V2.01 and later), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior)	2022-07-13	not yet calculated	CVE-2022-34765 CONFIRM
schneider_electric — x80_advanced_rtu_communication_module_and_opc_ua_modicon_communication_module	A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause denial of service when parsing the URL. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V1.0), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior)	2022-07-13	not yet calculated	CVE-2022-34764 CONFIRM
schneider_electric — x80_advanced_rtu_communication_module_and_opc_ua_modicon_communication_module	A CWE-476: NULL Pointer Dereference vulnerability exists that could cause a denial of service of the webserver when parsing JSON content type. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V2.01 and later), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior)	2022-07-13	not yet calculated	CVE-2022-34761 CONFIRM
schneider_electric — x80_advanced_rtu_communication_module_and_opc_ua_modicon_communication_module	A CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability exists that could cause unauthorized firmware image loading when unsigned images are added to the firmware image path. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V2.01 and later), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior)	2022-07-13	not yet calculated	CVE-2022-34762 CONFIRM
schneider_electric — x80_advanced_rtu_communication_module_and_opc_ua_modicon_communication_module	A CWE-835: Loop with Unreachable Exit Condition (‘Infinite Loop’) vulnerability exists that could cause a denial of service of the webserver due to improper handling of the cookies. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V1.0), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior)	2022-07-13	not yet calculated	CVE-2022-34760 CONFIRM
schneider_electric — x80_advanced_rtu_communication_module_and_opc_ua_modicon_communication_module	A CWE-787: Out-of-bounds Write vulnerability exists that could cause a denial of service of the webserver due to improper parsing of the HTTP Headers. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V1.0), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior)	2022-07-13	not yet calculated	CVE-2022-34759 CONFIRM
schutzwerk — spryker_commerce_os	Spryker Commerce OS 1.4.2 allows Remote Command Execution.	2022-07-13	not yet calculated	CVE-2022-28888 MISC MISC
shoutrrr — shoutrrr	The package github.com/containrrr/shoutrrr/pkg/util before 0.6.0 are vulnerable to Denial of Service (DoS) via the util.PartitionMessage function. Exploiting this vulnerability is possible by sending exactly 2000, 4000, or 6000 characters messages.	2022-07-15	not yet calculated	CVE-2022-25891 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM
siemens — en100_ethernet_module	A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant (All versions), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.40), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions). Affected applications contains a memory corruption vulnerability while parsing specially crafted HTTP packets to /txtrace endpoint manupulating a specific argument. This could allow an attacker to crash the affected application leading to a denial of service condition	2022-07-12	not yet calculated	CVE-2022-30938 CONFIRM
siemens — mendix	A vulnerability has been identified in Mendix Excel Importer Module (Mendix 8 compatible) (All versions < V9.2.2), Mendix Excel Importer Module (Mendix 9 compatible) (All versions < V10.1.2). The affected component is vulnerable to XML Entity Expansion Injection. An attacker may use this to compromise the availability of the affected component.	2022-07-12	not yet calculated	CVE-2022-34467 CONFIRM
siemens — mendix	A vulnerability has been identified in Mendix Applications using Mendix 9 (All versions >= V9.11 < V9.15), Mendix Applications using Mendix 9 (V9.12) (All versions < V9.12.3). An expression injection vulnerability was discovered in the Workflow subsystem of Mendix Runtime, that can affect the running applications. The vulnerability could allow a malicious user to leak sensitive information in a certain configuration.	2022-07-12	not yet calculated	CVE-2022-34466 CONFIRM
siemens — multiple_products	A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions < CPC80 V16.30), CP-8000 MASTER MODULE WITH I/O -40/+70°C (All versions < CPC80 V16.30), CP-8021 MASTER MODULE (All versions < CPC80 V16.30), CP-8022 MASTER MODULE WITH GPRS (All versions < CPC80 V16.30). When using the HTTPS server under specific conditions, affected devices do not properly free resources. This could allow an unauthenticated remote attacker to put the device into a denial of service condition.	2022-07-12	not yet calculated	CVE-2022-29884 CONFIRM
siemens — opcenter_quality	A vulnerability has been identified in Opcenter Quality V13.1 (All versions < V13.1.20220624), Opcenter Quality V13.2 (All versions < V13.2.20220624). The affected applications do not properly validate login information during authentication. This could lead to denial of service condition for existing users or allow unauthenticated remote attackers to successfully login without credentials.	2022-07-12	not yet calculated	CVE-2022-33736 CONFIRM
siemens — parasolid_and_simcenter_femap	A vulnerability has been identified in Parasolid V33.1 (All versions), Parasolid V34.0 (All versions < V34.0.250), Parasolid V34.1 (All versions < V34.1.233), Simcenter Femap (All versions). The affected application contains an out of bounds read past the end of an allocated structure while parsing specially crafted NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15420)	2022-07-12	not yet calculated	CVE-2022-34465 CONFIRM
siemens — ruggedcom_ros	A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions), RUGGEDCOM ROS M2200 (All versions), RUGGEDCOM ROS M969 (All versions), RUGGEDCOM ROS RMC (All versions), RUGGEDCOM ROS RMC20 (All versions), RUGGEDCOM ROS RMC30 (All versions), RUGGEDCOM ROS RMC40 (All versions), RUGGEDCOM ROS RMC41 (All versions), RUGGEDCOM ROS RMC8388 (All versions < V5.6.0), RUGGEDCOM ROS RP110 (All versions), RUGGEDCOM ROS RS400 (All versions), RUGGEDCOM ROS RS401 (All versions), RUGGEDCOM ROS RS416 (All versions), RUGGEDCOM ROS RS416v2 (All versions < V5.6.0), RUGGEDCOM ROS RS8000 (All versions), RUGGEDCOM ROS RS8000A (All versions), RUGGEDCOM ROS RS8000H (All versions), RUGGEDCOM ROS RS8000T (All versions), RUGGEDCOM ROS RS900 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900G (All versions), RUGGEDCOM ROS RS900G (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900GP (All versions), RUGGEDCOM ROS RS900L (All versions), RUGGEDCOM ROS RS900W (All versions), RUGGEDCOM ROS RS910 (All versions), RUGGEDCOM ROS RS910L (All versions), RUGGEDCOM ROS RS910W (All versions), RUGGEDCOM ROS RS920L (All versions), RUGGEDCOM ROS RS920W (All versions), RUGGEDCOM ROS RS930L (All versions), RUGGEDCOM ROS RS930W (All versions), RUGGEDCOM ROS RS940G (All versions), RUGGEDCOM ROS RS969 (All versions), RUGGEDCOM ROS RSG2100 (All versions), RUGGEDCOM ROS RSG2100 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RSG2100P (All versions), RUGGEDCOM ROS RSG2200 (All versions), RUGGEDCOM ROS RSG2288 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300P (All versions < V5.6.0), RUGGEDCOM ROS RSG2488 (All versions < V5.6.0), RUGGEDCOM ROS RSG907R (All versions < V5.6.0), RUGGEDCOM ROS RSG908C (All versions < V5.6.0), RUGGEDCOM ROS RSG909R (All versions < V5.6.0), RUGGEDCOM ROS RSG910C (All versions < V5.6.0), RUGGEDCOM ROS RSG920P (All versions < V5.6.0), RUGGEDCOM ROS RSL910 (All versions < V5.6.0), RUGGEDCOM ROS RST2228 (All versions < V5.6.0), RUGGEDCOM ROS RST2228P (All versions < V5.6.0), RUGGEDCOM ROS RST916C (All versions < V5.6.0), RUGGEDCOM ROS RST916P (All versions < V5.6.0), RUGGEDCOM ROS i800 (All versions), RUGGEDCOM ROS i801 (All versions), RUGGEDCOM ROS i802 (All versions), RUGGEDCOM ROS i803 (All versions). Affected devices are vulnerable to a web-based code injection attack via the console. An attacker could exploit this vulnerability to inject code into the web server and cause malicious behavior in legitimate users accessing certain web resources on the affected device.	2022-07-12	not yet calculated	CVE-2022-34663 CONFIRM
siemens — ruggedcom_rox_mx5000	A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < 2.15.1), RUGGEDCOM ROX MX5000RE (All versions < 2.15.1), RUGGEDCOM ROX RX1400 (All versions < 2.15.1), RUGGEDCOM ROX RX1500 (All versions < 2.15.1), RUGGEDCOM ROX RX1501 (All versions < 2.15.1), RUGGEDCOM ROX RX1510 (All versions < 2.15.1), RUGGEDCOM ROX RX1511 (All versions < 2.15.1), RUGGEDCOM ROX RX1512 (All versions < 2.15.1), RUGGEDCOM ROX RX1524 (All versions < 2.15.1), RUGGEDCOM ROX RX1536 (All versions < 2.15.1), RUGGEDCOM ROX RX5000 (All versions < 2.15.1). Affected devices do not properly validate user input, making them susceptible to command injection. An attacker with access to either the shell or the web CLI with administrator privileges could access the underlying operating system as the root user.	2022-07-12	not yet calculated	CVE-2022-29560 CONFIRM
siemens — sicam_gridedge_essential	A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions), SICAM GridEdge Essential Intel (All versions < V2.7.3), SICAM GridEdge Essential with GDS ARM (All versions), SICAM GridEdge Essential with GDS Intel (All versions < V2.7.3). Affected software uses an improperly protected file to import SSH keys. Attackers with access to the filesystem of the host on which SICAM GridEdge runs, are able to inject a custom SSH key to that file.	2022-07-12	not yet calculated	CVE-2022-34464 CONFIRM
simple_e-learning_system — simple_e-learning_system	A vulnerability classified as problematic was found in SourceCodester Simple e-Learning System 1.0. Affected by this vulnerability is an unknown functionality of the file /vcs/claire_blake. The manipulation of the argument Bio with the input “><script>alert(document.cookie)</script> leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.	2022-07-14	not yet calculated	CVE-2022-2396 N/A N/A
snyk — package_angular	All versions of package angular are vulnerable to Cross-site Scripting (XSS) due to insecure page caching in the Internet Explorer browser, which allows interpolation of <textarea> elements.	2022-07-15	not yet calculated	CVE-2022-25869 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM
snyk — package_svelte	The package svelte before 3.49.0 are vulnerable to Cross-site Scripting (XSS) due to improper input sanitization and to improper escape of attributes when using objects during SSR (Server-Side Rendering). Exploiting this vulnerability is possible via objects with a custom toString() function.	2022-07-12	not yet calculated	CVE-2022-25875 MISC MISC MISC
snyk — package_terser	The package terser before 4.8.1, from 5.0.0 and before 5.14.2 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure usage of regular expressions.	2022-07-15	not yet calculated	CVE-2022-25858 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM
software_publico_brasileiro — i3geo	Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting (XSS) vulnerability via request_token.php.	2022-07-14	not yet calculated	CVE-2022-34094 MISC MISC MISC MISC MISC
software_publico_brasileiro — i3geo	A local file inclusion (LFI) vulnerability in the component codemirror.php of Portal do Software Publico Brasileiro i3geo v7.0.5 allows attackers to execute arbitrary PHP code via a crafted HTTP request.	2022-07-14	not yet calculated	CVE-2022-32409 MISC MISC
software_publico_brasileiro — i3geo	Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting (XSS) vulnerability via access_token.php.	2022-07-14	not yet calculated	CVE-2022-34093 MISC MISC MISC MISC MISC
software_publico_brasileiro — i3geo	Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting (XSS) vulnerability via svg2img.php.	2022-07-14	not yet calculated	CVE-2022-34092 MISC MISC MISC MISC MISC
strapi — strapi	An unrestricted file upload vulnerability in the Add New Assets function of Strapi v4.1.12 allows attackers to execute arbitrary code via a crafted file.	2022-07-13	not yet calculated	CVE-2022-32114 MISC MISC
toybox — toybox	Toybox v0.8.7 was discovered to contain a NULL pointer dereference via the component httpd.c. This vulnerability can lead to a Denial of Service (DoS) via unspecified vectors.	2022-07-14	not yet calculated	CVE-2022-32298 MISC
tp-link — tp-link_tl-wr841n	A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This affects TL-WR841 V12 TL-WR841N(EU)_V12_160624 and TL-WR841 V11 TL-WR841N(EU)_V11_160325 , TL-WR841N_V11_150616 and TL-WR841 V10 TL-WR841N_V10_150310 are also affected.	2022-07-14	not yet calculated	CVE-2022-30024 MISC MISC MISC
trusted_firmware — mbed_tls	An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.2.0. In some configurations, an unauthenticated attacker can send an invalid ClientHello message to a DTLS server that causes a heap-based buffer over-read of up to 255 bytes. This can cause a server crash or possibly information disclosure based on error responses. Affected configurations have MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE enabled and MBEDTLS_SSL_IN_CONTENT_LEN less than a threshold that depends on the configuration: 258 bytes if using mbedtls_ssl_cookie_check, and possibly up to 571 bytes with a custom cookie check function.	2022-07-15	not yet calculated	CVE-2022-35409 MISC MISC
trustwave — dingtian_dt-r002_2ch_relay_devices	relay_cgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an attacker to replay HTTP post requests without the need for authentication or a valid signed/authorized request.	2022-07-14	not yet calculated	CVE-2022-29593 MISC MISC
typo3 — gridelements_extension	The gridelements (aka Grid Elements) extension through 7.6.1, 8.x through 8.7.0, 9.x through 9.7.0, and 10.x through 10.2.0 extension for TYPO3 allows XSS.	2022-07-12	not yet calculated	CVE-2022-29602 MISC MISC
typo3 — oelib_extension	The oelib (aka One is Enough Library) extension through 4.1.5 for TYPO3 allows SQL Injection.	2022-07-12	not yet calculated	CVE-2022-29600 MISC MISC
typo3 — seminar_manager	The seminars (aka Seminar Manager) extension through 4.1.3 for TYPO3 allows SQL Injection.	2022-07-12	not yet calculated	CVE-2022-29601 MISC MISC
typo3 — typo3	The libconnect extension before 7.0.8 and 8.x before 8.1.0 for TYPO3 allows XSS.	2022-07-12	not yet calculated	CVE-2022-33157 MISC
typo3 — typo3	A SQL injection issue was discovered in the lux extension before 17.6.1, and 18.x through 24.x before 24.0.2, for TYPO3.	2022-07-12	not yet calculated	CVE-2022-35628 MISC
typo3 — typo3	The schema (aka Embedding schema.org vocabulary) extension before 1.13.1 and 2.x before 2.5.1 for TYPO3 allows XSS.	2022-07-12	not yet calculated	CVE-2022-33154 MISC
typo3 — typo3	The matomo_integration (aka Matomo Integration) extension before 1.3.2 for TYPO3 allows XSS.	2022-07-12	not yet calculated	CVE-2022-33156 MISC
typo3 — typo3	The ameos_tarteaucitron (aka AMEOS – TarteAuCitron GDPR cookie banner and tracking management / French RGPD compatible) extension before 1.2.23 for TYPO3 allows XSS.	2022-07-12	not yet calculated	CVE-2022-33155 MISC
ublock_origin_project — ublock_origin	Cross Site Scripting (XSS) vulnerability in uBlock Origin extension before 1.41.1 allows remote attackers to run arbitrary code via a spoofed ‘MessageSender.url’ to the browser renderer process.	2022-07-13	not yet calculated	CVE-2022-32308 MISC
undici — undici	`Undici.ProxyAgent` never verifies the remote server’s certificate, and always exposes all request & response data to the proxy. This unexpectedly means that proxies can MitM all HTTPS traffic, and if the proxy’s URL is HTTP then it also means that nominally HTTPS requests are actually sent via plain-text HTTP between Undici and the proxy server.	2022-07-14	not yet calculated	CVE-2022-32210 MISC MISC
unsafeaccessor — unsafeaccessor	UnsafeAccessor (UA) is a bridge to access jdk.internal.misc.Unsafe & sun.misc.Unsafe. Normally, if UA is loaded as a named module, the internal data of UA is protected by JVM and others can only access UA via UA’s standard API. The main application can set up `SecurityCheck.AccessLimiter` for UA to limit access to UA. Starting with version 1.4.0 and prior to version 1.7.0, when `SecurityCheck.AccessLimiter` is set up, untrusted code can access UA without limitation, even when UA is loaded as a named module. This issue does not affect those for whom `SecurityCheck.AccessLimiter` is not set up. Version 1.7.0 contains a patch.	2022-07-11	not yet calculated	CVE-2022-31139 MISC MISC CONFIRM
urve_web_manager — urve_web_manager	A vulnerability was found in URVE Web Manager. It has been declared as critical. This vulnerability affects unknown code of the file _internal/collector/upload.php. The manipulation leads to unrestricted upload. Access to the local network is required for this attack to succeed. The exploit has been disclosed to the public and may be used.	2022-07-15	not yet calculated	CVE-2022-2419 N/A N/A
urve_web_manager — urve_web_manager	A vulnerability was found in URVE Web Manager. It has been classified as critical. This affects an unknown part of the file kreator.html5/img_upload.php. The manipulation leads to unrestricted upload. Access to the local network is required for this attack. The exploit has been disclosed to the public and may be used.	2022-07-15	not yet calculated	CVE-2022-2418 N/A N/A
urve_web_manager — urve_web_manager	A vulnerability was found in URVE Web Manager. It has been rated as critical. This issue affects some unknown processing of the file _internal/uploader.php. The manipulation leads to unrestricted upload. The attack needs to be approached within the local network. The exploit has been disclosed to the public and may be used.	2022-07-15	not yet calculated	CVE-2022-2420 N/A N/A
verizon — verizon_5g_home_lvskihp_indoorunit	On Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 and OutDoorUnit (ODU) 3.33.101.0 devices, the CRTC and ODU RPC endpoints rely on a static certificate for access control. This certificate is embedded in the firmware, and is identical across the fleet of devices. An attacker need only download this firmware and extract the private components of these certificates (from /etc/lighttpd.d/ca.pem and /etc/lighttpd.d/server.pem) to gain access. (The firmware download location is shown in a device’s upgrade logs.)	2022-07-14	not yet calculated	CVE-2022-28371 MISC MISC
verizon — verizon_5g_home_lvskihp_indoorunit	Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 does not validate the user-provided URL within the crtcmode function’s enable_ssh sub-operation of the crtcrpc JSON listener (found at /lib/functions/wnc_jsonsh/crtcmode.sh) A remote attacker on the local network can provide a malicious URL. The data (found at that URL) is written to /usr/sbin/dropbear and then executed as root.	2022-07-14	not yet calculated	CVE-2022-28369 MISC MISC
verizon — verizon_5g_home_lvskihp_indoorunit	On Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 and OutDoorUnit (ODU) 3.33.101.0 devices, the CRTC and ODU RPC endpoints rely on a static account username/password for access control. This password can be generated via a binary included in the firmware, after ascertaining the MAC address of the IDU’s base Ethernet interface, and adding the string DEVICE_MANUFACTURER=’Wistron_NeWeb_Corp.’ to /etc/device_info to replicate the host environment. This occurs in /etc/init.d/wnc_factoryssidkeypwd (IDU).	2022-07-14	not yet calculated	CVE-2022-28377 MISC MISC
verizon — verizon_5g_home_lvskihp_indoorunit	Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 does not properly sanitize user-controlled parameters within the crtcreadpartition function of the crtcrpc JSON listener in /usr/lib/lua/luci/crtc.lua. A remote attacker on the local network can inject shell metacharacters to achieve remote code execution as root.	2022-07-14	not yet calculated	CVE-2022-28373 MISC MISC
verizon — verizon_5g_home_lvskihp_indoorunit	On Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 and OutDoorUnit (ODU) 3.33.101.0 devices, the CRTC and ODU RPC endpoints provide a means of provisioning a firmware update for the device via crtc_fw_upgrade or crtcfwimage. The URL provided is not validated, and thus allows for arbitrary file upload to the device. This occurs in /lib/lua/luci/crtc.lua (IDU) and /lib/functions/wnc_jsonsh/wnc_crtc_fw.sh (ODU).	2022-07-14	not yet calculated	CVE-2022-28372 MISC MISC
verizon — verizon_5g_home_lvskihp_outdoorunit	Verizon 5G Home LVSKIHP OutDoorUnit (ODU) 3.33.101.0 does not property sanitize user-controlled parameters within the crtcswitchsimprofile function of the crtcrpc JSON listener. A remote attacker on the local network can inject shell metacharacters into /usr/lib/lua/5.1/luci/controller/rpc.lua to achieve remote code execution as root,	2022-07-14	not yet calculated	CVE-2022-28375 MISC MISC
verizon — verizon_5g_home_lvskihp_outdoorunit	Verizon 5G Home LVSKIHP OutDoorUnit (ODU) 3.33.101.0 does not property sanitize user-controlled parameters within the DMACC URLs on the Settings page of the Engineering portal. An authenticated remote attacker on the local network can inject shell metacharacters into /usr/lib/lua/5.1/luci/controller/admin/settings.lua to achieve remote code execution as root.	2022-07-14	not yet calculated	CVE-2022-28374 MISC MISC
verizon — verizon_5g_home_lvskihp_outdoorunit	On Verizon 5G Home LVSKIHP OutDoorUnit (ODU) 3.33.101.0 devices, the RPC endpoint crtc_fw_upgrade provides a means of provisioning a firmware update for the device. /lib/functions/wnc_jsonsh/wnc_crtc_fw.sh has no cryptographic validation of the image, thus allowing an attacker to modify the installed firmware.	2022-07-14	not yet calculated	CVE-2022-28370 MISC MISC
vim — heap-based_buffer_overflow	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044.	2022-07-08	not yet calculated	CVE-2022-2343 CONFIRM MISC
vm2 — vm2	This affects the package vm2 before 3.6.11. It is possible to trigger a RangeError exception from the host rather than the “sandboxed” context by reaching the stack call limit with an infinite recursion. The returned object is then used to reference the mainModule property of the host code running the script allowing it to spawn a child_process and execute arbitrary code.	2022-07-13	not yet calculated	CVE-2019-10761 MISC MISC MISC
vmware — vcenter_server	The vCenter Server contains a server-side request forgery (SSRF) vulnerability. A malicious actor with network access to 443 on the vCenter Server may exploit this issue by accessing a URL request outside of vCenter Server or accessing an internal service.	2022-07-13	not yet calculated	CVE-2022-22982 MISC
western_digital — my_cloud_home	Addressed a remote code execution vulnerability by resolving a command injection vulnerability and closing an AWS S3 bucket that potentially allowed an attacker to execute unsigned code on My Cloud Home devices.	2022-07-12	not yet calculated	CVE-2022-22997 MISC
whoogle-search — whoogle-search	The package whoogle-search before 0.7.2 are vulnerable to Cross-site Scripting (XSS) via the query string parameter q. In the case where it does not contain the http string, it is used to build the error_message that is then rendered in the error.html template, using the [flask.render_template](https://flask.palletsprojects.com/en/2.1.x/api/flask.render_template) function. However, the error_message is rendered using the [\| safe filter](https://jinja.palletsprojects.com/en/3.1.x/templates/working-with-automatic-escaping), meaning the user input is not escaped.	2022-07-12	not yet calculated	CVE-2022-25303 MISC MISC MISC
withsecure — multiple_products	A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and in certain WithSecure products whereby the scanning the aeheur.dll component can crash the scanning engine. The exploit can be triggered remotely by an attacker.	2022-07-14	not yet calculated	CVE-2022-28876 MISC MISC
wolfssh — wolfssh	WolfSSH v1.4.7 was discovered to contain an integer overflow via the function wolfSSH_SFTP_RecvRMDIR.	2022-07-13	not yet calculated	CVE-2022-32073 MISC
wordpress — wordpress	The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 2.16.0 doesn’t escape a parameter on its setting page, making it possible for attackers to conduct reflected cross-site scripting attacks.	2022-07-11	not yet calculated	CVE-2022-2092 MISC
wordpress — wordpress	The Cache Images WordPress plugin before 3.2.1 does not implement nonce checks, which could allow attackers to make any logged user upload images via a CSRF attack.	2022-07-11	not yet calculated	CVE-2022-2091 MISC
xiaomi_technology — xiaomi_phones	A denial of service vulnerability exists in some Xiaomi models of phones. The vulnerability is caused by heap overflow and can be exploited by attackers to make remote denial of service.	2022-07-14	not yet calculated	CVE-2020-14127 MISC
yunzhongzhuan — electronic_mall_system	Electronic mall system 1.0_build20200203 is affected vulnerable to SQL Injection.	2022-07-14	not yet calculated	CVE-2022-30113 MISC MISC
zoho — manageengine_servicedes_plus	Zoho ManageEngine ServiceDesk Plus before 13008, ServiceDesk Plus MSP before 10606, and SupportCenter Plus before 11022 are affected by an unauthenticated local file disclosure vulnerability via ticket-creation email. (This also affects Asset Explorer before 6977 with authentication.)	2022-07-12	not yet calculated	CVE-2022-35403 MISC
zulip — zulip	Zulip is an open-source team collaboration tool. Zulip Server versions 2.1.0 above have a user interface tool, accessible only to server owners and server administrators, which provides a way to download a “public data” export. While this export is only accessible to administrators, in many configurations server administrators are not expected to have access to private messages and private streams. However, the “public data” export which administrators could generate contained the attachment contents for all attachments, even those from private messages and streams. Zulip Server version 5.4 contains a patch for this issue.	2022-07-12	not yet calculated	CVE-2022-31134 MISC CONFIRM MISC
zxmp_m721 — zboot_interface	ZXMP M721 has an information leak vulnerability. Since the serial port authentication on the ZBOOT interface is not effective although it is enabled, an attacker could use this vulnerability to log in to the device to obtain sensitive information.	2022-07-15	not yet calculated	CVE-2022-23141 MISC

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts.

CISA recently updated an anonymous product survey;they’d welcome your feedback.

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on Patreon using the button below

To keep up to date follow us on the below channels.

Tags: threatintel, US-CERT

US-CERT Bulletin (SB22-199):Vulnerability Summary for the Week of July 11, 2022

High Vulnerabilities

Medium Vulnerabilities

Low Vulnerabilities

Severity Not Yet Assigned

HackerOne Bug Bounty Disclosure: rxss-in-hidden-parameter-hassan-sheet

HackerOne Bug Bounty Disclosure: jira-credential-disclosure-within-mozilla-slack-griffinf

CISA: CISA Releases Two Industrial Control Systems Advisories

Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials

CACTUS Ransomware Victim: https://www[.]ebir[.]com/

High Vulnerabilities

Medium Vulnerabilities

Low Vulnerabilities

Severity Not Yet Assigned

You may have missed

HackerOne Bug Bounty Disclosure: rxss-in-hidden-parameter-hassan-sheet

HackerOne Bug Bounty Disclosure: jira-credential-disclosure-within-mozilla-slack-griffinf

CISA: CISA Releases Two Industrial Control Systems Advisories

Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials

CACTUS Ransomware Victim: https://www[.]ebir[.]com/