US-CERT Bulletins

Alerts warn about vulnerabilities, incidents, and other security issues that pose a significant risk.

Original release date: January 17, 2022

 

High Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
agoric — realms-shim All versions of package realms-shim are vulnerable to Sandbox Bypass via a Prototype Pollution attack vector. 2022-01-10 7.5 CVE-2021-23543
MISC
MISC
agoric — realms-shim All versions of package realms-shim are vulnerable to Sandbox Bypass via a Prototype Pollution attack vector. 2022-01-10 7.5 CVE-2021-23594
MISC
MISC
checkpoint — endpoint_security Users have access to the directory where the installation repair occurs. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted EXE in the repair folder which runs with the Check Point Remote Access Client privileges. 2022-01-10 7.2 CVE-2021-30360
MISC
MISC
chshcms — cscms cscms v4.1 allows for SQL injection via the “page_del” function. 2022-01-11 7.5 CVE-2020-28103
MISC
chshcms — cscms cscms v4.1 allows for SQL injection via the “js_del” function. 2022-01-11 7.5 CVE-2020-28102
MISC
cisco — unified_contact_center_express A vulnerability in the web-based management interface of Cisco Unified Contact Center Management Portal (Unified CCMP) and Cisco Unified Contact Center Domain Manager (Unified CCDM) could allow an authenticated, remote attacker to elevate their privileges to Administrator. This vulnerability is due to the lack of server-side validation of user permissions. An attacker could exploit this vulnerability by submitting a crafted HTTP request to a vulnerable system. A successful exploit could allow the attacker to create Administrator accounts. With these accounts, the attacker could access and modify telephony and user resources across all the Unified platforms that are associated to the vulnerable Cisco Unified CCMP. To successfully exploit this vulnerability, an attacker would need valid Advanced User credentials. 2022-01-14 8.5 CVE-2022-20658
CISCO
eggjs — extend2 The package extend2 before 1.0.1 are vulnerable to Prototype Pollution via the extend function due to unsafe recursive merge. 2022-01-10 7.5 CVE-2021-23568
MISC
MISC
MISC
MISC
fanuc — r-30ia_firmware The FANUC R-30iA and R-30iB series controllers are vulnerable to an out-of-bounds write, which may allow an attacker to remotely execute arbitrary code. INIT START/restore from backup required. 2022-01-10 10 CVE-2021-32998
MISC
fanuc — r-30ia_firmware The FANUC R-30iA and R-30iB series controllers are vulnerable to integer coercion errors, which cause the device to crash. A restart is required. 2022-01-10 7.8 CVE-2021-32996
MISC
google — android In ipcSetDataReference of Parcel.cpp, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-203847542 2022-01-14 7.2 CVE-2021-39620
MISC
google — android In GBoard, there is a possible way to bypass Factory Reset Protection due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-192663648 2022-01-14 7.2 CVE-2021-39622
MISC
google — android In jit_memory_region.cc, there is a possible bypass of memory restrictions due to a logic error in the code. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-200284993 2022-01-14 7.2 CVE-2021-0959
MISC
google — android In multiple methods of EuiccNotificationManager.java, there is a possible way to install existing packages without user consent due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-196855999 2022-01-14 7.2 CVE-2021-39618
MISC
google — android In setLaunchIntent of BluetoothDevicePickerPreferenceController.java, there is a possible way to invoke an arbitrary broadcast receiver due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-12Android ID: A-195668284 2022-01-14 7.2 CVE-2021-1035
MISC
google — android In doRead of SimpleDecodingSource.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-194105348 2022-01-14 10 CVE-2021-39623
MISC
huawei — emui There is an Integer overflow vulnerability with ACPU in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access. 2022-01-10 7.5 CVE-2021-39993
MISC
huawei — harmonyos There is Vulnerability of APIs being concurrently called for multiple times in HwConnectivityExService a in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart. 2022-01-10 7.8 CVE-2021-39998
MISC
MISC
huawei — harmonyos The bone voice ID trusted application (TA) has a heap overflow vulnerability. Successful exploitation of this vulnerability may result in malicious code execution. 2022-01-10 7.5 CVE-2021-40010
MISC
huawei — harmonyos There is a Heap-based buffer overflow vulnerability with the NFC module in smartphones. Successful exploitation of this vulnerability may cause memory overflow. 2022-01-10 7.5 CVE-2021-39996
MISC
MISC
laundry_booking_management_system_project — laundry_booking_management_system Laundry Booking Management System 1.0 (Latest) and previous versions are affected by a remote code execution (RCE) vulnerability in profile.php through the “image” parameter that can execute a webshell payload. 2022-01-10 7.5 CVE-2021-45003
MISC
libexpat_project — libexpat defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. 2022-01-10 7.5 CVE-2022-22824
MISC
libexpat_project — libexpat build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. 2022-01-10 7.5 CVE-2022-22823
MISC
libexpat_project — libexpat addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. 2022-01-10 7.5 CVE-2022-22822
MISC
microsoft — 365_apps Microsoft Excel Remote Code Execution Vulnerability. 2022-01-11 9.3 CVE-2022-21841
MISC
microsoft — exchange_server Microsoft Exchange Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21855, CVE-2022-21969. 2022-01-11 8.3 CVE-2022-21846
MISC
microsoft — exchange_server Microsoft Exchange Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21846, CVE-2022-21969. 2022-01-11 7.7 CVE-2022-21855
MISC
microsoft — sharepoint_foundation Microsoft SharePoint Server Remote Code Execution Vulnerability. 2022-01-11 9 CVE-2022-21837
MISC
microsoft — windows_10 Active Directory Domain Services Elevation of Privilege Vulnerability. 2022-01-11 9 CVE-2022-21857
MISC
microsoft — windows_10 Remote Desktop Client Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21850. 2022-01-11 9.3 CVE-2022-21851
MISC
microsoft — windows_10 Remote Desktop Client Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21851. 2022-01-11 9.3 CVE-2022-21850
MISC
microsoft — windows_10 Windows IKE Extension Remote Code Execution Vulnerability. 2022-01-11 9.3 CVE-2022-21849
MISC
microsoft — windows_10 Windows IKE Extension Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-21843, CVE-2022-21883, CVE-2022-21889, CVE-2022-21890. 2022-01-11 7.1 CVE-2022-21848
MISC
microsoft — windows_10 Windows User-mode Driver Framework Reflector Driver Elevation of Privilege Vulnerability. 2022-01-11 7.2 CVE-2022-21834
MISC
microsoft — windows_10 Microsoft Cryptographic Services Elevation of Privilege Vulnerability. 2022-01-11 7.2 CVE-2022-21835
MISC
microsoft — windows_10 Windows Certificate Spoofing Vulnerability. 2022-01-11 7.2 CVE-2022-21836
MISC
microsoft — windows_10 Windows Cleanup Manager Elevation of Privilege Vulnerability. 2022-01-11 7.2 CVE-2022-21838
MISC
MISC
microsoft — windows_10 Windows DWM Core Library Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21896, CVE-2022-21902. 2022-01-11 7.2 CVE-2022-21852
MISC
microsoft — windows_10 Windows Bind Filter Driver Elevation of Privilege Vulnerability. 2022-01-11 7.2 CVE-2022-21858
MISC
microsoft — windows_10 Task Flow Data Engine Elevation of Privilege Vulnerability. 2022-01-11 7.2 CVE-2022-21861
MISC
microsoft — windows_10 Virtual Machine IDE Drive Elevation of Privilege Vulnerability. 2022-01-11 7.2 CVE-2022-21833
MISC
online_thesis_archiving_system_project — online_thesis_archiving_system Sourcecodester Online Thesis Archiving System 1.0 is vulnerable to SQL Injection. An attacker can bypass admin authentication and gain access to admin panel using SQL Injection 2022-01-10 7.5 CVE-2021-45334
MISC
MISC
solarwinds — serv-u Serv-U web login screen was allowing characters that were not sanitized by the authentication mechanism. SolarWinds has updated the authentication mechanism to remedy this issue and prevent unauthorized parameters to be used in the Serv-U login screen With the Log4j issue in the wild, input fields across the internet have been tested for vulnerability. Although Serv-U was not affected by the log4j issue, It was discovered that better input validation could be implemented. 2022-01-10 7.5 CVE-2021-35247
MISC
trendmicro — apex_one A origin validation error vulnerability in Trend Micro Apex One (on-prem and SaaS) could allow a local attacker drop and manipulate a specially crafted file to issue commands over a certain pipe and elevate to a higher level of privileges. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. 2022-01-10 7.2 CVE-2021-45441
MISC
MISC
trendmicro — apex_one A unnecessary privilege vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security 10.0 SP1 (on-prem versions only) could allow a local attacker to abuse an impersonation privilege and elevate to a higher level of privileges. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. 2022-01-10 7.2 CVE-2021-45440
MISC
MISC
trendmicro — apex_one A link following privilege escalation vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to create a specially crafted file with arbitrary content which could grant local privilege escalation on the affected system. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. 2022-01-10 7.2 CVE-2021-45231
MISC
MISC

Back to top

 

Medium Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
accu-time — maximus_firmware Accu-Time Systems MAXIMUS 1.0 telnet service suffers from a remote buffer overflow which causes the telnet service to crash 2022-01-10 5 CVE-2021-45856
MISC
adobe — experience_manager AEM’s Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by a reflected Cross-Site Scripting (XSS) vulnerability via the itemResourceType parameter. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser 2022-01-13 4.3 CVE-2021-44178
MISC
adobe — experience_manager AEM’s Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. 2022-01-13 4.3 CVE-2021-43765
MISC
adobe — experience_manager AEM’s Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. 2022-01-13 4.3 CVE-2021-44177
MISC
adobe — experience_manager AEM’s Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. 2022-01-13 4.3 CVE-2021-44176
MISC
adobe — incopy Adobe InCopy version 16.4 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-13 6.8 CVE-2021-45055
MISC
adobe — incopy Adobe InCopy version 16.4 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-13 6.8 CVE-2021-45056
MISC
adobe — incopy Adobe InCopy version 16.4 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-13 6.8 CVE-2021-45053
MISC
adobe — incopy Adobe InCopy version 16.4 (and earlier) is affected by a use-after-free vulnerability in the processing of a JPEG2000 file that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-13 4.3 CVE-2021-45054
MISC
adobe — indesign Adobe InDesign version 16.4 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious JPEG file. 2022-01-13 6.8 CVE-2021-45058
MISC
adobe — indesign Adobe InDesign version 16.4 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious JPEG2000 file. 2022-01-13 6.8 CVE-2021-45057
MISC
adobe — indesign Adobe InDesign version 16.4 (and earlier) is affected by a use-after-free vulnerability in the processing of a JPEG2000 file that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-13 4.3 CVE-2021-45059
MISC
apache — guacamole Apache Guacamole 1.3.0 and older may incorrectly include a private tunnel identifier in the non-private details of some REST responses. This may allow an authenticated user who already has permission to access a particular connection to read from or interact with another user’s active use of that same connection. 2022-01-11 4 CVE-2021-41767
CONFIRM
MLIST
apache — guacamole Apache Guacamole 1.2.0 and 1.3.0 do not properly validate responses received from a SAML identity provider. If SAML support is enabled, this may allow a malicious user to assume the identity of another Guacamole user. 2022-01-11 6 CVE-2021-43999
CONFIRM
MLIST
atlassian — data_center Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view object import configuration details via an Information Disclosure vulnerability in the Create Object type mapping feature. The affected versions are before version 4.21.0. 2022-01-10 4 CVE-2021-43951
MISC
atlassian — data_center Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view private objects via a Broken Access Control vulnerability in the Custom Fields feature. The affected versions are before version 4.21.0. 2022-01-10 4 CVE-2021-43949
MISC
bentley — bentley_view This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14883. 2022-01-13 4.3 CVE-2021-34910
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14865. 2022-01-13 6.8 CVE-2021-34898
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14862. 2022-01-13 6.8 CVE-2021-34895
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14863. 2022-01-13 6.8 CVE-2021-34896
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15052. 2022-01-13 4.3 CVE-2021-34944
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-15051. 2022-01-13 4.3 CVE-2021-34943
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14894. 2022-01-13 4.3 CVE-2021-34916
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14828. 2022-01-13 6.8 CVE-2021-34876
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14695. 2022-01-13 6.8 CVE-2021-34871
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14737. 2022-01-13 6.8 CVE-2021-34872
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14696. 2022-01-13 6.8 CVE-2021-34873
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of 3DS files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14736. 2022-01-13 6.8 CVE-2021-34874
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. Crafted data in a 3DS file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14827. 2022-01-13 6.8 CVE-2021-34875
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14864. 2022-01-13 6.8 CVE-2021-34897
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14830. 2022-01-13 6.8 CVE-2021-34878
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14900. 2022-01-13 6.8 CVE-2021-34922
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14885. 2022-01-13 6.8 CVE-2021-34912
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14892. 2022-01-13 6.8 CVE-2021-34914
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14899. 2022-01-13 6.8 CVE-2021-34921
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14882. 2022-01-13 6.8 CVE-2021-34909
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14867. 2022-01-13 6.8 CVE-2021-34900
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP files. Crafted data in a BMP file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14876. 2022-01-13 6.8 CVE-2021-34903
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14877. 2022-01-13 6.8 CVE-2021-34904
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14878. 2022-01-13 6.8 CVE-2021-34905
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14879. 2022-01-13 6.8 CVE-2021-34906
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14880. 2022-01-13 6.8 CVE-2021-34907
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14881. 2022-01-13 6.8 CVE-2021-34908
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14884. 2022-01-13 6.8 CVE-2021-34911
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14898. 2022-01-13 6.8 CVE-2021-34920
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14838. 2022-01-13 6.8 CVE-2021-34885
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14831. 2022-01-13 6.8 CVE-2021-34913
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14866. 2022-01-13 6.8 CVE-2021-34899
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K files. Crafted data in a J2K file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14893. 2022-01-13 6.8 CVE-2021-34915
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14895. 2022-01-13 6.8 CVE-2021-34917
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. Crafted data in a JP2 file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14896. 2022-01-13 6.8 CVE-2021-34918
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14897. 2022-01-13 6.8 CVE-2021-34919
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. Crafted data in a 3DS file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14833. 2022-01-13 6.8 CVE-2021-34880
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14832. 2022-01-13 6.8 CVE-2021-34879
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14844. 2022-01-13 6.8 CVE-2021-34891
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15039. 2022-01-13 6.8 CVE-2021-34940
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15040. 2022-01-13 6.8 CVE-2021-34941
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14842. 2022-01-13 4.3 CVE-2021-34889
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14996. 2022-01-13 6.8 CVE-2021-34939
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14905. 2022-01-13 6.8 CVE-2021-34927
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14906. 2022-01-13 6.8 CVE-2021-34928
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14907. 2022-01-13 6.8 CVE-2021-34929
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14845. 2022-01-13 6.8 CVE-2021-34892
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14910. 2022-01-13 6.8 CVE-2021-34932
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15054. 2022-01-13 6.8 CVE-2021-34945
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14911. 2022-01-13 6.8 CVE-2021-34933
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14909. 2022-01-13 6.8 CVE-2021-34931
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14913. 2022-01-13 6.8 CVE-2021-34935
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14914. 2022-01-13 6.8 CVE-2021-34936
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14915. 2022-01-13 6.8 CVE-2021-34937
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14995. 2022-01-13 6.8 CVE-2021-34938
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14912. 2022-01-13 6.8 CVE-2021-34934
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15041. 2022-01-13 6.8 CVE-2021-34942
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14908. 2022-01-13 6.8 CVE-2021-34930
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15055. 2022-01-13 6.8 CVE-2021-34946
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14835. 2022-01-13 4.3 CVE-2021-34882
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14846. 2022-01-13 6.8 CVE-2021-34893
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14847. 2022-01-13 6.8 CVE-2021-34894
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14829. 2022-01-13 6.8 CVE-2021-34877
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14901. 2022-01-13 6.8 CVE-2021-34923
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14903. 2022-01-13 6.8 CVE-2021-34925
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14904. 2022-01-13 6.8 CVE-2021-34926
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of OBJ files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14834. 2022-01-13 4.3 CVE-2021-34881
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14836. 2022-01-13 4.3 CVE-2021-34883
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14875. 2022-01-13 4.3 CVE-2021-34902
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14837. 2022-01-13 4.3 CVE-2021-34884
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FBX files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14839. 2022-01-13 4.3 CVE-2021-34886
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14840. 2022-01-13 4.3 CVE-2021-34887
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14841. 2022-01-13 4.3 CVE-2021-34888
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14902. 2022-01-13 6.8 CVE-2021-34924
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14843. 2022-01-13 4.3 CVE-2021-34890
MISC
MISC
bentley — bentley_view This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14874. 2022-01-13 4.3 CVE-2021-34901
MISC
MISC
daybydaycrm — daybyday In DayByDay CRM, versions 2.2.0 through 2.2.1 (latest) are vulnerable to Insufficient Session Expiration. When a password has been changed by the user or by an administrator, a user that was already logged in, will still have access to the application even after the password was changed. 2022-01-13 5.5 CVE-2022-22113
MISC
MISC
dst-admin_project — dst-admin An issue was discovered in dst-admin v1.3.0. The product has an unauthorized arbitrary file download vulnerability that can expose sensitive information. 2022-01-10 5 CVE-2021-44586
MISC
fastlinemedia — beaver_builder In Beaver Builder through 2.5.0.3, attackers can bypass the visibility controls protection mechanism via the REST API. 2022-01-10 5 CVE-2021-42748
MISC
MISC
fastlinemedia — beaver_themer In Beaver Themer, attackers can bypass conditional logic controls (for hiding content) when viewing the post archives. Exploitation requires that a Themer layout is applied to the archives, and that the post excerpt field is not set. 2022-01-10 5 CVE-2021-42749
MISC
MISC
framasoft — peertube peertube is vulnerable to Improper Access Control 2022-01-10 5 CVE-2022-0133
CONFIRM
MISC
framasoft — peertube peertube is vulnerable to Server-Side Request Forgery (SSRF) 2022-01-10 5 CVE-2022-0132
MISC
CONFIRM
google — android An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022 Release 1 allows arbitrary memory write and code execution. 2022-01-10 4.6 CVE-2022-22265
MISC
google — android In showCarrierAppInstallationNotification of EuiccNotificationManager.java, there is a possible way to gain an access to MediaProvider content due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-194695347 2022-01-14 6.9 CVE-2021-39625
MISC
google — android An implicit Intent hijacking vulnerability in Dialer prior to SMR Jan-2022 Release 1 allows unprivileged applications to access contact information. 2022-01-10 4.3 CVE-2022-22270
MISC
google — google-protobuf An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause frequent, repeated pauses. We recommend upgrading libraries beyond the vulnerable versions. 2022-01-10 4.3 CVE-2021-22569
MISC
MISC
MLIST
MLIST
gpac — gpac A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the gf_fileio_check function, which could cause a Denial of Service. 2022-01-10 4.3 CVE-2021-46049
MISC
gpac — gpac A buffer overflow vulnerability exists in Gpac through 1.0.1 via a malformed MP4 file in the svc_parse_slice function in av_parsers.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges. 2022-01-13 6.8 CVE-2021-40568
MISC
MISC
gpac — gpac The binary MP4Box in Gpac 1.0.1 has a null pointer dereference vulnerability in the mpgviddmx_process function in reframe_mpgvid.c, which allows attackers to cause a denial of service. This vulnerability is possibly due to an incomplete fix for CVE-2021-40566. 2022-01-13 4.3 CVE-2021-40575
MISC
MISC
gpac — gpac A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the Media_IsSelfContained function, which could cause a Denial of Service. . 2022-01-10 4.3 CVE-2021-46051
MISC
gpac — gpac A Pointer Derefernce Vulnerbility exists GPAC 1.0.1 the gf_isom_box_size function, which could cause a Denial of Service (context-dependent). 2022-01-10 4.3 CVE-2021-46046
MISC
gpac — gpac A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the gf_hinter_finalize function. 2022-01-10 4.3 CVE-2021-46047
MISC
gpac — gpac The binary MP4Box in Gpac 1.0.1 has a double-free bug in the av1dmx_finalize function in reframe_av1.c, which allows attackers to cause a denial of service. 2022-01-13 4.3 CVE-2021-40572
MISC
MISC
gpac — gpac The binary MP4Box in Gpac 1.0.1 has a null pointer dereference vulnerability in the gf_isom_get_payt_count function in hint_track.c, which allows attackers to cause a denial of service. 2022-01-13 4.3 CVE-2021-40576
MISC
MISC
gpac — gpac GPAC 1.0.1 is affected by: Abort failed. The impact is: cause a denial of service (context-dependent). 2022-01-10 4.3 CVE-2021-46045
MISC
gpac — gpac The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the gf_list_del function in list.c, which allows attackers to cause a denial of service. 2022-01-13 4.3 CVE-2021-40573
MISC
MISC
gpac — gpac The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the gf_text_get_utf8_line function in load_text.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges. 2022-01-13 6.8 CVE-2021-40574
MISC
MISC
gpac — gpac The binary MP4Box in Gpac through 1.0.1 has a double-free vulnerability in the iloc_entry_del funciton in box_code_meta.c, which allows attackers to cause a denial of service. 2022-01-13 4.3 CVE-2021-40569
MISC
MISC
gpac — gpac A Segmentation fault casued by heap use after free vulnerability exists in Gpac through 1.0.1 via the mpgviddmx_process function in reframe_mpgvid.c when using mp4box, which causes a denial of service. 2022-01-12 4.3 CVE-2021-40566
MISC
MISC
gpac — gpac A Segmentation fault caused by a null pointer dereference vulnerability exists in Gpac through 1.0.1 via the gf_avc_parse_nalu function in av_parsers.c when using mp4box, which causes a denial of service. 2022-01-12 4.3 CVE-2021-40565
MISC
MISC
gpac — gpac A Segmentation fault caused by null pointer dereference vulnerability eists in Gpac through 1.0.2 via the avc_parse_slice function in av_parsers.c when using mp4box, which causes a denial of service. 2022-01-12 4.3 CVE-2021-40564
MISC
MISC
gpac — gpac A Segmentation fault exists casued by null pointer dereference exists in Gpac through 1.0.1 via the naludmx_create_avc_decoder_config function in reframe_nalu.c when using mp4box, which causes a denial of service. 2022-01-12 4.3 CVE-2021-40563
MISC
MISC
gpac — gpac A Segmentation fault caused by a floating point exception exists in Gpac through 1.0.1 using mp4box via the naludmx_enqueue_or_dispatch function in reframe_nalu.c, which causes a denial of service. 2022-01-12 4.3 CVE-2021-40562
MISC
MISC
gpac — gpac A null pointer deference vulnerability exists in gpac through 1.0.1 via the naludmx_parse_nal_avc function in reframe_nalu, which allows a denail of service. 2022-01-12 4.3 CVE-2021-40559
MISC
gpac — gpac The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the ilst_box_read function in box_code_apple.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges. 2022-01-13 6.8 CVE-2021-40571
MISC
MISC
gpac — gpac The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the avc_compute_poc function in av_parsers.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges. 2022-01-13 6.8 CVE-2021-40570
MISC
MISC
gpac — gpac A heap-based buffer overflow vulnerability exists in GPAC v1.0.1 in the gf_isom_dovi_config_get function in MP4Box, which causes a denial of service or execute arbitrary code via a crafted file. 2022-01-12 6.8 CVE-2021-36417
MISC
gpac — gpac Segmentation fault vulnerability exists in Gpac through 1.0.1 via the gf_odf_size_descriptor function in desc_private.c when using mp4box, which causes a denial of service. 2022-01-13 4.3 CVE-2021-40567
MISC
MISC
htmldoc_project — htmldoc A stack-based buffer overflow in image_load_bmp() in HTMLDOC <= 1.9.13 results in remote code execution if the victim converts an HTML document linking to a crafted BMP file. 2022-01-10 6.8 CVE-2021-43579
MISC
MISC
MISC
MISC
huawei — emui There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity. 2022-01-10 5 CVE-2021-40031
MISC
huawei — emui There is an Out-of-bounds array read vulnerability in the security storage module in smartphones. Successful exploitation of this vulnerability may affect service confidentiality. 2022-01-10 5 CVE-2021-40020
MISC
huawei — emui There is an Uncontrolled resource consumption vulnerability in the display module in smartphones. Successful exploitation of this vulnerability may affect service integrity. 2022-01-10 6.4 CVE-2021-40011
MISC
huawei — harmonyos The bone voice ID TA has a vulnerability in information management,Successful exploitation of this vulnerability may affect data confidentiality. 2022-01-10 5 CVE-2021-40032
MISC
huawei — harmonyos The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end. 2022-01-10 5.8 CVE-2021-40000
MISC
huawei — harmonyos The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data integrity. 2022-01-10 5 CVE-2021-40028
MISC
huawei — harmonyos The bone voice ID TA has a vulnerability in calculating the buffer length,Successful exploitation of this vulnerability may affect data confidentiality. 2022-01-10 5 CVE-2021-40027
MISC
huawei — harmonyos There is a Heap-based buffer overflow vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity. 2022-01-10 5 CVE-2021-40026
MISC
MISC
huawei — harmonyos The eID module has a vulnerability that causes the memory to be used without being initialized,Successful exploitation of this vulnerability may affect data confidentiality. 2022-01-10 5 CVE-2021-40025
MISC
huawei — harmonyos The weaver module has a vulnerability in parameter type verification,Successful exploitation of this vulnerability may affect data confidentiality. 2022-01-10 5 CVE-2021-40022
MISC
huawei — harmonyos There is an Out-of-bounds write vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity. 2022-01-10 5 CVE-2021-40009
MISC
MISC
huawei — harmonyos The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data confidentiality. 2022-01-10 5 CVE-2021-40021
MISC
huawei — harmonyos There is a Double free vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity. 2022-01-10 5 CVE-2021-40038
MISC
MISC
huawei — harmonyos There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability. 2022-01-10 5 CVE-2021-40029
MISC
MISC
huawei — harmonyos There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity. 2022-01-10 5 CVE-2021-40039
MISC
MISC
huawei — harmonyos There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability. 2022-01-10 5 CVE-2021-40035
MISC
MISC
huawei — harmonyos HwPCAssistant has a path traversal vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. 2022-01-10 5 CVE-2021-40003
MISC
huawei — harmonyos The distributed data service component has a vulnerability in data access control. Successful exploitation of this vulnerability may affect data confidentiality. 2022-01-10 5 CVE-2021-40005
MISC
huawei — harmonyos The CaasKit module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause the MeeTime application to be unavailable. 2022-01-10 5 CVE-2021-40001
MISC
huawei — harmonyos There is a Vulnerability of accessing resources using an incompatible type (type confusion) in the MPTCP subsystem in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart. 2022-01-10 4.9 CVE-2021-40037
MISC
MISC
huawei — harmonyos The bone voice ID trusted application (TA) has a heap overflow vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. 2022-01-10 5 CVE-2021-40014
MISC
huawei — harmonyos The cellular module has a vulnerability in permission management. Successful exploitation of this vulnerability may affect data confidentiality. 2022-01-10 5 CVE-2021-40004
MISC
huawei — harmonyos The eID module has a null pointer reference vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. 2022-01-10 5 CVE-2021-40018
MISC
huawei — harmonyos The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end. 2022-01-10 5.8 CVE-2021-40002
MISC
ibm — security_verify_access IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could disclose sensitive information due to hazardous input validation during QR code generation. IBM X-Force ID: 212040. 2022-01-10 5 CVE-2021-38957
CONFIRM
XF
ibm — security_verify_access IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 210067. 2022-01-10 5 CVE-2021-38921
CONFIRM
XF
ibm — security_verify_access IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could disclose sensitive version information in HTTP response headers that could aid in further attacks against the system. IBM X-Force ID: 212038 2022-01-10 5 CVE-2021-38956
XF
CONFIRM
ibm — security_verify_access IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 209515. 2022-01-10 4 CVE-2021-38894
CONFIRM
XF
ibm — vios IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the mount command which could lead to code execution. IBM X-Force ID: 212952. 2022-01-10 4.6 CVE-2021-38990
XF
CONFIRM
CONFIRM
kentico — kentico_cms Kentico Xperience 13.0.44 allows XSS via an XML document to the Media Libraries subsystem. 2022-01-10 4.3 CVE-2021-46163
MISC
kubernetes — kubernetes kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as Events. 2022-01-07 5.8 CVE-2021-25743
CONFIRM
libexpat_project — libexpat lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. 2022-01-10 6.8 CVE-2022-22825
MISC
libexpat_project — libexpat nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. 2022-01-10 6.8 CVE-2022-22826
MISC
libexpat_project — libexpat storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. 2022-01-10 6.8 CVE-2022-22827
MISC
libmeshb_project — libmeshb A buffer overflow in the GmfOpenMesh() function of libMeshb v7.61 allows attackers to cause a Denial of Service (DoS) via a crafted MESH file. 2022-01-12 4.3 CVE-2021-46225
MISC
MISC
mediawiki — mediawiki An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. A denial of service (resource consumption) can be accomplished by searching for a very long key in a Language Name Search. 2022-01-10 5 CVE-2021-46149
MISC
MISC
mediawiki — mediawiki An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. MassEditRegex allows CSRF. 2022-01-10 6.8 CVE-2021-46147
MISC
MISC
mediawiki — mediawiki An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. Some unprivileged users can view confidential information (e.g., IP addresses and User-Agent headers for election traffic) on a testwiki SecurePoll instance. 2022-01-10 4 CVE-2021-46148
MISC
MISC
MISC
metagauss — registrationmagic The RegistrationMagic WordPress plugin before 5.0.1.6 does not escape user input in its rm_chronos_ajax AJAX action before using it in a SQL statement when duplicating tasks in batches, which could lead to a SQL injection issue 2022-01-10 6.5 CVE-2021-24862
MISC
microsoft — excel Microsoft Office Remote Code Execution Vulnerability. 2022-01-11 6.8 CVE-2022-21840
MISC
microsoft — sharepoint_enterprise_server Microsoft Word Remote Code Execution Vulnerability. 2022-01-11 6.8 CVE-2022-21842
MISC
microsoft — windows_10 Windows IKE Extension Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-21848, CVE-2022-21883, CVE-2022-21889, CVE-2022-21890. 2022-01-11 4.3 CVE-2022-21843
MISC
microsoft — windows_10 Windows Push Notifications Apps Elevation Of Privilege Vulnerability. 2022-01-11 6.9 CVE-2022-21867
MISC
microsoft — windows_10 Windows Accounts Control Elevation of Privilege Vulnerability. 2022-01-11 6.9 CVE-2022-21859
MISC
microsoft — windows_10 Windows Hyper-V Denial of Service Vulnerability. 2022-01-11 4.9 CVE-2022-21847
MISC
microsoft — windows_10 Windows Devices Human Interface Elevation of Privilege Vulnerability. 2022-01-11 6.9 CVE-2022-21868
MISC
microsoft — windows_10 Windows StateRepository API Server file Elevation of Privilege Vulnerability. 2022-01-11 6.9 CVE-2022-21863
MISC
microsoft — windows_10 Windows Application Model Core API Elevation of Privilege Vulnerability. 2022-01-11 6.9 CVE-2022-21862
MISC
mitre — caldera An issue was discovered in CALDERA 2.9.0. The Debrief plugin receives base64 encoded “SVG” parameters when generating a PDF document. These SVG documents are parsed in an unsafe manner and can be leveraged for XXE attacks (e.g., File Exfiltration, Server Side Request Forgery, Out of Band Exfiltration, etc.). 2022-01-12 6.5 CVE-2021-42560
MISC
MISC
philips — engage The affected product is vulnerable to an improper access control, which may allow an authenticated user to gain unauthorized access to sensitive data. 2022-01-10 4 CVE-2021-23173
MISC
pluginus — woocommerce_currency_switcher The WOOCS WordPress plugin before 1.3.7.3 does not sanitise and escape the custom_prices parameter before outputting it back in the response, leading to a Reflected Cross-Site Scripting issue 2022-01-10 4.3 CVE-2021-25043
CONFIRM
MISC
qnap — qts A cross-site scripting (XSS) vulnerability has been reported to affect QTS, QuTS hero and QuTScloud. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of QTS, QuTS hero and QuTScloud: QuTS hero h4.5.4.1771 build 20210825 and later QTS 4.5.4.1787 build 20210910 and later QuTScloud c4.5.7.1864 and later 2022-01-07 4.3 CVE-2021-38674
MISC
qualcomm — apq8009w_firmware Possible denial of service due to incorrectly decoding hex data for the SIB2 OTA message and assigning a garbage value to choice when processing the SRS configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables 2022-01-13 5 CVE-2021-30300
CONFIRM
qualcomm — ar8031_firmware Improper validation of memory region in Hypervisor can lead to incorrect region mapping in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking 2022-01-13 4.6 CVE-2021-30285
CONFIRM
qualcomm — ar8035_firmware Possible assertion due to improper validation of symbols configured for PDCCH monitoring in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile 2022-01-13 5 CVE-2021-30287
CONFIRM
qualcomm — ar8035_firmware Possible denial of service due to improper validation of DNS response when DNS client requests with PTR, NAPTR or SRV query type in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT 2022-01-13 5 CVE-2021-30307
CONFIRM
qualcomm — ar8035_firmware Possible denial of service due to out of memory while processing RRC and NAS OTA message in Snapdragon Auto, Snapdragon Industrial IOT, Snapdragon Mobile 2022-01-13 5 CVE-2021-30301
CONFIRM
rubyonrails — rails A open redirect vulnerability exists in Action Pack >= 6.0.0 that could allow an attacker to craft a “X-Forwarded-Host” headers in combination with certain “allowed host” formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. 2022-01-10 5.8 CVE-2021-44528
MISC
siemens — comos A vulnerability has been identified in COMOS (All versions < V10.4.1). The COMOS Web component of COMOS uses a flawed implementation of CSRF prevention. An attacker could exploit this vulnerability to perform Cross-Site-Request-Forgery attacks. 2022-01-11 6.8 CVE-2021-37198
MISC
siemens — comos A vulnerability has been identified in COMOS (All versions < V10.4.1). The COMOS Web component of COMOS unpacks specially crafted archive files to relative paths. This vulnerability could allow an attacker to store files in any folder accessible by the COMOS Web webservice. 2022-01-11 4 CVE-2021-37196
MISC
siemens — comos A vulnerability has been identified in COMOS (All versions < V10.4.1). The COMOS Web component of COMOS is vulnerable to SQL injections. This could allow an attacker to execute arbitrary SQL statements. 2022-01-11 6.5 CVE-2021-37197
MISC
siemens — comos A vulnerability has been identified in COMOS (All versions < V10.4.1). The COMOS Web component of COMOS accepts arbitrary code as attachment to tasks. This could allow an attacker to inject malicious code that is executed when loading the attachment. 2022-01-11 4.3 CVE-2021-37195
MISC
sismics — teedy In Teedy, versions v1.5 through v1.9 are vulnerable to Reflected Cross-Site Scripting (XSS). The “search term” search functionality is not sufficiently sanitized while displaying the results of the search, which can be leveraged to inject arbitrary scripts. These scripts are executed in a victim’s browser when they enter the crafted URL. In the worst case, the victim who inadvertently triggers the attack is a highly privileged administrator. The injected scripts can extract the Session ID, which can lead to full Account Takeover of the administrator, by an unauthenticated attacker. 2022-01-10 4.3 CVE-2022-22114
MISC
MISC
snipeitapp — snipe-it snipe-it is vulnerable to Improper Access Control 2022-01-12 4.9 CVE-2022-0179
CONFIRM
MISC
soketi_project — soketi soketi is an open-source WebSockets server. There is an unhandled case when reading POST requests which results in the server crashing if it could not read the body of a request. In the event that a POST request is sent to any endpoint of the server with an empty body, even unauthenticated with the Pusher Protocol, it will crash the server. All users that run the server are affected by this vulnerability and it’s highly recommended to upgrade to the latest patch. There are no workarounds for this issue. 2022-01-10 5 CVE-2022-21667
MISC
CONFIRM
MISC
sphinxsearch — sphinx SphinxSearch in Sphinx Technologies Sphinx through 3.1.1 allows directory traversal (in conjunction with CVE-2019-14511) because the mysql client can be used for CALL SNIPPETS and load_file operations on a full pathname (e.g., a file in the /etc directory). NOTE: this is unrelated to CMUSphinx. 2022-01-10 5 CVE-2020-29050
MISC
MISC
MLIST
trendmicro — apex_one A link following denial-of-service vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to overwrite arbitrary files in the context of SYSTEM. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. 2022-01-10 6.6 CVE-2021-44024
MISC
MISC
trendmicro — apex_one A link following denial-of-service vulnerability in Trend Micro Worry-Free Business Security (on prem only) could allow a local attacker to overwrite arbitrary files in the context of SYSTEM. This is similar to, but not the same as CVE-2021-44024. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. 2022-01-10 6.6 CVE-2021-45442
MISC
MISC
ultimaker — ultimaker_s3_firmware In Ultimaker S3 3D printer, Ultimaker S5 3D printer, Ultimaker 3 3D printer S-line through 6.3 and Ultimaker 3 through 5.2.16, the local webserver can be used for clickjacking. This includes the settings page. 2022-01-10 6.8 CVE-2021-34087
MISC
MISC
MISC
ultimaker — ultimaker_s3_firmware In Ultimaker S3 3D printer, Ultimaker S5 3D printer, Ultimaker 3 3D printer S-line through 6.3 and Ultimaker 3 through 5.2.16, the local webserver hosts APIs vulnerable to CSRF. They do not verify incoming requests. 2022-01-10 6.8 CVE-2021-34086
MISC
MISC
MISC
MISC
vim — vim vim is vulnerable to Heap-based Buffer Overflow 2022-01-10 4.3 CVE-2022-0158
CONFIRM
MISC
FEDORA
MLIST
vim — vim vim is vulnerable to Use After Free 2022-01-10 4.3 CVE-2022-0156
MISC
CONFIRM
FEDORA
MLIST
vmware — spring_framework In Spring Framework versions 5.3.0 – 5.3.13, 5.2.0 – 5.2.18, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. This is a follow-up to CVE-2021-22096 that protects against additional types of input and in more places of the Spring Framework codebase. 2022-01-10 4 CVE-2021-22060
MISC
webassembly — binaryen A Stack Overflow vulnerability exists in Binaryen 103 via the printf_common function. 2022-01-10 4.3 CVE-2021-46050
MISC
webassembly — binaryen A Denial of Service vulnerability exists in Binaryen 103. The program terminates with signal SIGKILL. 2022-01-10 4.3 CVE-2021-46053
MISC
webassembly — binaryen A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::readFunctions. 2022-01-10 4.3 CVE-2021-46048
MISC
webassembly — binaryen A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::Tuple::validate. 2022-01-10 4.3 CVE-2021-46052
MISC
webassembly — binaryen A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*). 2022-01-10 4.3 CVE-2021-46054
MISC
webassembly — binaryen A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*). 2022-01-10 4.3 CVE-2021-46055
MISC
wow-company — button_generator The Button Generator WordPress plugin before 2.3.3 within the wow-company admin menu page allows to include() arbitrary file with PHP extension (as well as with data:// or http:// protocols), thus leading to CSRF RCE. 2022-01-10 5.1 CVE-2021-25052
CONFIRM
MISC
wow-company — modal_window The Modal Window WordPress plugin before 5.2.2 within the wow-company admin menu page allows to include() arbitrary file with PHP extension (as well as with data:// or http:// protocols), thus leading to CSRF RCE. 2022-01-10 5.1 CVE-2021-25051
MISC
CONFIRM
wow-company — wp_coder The WP Coder WordPress plugin before 2.5.2 within the wow-company admin menu page allows to include() arbitrary file with PHP extension (as well as with data:// or http:// protocols), thus leading to CSRF RCE. 2022-01-10 5.1 CVE-2021-25053
CONFIRM
MISC
wow-company — wpcalc The WPcalc WordPress plugin through 2.1 does not sanitize user input into the ‘did’ parameter and uses it in a SQL statement, leading to an authenticated SQL Injection vulnerability. 2022-01-10 6.5 CVE-2021-25054
MISC
zohocorp — manageengine_desktop_central Zoho ManageEngine Desktop Central before 10.0.662 allows remote code execution by an authenticated user who has complete access to the Reports module. 2022-01-10 6.5 CVE-2021-46164
MISC
zohocorp — manageengine_desktop_central Zoho ManageEngine Desktop Central before 10.0.662, during startup, launches an executable file from the batch files, but this file’s path might not be properly defined. 2022-01-10 4.6 CVE-2021-46165
MISC
zohocorp — manageengine_desktop_central Zoho ManageEngine Desktop Central before 10.0.662 allows authenticated users to obtain sensitive information from the database by visiting the Reports page. 2022-01-10 4 CVE-2021-46166
MISC

Back to top

 

Low Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
adobe — experience_manager AEM’s Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. 2022-01-13 3.5 CVE-2021-43764
MISC
fit2cloud — halo In Halo, versions v1.0.0 to v1.4.17 (latest) are vulnerable to Stored Cross-Site Scripting (XSS) in the article title. An authenticated attacker can inject arbitrary javascript code that will execute on a victim’s server. 2022-01-13 3.5 CVE-2022-22123
MISC
MISC
MISC
fit2cloud — halo In Halo, versions v1.0.0 to v1.4.17 (latest) are vulnerable to Stored Cross-Site Scripting (XSS) in the profile image. An authenticated attacker can upload a carefully crafted SVG file that will trigger arbitrary javascript to run on a victim’s browser. 2022-01-13 3.5 CVE-2022-22124
MISC
MISC
MISC
google — android Unprotected dynamic receiver in SecSettings prior to SMR Jan-2022 Release 1 allows untrusted applications to launch arbitrary activity. 2022-01-10 2.1 CVE-2022-22263
MISC
google — android Improper sanitization of incoming intent in Dressroom prior to SMR Jan-2022 Release 1 allows local attackers to read and write arbitrary files without permission. 2022-01-10 3.6 CVE-2022-22264
MISC
google — android In StatusBar.java, there is a possible disclosure of notification content on the lockscreen due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11Android ID: A-189575031 2022-01-14 2.1 CVE-2021-39628
MISC
google — android Incorrect implementation of Knox Guard prior to SMR Jan-2022 Release 1 allows physically proximate attackers to temporary unlock the Knox Guard via Samsung DeX mode. 2022-01-10 3.6 CVE-2022-22268
MISC
google — android (Applicable to China models only) Unprotected WifiEvaluationService in TencentWifiSecurity application prior to SMR Jan-2022 Release 1 allows untrusted applications to get WiFi information without proper permission. 2022-01-10 2.1 CVE-2022-22266
MISC
google — android Implicit Intent hijacking vulnerability in ActivityMetricsLogger prior to SMR Jan-2022 Release 1 allows attackers to get running application information. 2022-01-10 2.1 CVE-2022-22267
MISC
google — android Keeping sensitive data in unprotected BluetoothSettingsProvider prior to SMR Jan-2022 Release 1 allows untrusted applications to get a local Bluetooth MAC address. 2022-01-10 2.1 CVE-2022-22269
MISC
google — android A missing input validation before memory copy in TIMA trustlet prior to SMR Jan-2022 Release 1 allows attackers to copy data from arbitrary memory. 2022-01-10 2.1 CVE-2022-22271
MISC
google — android Improper authorization in TelephonyManager prior to SMR Jan-2022 Release 1 allows attackers to get IMSI without READ_PRIVILEGED_PHONE_STATE permission 2022-01-10 2.1 CVE-2022-22272
MISC
huawei — harmonyos The fingerprint module has a security risk of brute force cracking. Successful exploitation of this vulnerability may affect data confidentiality. 2022-01-10 2.1 CVE-2021-40006
MISC
huawei — ws318n-21_firmware There is a Cross-Site Scripting(XSS) vulnerability in HUAWEI WS318n product when processing network settings. Due to insufficient validation of user input, a local authenticated attacker could exploit this vulnerability by injecting special characters. Successful exploit could cause certain information disclosure. Affected product versions include: WS318n-21 10.0.2.2, 10.0.2.5 and 10.0.2.6. 2022-01-10 1.9 CVE-2021-40041
MISC
ibm — security_verify_access IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 209563. 2022-01-10 3.5 CVE-2021-38895
XF
CONFIRM
ivanti — workspace_control A insecure storage of sensitive information vulnerability exists in Ivanti Workspace Control <2021.2 (10.7.30.0) that could allow an attacker with locally authenticated low privileges to obtain key information due to an unspecified attack vector. 2022-01-10 2.1 CVE-2022-21823
MISC
mediawiki — mediawiki An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. Special:CheckUserLog allows CheckUser XSS because of date mishandling, as demonstrated by an XSS payload in MediaWiki:October. 2022-01-10 3.5 CVE-2021-46150
MISC
MISC
mediawiki — mediawiki An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. The WikibaseMediaInfo component is vulnerable to XSS via the caption fields for a given media file. 2022-01-10 3.5 CVE-2021-46146
MISC
MISC
microsoft — windows_10 Windows Event Tracing Discretionary Access Control List Denial of Service Vulnerability. 2022-01-11 2.1 CVE-2022-21839
MISC
phoronix-media — phoronix_test_suite phoronix-test-suite is vulnerable to Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) 2022-01-10 3.5 CVE-2022-0157
CONFIRM
MISC
rangerstudio — directus In Directus, versions 9.0.0-alpha.4 through 9.4.1 allow unrestricted file upload of .html files in the media upload functionality, which leads to Cross-Site Scripting vulnerability. A low privileged attacker can upload a crafted HTML file as a profile avatar, and when an admin or another user opens it, the XSS payload gets triggered. 2022-01-10 3.5 CVE-2022-22117
MISC
MISC
rangerstudio — directus In Directus, versions 9.0.0-alpha.4 through 9.4.1 are vulnerable to stored Cross-Site Scripting (XSS) vulnerability via SVG file upload in media upload functionality. A low privileged attacker can inject arbitrary javascript code which will be executed in a victim’s browser when they open the image URL. 2022-01-10 3.5 CVE-2022-22116
MISC
MISC
sismics — teedy In Teedy, versions v1.5 through v1.9 are vulnerable to Stored Cross-Site Scripting (XSS) in the name of a created Tag. Since the Tag name is not being sanitized properly in the edit tag page, a low privileged attacker can store malicious scripts in the name of the Tag. In the worst case, the victim who inadvertently triggers the attack is a highly privileged administrator. The injected scripts can extract the Session ID, which can lead to full Account Takeover of the administrator, and privileges escalation. 2022-01-10 3.5 CVE-2022-22115
MISC
MISC

Back to top

 

Severity Not Yet Assigned

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
10web_social_photo_feed — 10web_social_photo_feed
 
The 10Web Social Photo Feed WordPress plugin before 1.4.29 was affected by a reflected Cross-Site Scripting (XSS) vulnerability in the wdi_apply_changes admin page, allowing an attacker to perform such attack against any logged in users 2022-01-10 not yet calculated CVE-2021-25047
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44704
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Access of Memory Location After End of Buffer vulnerability that could lead to application denial-of-service. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44712
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in application denial of service. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44713
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a Violation of Secure Design Principles that could lead to a Security feature bypass. Acrobat Reader DC displays a warning message when a user clicks on a PDF file, which could be used by an attacker to mislead the user. In affected versions, this warning message does not include custom protocols when used by the sender. User interaction is required to abuse this vulnerability as they would need to click ‘allow’ on the warning message of a malicious file. 2022-01-14 not yet calculated CVE-2021-44714
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a heap overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44709
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44715
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44707
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a heap overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44708
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44710
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44706
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-45063
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a stack buffer overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44703
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44740
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44701
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44742
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-45060
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-45061
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-45062
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44741
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-45064
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Access of Memory Location After End of Buffer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-45067
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-45068
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44705
MISC
adobe — acrobat_reader_dc
 
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44711
MISC
adobe — acrobat_reader_dc_activex_control
 
Acrobat Reader DC ActiveX Control versions 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a victim must open a maliciously crafted Microsoft Office file, or visit an attacker controlled web page. 2022-01-14 not yet calculated CVE-2021-44739
MISC
adobe — acrobat_reader_dc_activex_control
 
Acrobat Reader DC ActiveX Control versions 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a victim must visit an attacker controlled web page. 2022-01-14 not yet calculated CVE-2021-44702
MISC
adobe — adobe_experience_manager
 
AEM’s Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by a dispatcher bypass vulnerability that could be abused to evade security controls. Sensitive areas of the web application may be exposed through exploitation of the vulnerability. 2022-01-13 not yet calculated CVE-2021-43762
MISC
adobe — adobe_experience_manager
 
AEM’s Cloud Service offering, as well as versions 6.5.7.0 (and below), 6.4.8.3 (and below) and 6.3.3.8 (and below) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. 2022-01-13 not yet calculated CVE-2021-43761
MISC
adobe — bridge
 
Adobe Bridge version 11.1.2 (and earlier) and version 12.0 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44743
MISC
adobe — bridge
 
Adobe Bridge version 11.1.2 (and earlier) and version 12.0 (and earlier) are affected by an use-after-free vulnerability in the processing of Format event actions that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-45051
MISC
adobe — bridge
 
Adobe Bridge version 11.1.2 (and earlier) and version 12.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious TIF file. 2022-01-14 not yet calculated CVE-2021-45052
MISC
adobe — experience_manager
 
AEM Forms Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by an XML External Entity (XXE) injection vulnerability that could be abused by an attacker to achieve RCE. 2022-01-13 not yet calculated CVE-2021-40722
MISC
adobe — illustrator
 
Adobe Illustrator versions 25.4.2 (and earlier) and 26.0.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-43752
MISC
adobe — illustrator
 
Adobe Illustrator versions 25.4.2 (and earlier) and 26.0.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2022-01-14 not yet calculated CVE-2021-44700
MISC
apache — dubbo
 
A deserialization vulnerability existed in dubbo hessian-lite 3.2.11 and its earlier versions, which could lead to malicious code execution. Most Dubbo users use Hessian2 as the default serialization/deserialization protocol, during Hessian catch unexpected exceptions, Hessian will log out some imformation for users, which may cause remote command execution. This issue affects Apache Dubbo Apache Dubbo 2.6.x versions prior to 2.6.12; Apache Dubbo 2.7.x versions prior to 2.7.15; Apache Dubbo 3.0.x versions prior to 3.0.5. 2022-01-10 not yet calculated CVE-2021-43297
MISC
arista — eos
 
An issue has recently been discovered in Arista EOS where the incorrect use of EOS’s AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration. 2022-01-14 not yet calculated CVE-2021-28500
MISC
arista — eos
 
An issue has recently been discovered in Arista EOS where, under certain conditions, the service ACL configured for OpenConfig gNOI and OpenConfig RESTCONF might be bypassed, which results in the denied requests being forwarded to the agent. 2022-01-14 not yet calculated CVE-2021-28507
MISC
arista — eos
 
An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip authorization and authentication which could potentially allow a factory reset of the device. 2022-01-14 not yet calculated CVE-2021-28506
MISC
arista — eos
 
An issue has recently been discovered in Arista EOS where the incorrect use of EOS’s AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration. 2022-01-14 not yet calculated CVE-2021-28501
MISC
arm — mali_gpu_kernel_driver
 
Arm Mali GPU Kernel Driver (Midgard r26p0 through r30p0, Bifrost r0p0 through r34p0, and Valhall r19p0 through r34p0) allows a non-privileged user to achieve write access to read-only memory, and possibly obtain root privileges, corrupt memory, and modify the memory of other processes. 2022-01-14 not yet calculated CVE-2021-44828
MISC
asus — rt-ax56u
 
ASUS RT-AX56U’s login function contains a path traversal vulnerability due to its inadequate filtering for special characters in URL parameters, which allows an unauthenticated local area network attacker to access restricted system paths and download arbitrary files. 2022-01-14 not yet calculated CVE-2022-22054
MISC
authzed — spicedb
 
SpiceDB is a database system for managing security-critical application permissions. Any user making use of a wildcard relationship under the right hand branch of an `exclusion` or within an `intersection` operation will see `Lookup`/`LookupResources` return a resource as “accessible” if it is *not* accessible by virtue of the inclusion of the wildcard in the intersection or the right side of the exclusion. In `v1.3.0`, the wildcard is ignored entirely in lookup’s dispatch, resulting in the `banned` wildcard being ignored in the exclusion. Version 1.4.0 contains a patch for this issue. As a workaround, don’t make use of wildcards on the right side of intersections or within exclusions. 2022-01-11 not yet calculated CVE-2022-21646
MISC
MISC
CONFIRM
MISC
bentley — contextcapture
 
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley ContextCapture 10.18.0.232. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of OBJ files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14785. 2022-01-13 not yet calculated CVE-2021-34985
MISC
MISC
bentley — contextcapture
 
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley ContextCapture 10.18.0.232. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of OBJ files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14784. 2022-01-13 not yet calculated CVE-2021-34984
MISC
MISC
bytecode_viewer — bytecode_viewer
 
Bytecode Viewer (BCV) is a Java/Android reverse engineering suite. Versions of the package prior to 2.11.0 are vulnerable to Arbitrary File Write via Archive Extraction (AKA “Zip Slip”). The vulnerability is exploited using a specially crafted archive that holds directory traversal filenames (e.g. ../../evil.exe). The Zip Slip vulnerability can affect numerous archive formats, including zip, jar, tar, war, cpio, apk, rar and 7z. The attacker can then overwrite executable files and either invoke them remotely or wait for the system or user to call them, thus achieving remote command execution on the victim’s machine. The impact of a Zip Slip vulnerability would allow an attacker to create or overwrite existing files on the filesystem. In the context of a web application, a web shell could be placed within the application directory to achieve code execution. All users should upgrade to BCV v2.11.0 when possible to receive a patch. There are no recommended workarounds aside from upgrading. 2022-01-12 not yet calculated CVE-2022-21675
MISC
CONFIRM
MISC
MISC
checkmk — checkmk
 
A stored cross site scripting (XSS) vulnerability in Checkmk 1.6.0x prior to 1.6.0p19 allows an authenticated remote attacker to inject arbitrary JavaScript via a javascript: URL in a view title. 2022-01-15 not yet calculated CVE-2020-28919
MISC
MISC
MISC
MISC
china_mobile — an_lianbao_wf-1_router
 
China Mobile An Lianbao WF-1 router v1.0.1 is affected by an OS command injection vulnerability in the web interface /api/ZRUsb/pop_usb_device component. 2022-01-14 not yet calculated CVE-2021-33962
MISC
MISC
MISC
MISC
china_mobile — an_lianbao_wf-1_router
 
China Mobile An Lianbao WF-1 v1.0.1 router web interface through /api/ZRMacClone/mac_addr_clone receives parameters by POST request, and the parameter macType has a command injection vulnerability. An attacker can use the vulnerability to execute remote commands. 2022-01-15 not yet calculated CVE-2021-33963
MISC
MISC
MISC
MISC
chronoforms — chronoforms
 
ChronoForms 7.0.7 allows fname Directory Traversal to read arbitrary files. 2022-01-12 not yet calculated CVE-2021-28376
MISC
chronoforums — chronoforums
 
ChronoForums 2.0.11 allows av Directory Traversal to read arbitrary files. 2022-01-12 not yet calculated CVE-2021-28377
MISC
cisco — ip_phone_models
 
A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device. This vulnerability is due to unencrypted storage of confidential information on an affected device. An attacker could exploit this vulnerability by physically extracting and accessing one of the flash memory chips. A successful exploit could allow the attacker to obtain confidential information from the device, which could be used for subsequent attacks. 2022-01-14 not yet calculated CVE-2022-20660
CISCO
FULLDISC
cisco — multiple_products
 
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. 2022-01-11 not yet calculated CVE-2021-1573
CISCO
cisco — multiple_products
 
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. 2022-01-11 not yet calculated CVE-2021-34704
CISCO
cisco — security_manager
 
Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-01-14 not yet calculated CVE-2022-20643
CISCO
cisco — security_manager
 
Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-01-14 not yet calculated CVE-2022-20636
CISCO
cisco — security_manager
 
Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-01-14 not yet calculated CVE-2022-20635
CISCO
cisco — security_manager
 
Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-01-14 not yet calculated CVE-2022-20646
CISCO
cisco — security_manager
 
Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-01-14 not yet calculated CVE-2022-20645
CISCO
cisco — security_manager
 
Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-01-14 not yet calculated CVE-2022-20647
CISCO
cisco — security_manager
 
Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-01-14 not yet calculated CVE-2022-20642
CISCO
cisco — security_manager
 
Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-01-14 not yet calculated CVE-2022-20644
CISCO
cisco — security_manager
 
Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-01-14 not yet calculated CVE-2022-20640
CISCO
cisco — security_manager
 
Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-01-14 not yet calculated CVE-2022-20639
CISCO
cisco — security_manager
 
Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-01-14 not yet calculated CVE-2022-20637
CISCO
cisco — security_manager
 
Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-01-14 not yet calculated CVE-2022-20641
CISCO
cisco — security_manager
 
Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2022-01-14 not yet calculated CVE-2022-20638
CISCO
clam_antivirus_software — vlam_antivirus_software
 
A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper checks that may result in an invalid pointer read. An attacker could exploit this vulnerability by sending a crafted OOXML file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition. 2022-01-14 not yet calculated CVE-2022-20698
CISCO
colors.js — colors.js
 
The package colors after 1.4.0 are vulnerable to Denial of Service (DoS) that was introduced through an infinite loop in the americanFlag module. Unfortunately this appears to have been a purposeful attempt by a maintainer of colors to make the package unusable, other maintainers’ controls over this package appear to have been revoked in an attempt to prevent them from fixing the issue. Vulnerable Code js for (let i = 666; i < Infinity; i++;) { Alternative Remediation Suggested * Pin dependancy to 1.4.0 2022-01-14 not yet calculated CVE-2021-23567
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
commvault — commcell
 
This vulnerability allows remote attackers to bypass authentication on affected installations of Commvault CommCell 11.22.22. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CVSearchService service. The issue results from the lack of proper validation prior to authentication. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-13706. 2022-01-13 not yet calculated CVE-2021-34993
MISC
commvault — commcell
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the DataProvider class. The issue results from the lack of proper validation of a user-supplied string before executing it as JavaScript code. An attacker can leverage this vulnerability to escape the JavaScript sandbox and execute Java code in the context of NETWORK SERVICE. Was ZDI-CAN-13755. 2022-01-13 not yet calculated CVE-2021-34994
MISC
commvault — commcell
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the DownloadCenterUploadHandler class. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this vulnerability to execute code in the context of NETWORK SERVICE. Was ZDI-CAN-13756. 2022-01-13 not yet calculated CVE-2021-34995
MISC
commvault — commcell
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Demo_ExecuteProcessOnGroup workflow. By creating a workflow, an attacker can specify an arbitrary command to be executed. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-13889. 2022-01-13 not yet calculated CVE-2021-34996
MISC
commvault — commcell
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the AppStudioUploadHandler class. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this vulnerability to execute code in the context of NETWORK SERVICE. Was ZDI-CAN-13894. 2022-01-13 not yet calculated CVE-2021-34997
MISC
coreftp — server
 
CoreFTP Server before 727 allows directory traversal (for file creation) by an authenticated attacker via ../ in an HTTP PUT request. 2022-01-10 not yet calculated CVE-2022-22836
MISC
MISC
corenlp — corenlp
 
corenlp is vulnerable to Improper Restriction of XML External Entity Reference 2022-01-13 not yet calculated CVE-2022-0198
MISC
CONFIRM
cortex_xdr — cortex_xdr
 
A local privilege escalation (PE) vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables an authenticated local user to execute programs with elevated privileges. This issue impacts: Cortex XDR agent 5.0 versions earlier than Cortex XDR agent 5.0.12; Cortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.9. 2022-01-12 not yet calculated CVE-2022-0015
MISC
cortex_xdr — cortex_xdr
 
A file information exposure vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables a local attacker to read the contents of arbitrary files on the system with elevated privileges when generating a support file. This issue impacts: Cortex XDR agent 5.0 versions earlier than Cortex XDR agent 5.0.12; Cortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.9; Cortex XDR agent 7.2 versions earlier than Cortex XDR agent 7.2.4; Cortex XDR agent 7.3 versions earlier than Cortex XDR agent 7.3.2. 2022-01-12 not yet calculated CVE-2022-0013
MISC
cortex_xdr — cortex_xdr
 
An untrusted search path vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables a local attacker with file creation privilege in the Windows root directory (such as C:\) to store a program that can then be unintentionally executed by another local user when that user utilizes a Live Terminal session. This issue impacts: Cortex XDR agent 5.0 versions earlier than Cortex XDR agent 5.0.12; Cortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.9; Cortex XDR agent 7.2 versions earlier than Cortex XDR agent 7.2.4; Cortex XDR agent 7.3 versions earlier than Cortex XDR agent 7.3.2. 2022-01-12 not yet calculated CVE-2022-0014
MISC
cortex_xdr — cortex_xdr
 
An improper link resolution before file access vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that enables a local user to delete arbitrary system files and impact the system integrity or cause a denial of service condition. This issue impacts: Cortex XDR agent 5.0 versions earlier than Cortex XDR agent 5.0.12; Cortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.9; Cortex XDR agent 7.2 versions earlier than Cortex XDR agent 7.2.4; Cortex XDR agent 7.3 versions earlier than Cortex XDR agent 7.3.2. 2022-01-12 not yet calculated CVE-2022-0012
MISC
crater — crater
 
crater is vulnerable to Unrestricted Upload of File with Dangerous Type 2022-01-12 not yet calculated CVE-2021-4080
CONFIRM
MISC
crestron — multiple_devices
 
An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web interface of the HDMI switcher is accessed unauthenticated, user credentials are disclosed that are valid to authenticate to the web interface. Specifically, aj.html sends a JSON document with uname and upassword fields. 2022-01-15 not yet calculated CVE-2022-23178
MISC
crow — crow
 
This affects the package Crow before 0.3+4. It is possible to traverse directories to fetch arbitrary files from the server. 2022-01-13 not yet calculated CVE-2021-23514
CONFIRM
CONFIRM
CONFIRM
crow — crow
 
This affects the package Crow before 0.3+4. When using attributes without quotes in the template, an attacker can manipulate the input to introduce additional attributes, potentially executing code. This may lead to a Cross-site Scripting (XSS) vulnerability, assuming an attacker can influence the value entered into the template. If the template is used to render user-generated content, this vulnerability may escalate to a persistent XSS vulnerability. 2022-01-13 not yet calculated CVE-2021-23824
MISC
MISC
MISC
cyberark — endpoint_privilege_manager
 
CyberArk Endpoint Privilege Manager (EPM) through 11.5.3.328 before 2021-12-20 allows a local user to gain elevated privileges via a Trojan horse Procmon64.exe in the user’s Temp directory. 2022-01-15 not yet calculated CVE-2021-44049
CONFIRM
MISC
MISC
MISC
dahua — multiple_products
 
Some Dahua products have access control vulnerability in the password reset process. Attackers can exploit this vulnerability through specific deployments to reset device passwords. 2022-01-13 not yet calculated CVE-2021-33046
MISC
CONFIRM
CONFIRM
daybyday — crm
 
In DayByDay CRM, versions 1.1 through 2.2.1 (latest) suffer from an application-wide Client-Side Template Injection (CSTI). A low privileged attacker can input template injection payloads in the application at various locations to execute JavaScript on the client browser. 2022-01-13 not yet calculated CVE-2022-22112
MISC
MISC
discourse — discourse
 
Discourse is an open source discussion platform. Versions prior to 2.7.13 in `stable`, 2.8.0.beta11 in `beta`, and 2.8.0.beta11 in `tests-passed` allow some users to log in to a community before they should be able to do so. A user invited via email to a forum with `must_approve_users` enabled is going to be automatically logged in, bypassing the check that does not allow unapproved users to sign in. They will be able to do everything an approved user can do. If they logout, they cannot log back in. This issue is patched in the `stable` version 2.7.13, `beta` version 2.8.0.beta11, and `tests-passed` version 2.8.0.beta11. One may disable invites as a workaround. Administrators can increase `min_trust_level_to_allow_invite` to reduce the attack surface to more trusted users. 2022-01-13 not yet calculated CVE-2022-21684
MISC
CONFIRM
MISC
discourse — discourse
 
Discourse is an open source discussion platform. Prior to version 2.8.0.beta11 in the `tests-passed` branch, version 2.8.0.beta11 in the `beta` branch, and version 2.7.13 in the `stable` branch, the bios of users who made their profiles private were still visible in the `<meta>` tags on their users’ pages. The problem is patched in `tests-passed` version 2.8.0.beta11, `beta` version 2.8.0.beta11, and `stable` version 2.7.13 of Discourse. 2022-01-13 not yet calculated CVE-2022-21678
MISC
CONFIRM
MISC
discourse — discourse
 
Discourse is an open source discussion platform. Discourse groups can be configured with varying visibility levels for the group as well as the group members. By default, a newly created group has its visibility set to public and the group’s members visibility set to public as well. However, a group’s visibility and the group’s members visibility can be configured such that it is restricted to logged on users, members of the group or staff users. A vulnerability has been discovered in versions prior to 2.7.13 and 2.8.0.beta11 where the group advanced search option does not respect the group’s visibility and members visibility level. As such, a group with restricted visibility or members visibility can be revealed through search with the right search option. This issue is patched in `stable` version 2.7.13, `beta` version 2.8.0.beta11, and `tests-passed` version 2.8.0.beta11 versions of Discourse. There are no workarounds aside from upgrading. 2022-01-14 not yet calculated CVE-2022-21677
MISC
CONFIRM
django — django_cms
 
Django CMS 3.7.3 does not validate the plugin_type parameter while generating error messages for an invalid plugin type, resulting in a Cross Site Scripting (XSS) vulnerability. The vulnerability allows an attacker to execute arbitrary JavaScript code in the web browser of the affected user. 2022-01-12 not yet calculated CVE-2021-44649
MISC
MISC
dnslib — dnslib
 
The dnslib package through 0.9.16 for Python does not verify that the ID value in a DNS reply matches an ID value in a query. 2022-01-10 not yet calculated CVE-2022-22846
MISC
docker — docker_desktop
 
Docker Desktop version 4.3.0 and 4.3.1 has a bug that may log sensitive information (access token or password) on the user’s machine during login. This only affects users if they are on Docker Desktop 4.3.0, 4.3.1 and the user has logged in while on 4.3.0, 4.3.1. Gaining access to this data would require having access to the user’s local files. 2022-01-12 not yet calculated CVE-2021-45449
MISC
dolibarr — dolibarr
 
dolibarr is vulnerable to Improper Neutralization of Special Elements used in an SQL Command 2022-01-14 not yet calculated CVE-2022-0224
MISC
CONFIRM
dolibarr — dolibarr
 
dolibarr is vulnerable to Business Logic Errors 2022-01-10 not yet calculated CVE-2022-0174
MISC
CONFIRM
download_monitor — download_monitor
 
Authenticated Reflected Cross-Site Scripting (XSS) vulnerability discovered in WordPress plugin Download Monitor (versions <= 4.4.6). 2022-01-14 not yet calculated CVE-2021-36920
CONFIRM
CONFIRM
edgerover — desktop
 
File and directory permissions have been corrected to prevent unintended users from modifying or accessing resources. 2022-01-13 not yet calculated CVE-2022-22988
MISC
element-it — http_commander
 
A cross-site scripting (XSS) vulnerability in the “Zip content” feature in Element-IT HTTP Commander 3.1.9 allows remote authenticated users to inject arbitrary web script or HTML via filenames. 2022-01-13 not yet calculated CVE-2021-40813
MISC
MISC
elementor-pro — elementor-pro
 
The Plus Addons for Elementor – Pro WordPress plugin before 5.0.7 does not validate the qvquery parameter of the tp_get_dl_post_info_ajax AJAX action, which could allow unauthenticated users to retrieve sensitive information, such as private and draft posts 2022-01-10 not yet calculated CVE-2021-24948
MISC
MISC
elementor-pro — elementor-pro
 
The “WP Search Filters” widget of The Plus Addons for Elementor – Pro WordPress plugin before 5.0.7 does not sanitise and escape the option parameter before using it in a SQL statement, which could lead to SQL injection 2022-01-10 not yet calculated CVE-2021-24949
MISC
MISC
eyoucms — eyoucms
 
eyouCMS V1.5.5-UTF8-SP3_1 suffers from Arbitrary file deletion due to insufficient filtering of the parameter filename. 2022-01-14 not yet calculated CVE-2021-46255
MISC
fig2dev — fig2dev
 
A denial of service vulnerabiity exists in fig2dev through 3.28a due to a segfault in the open_stream function in readpics.c. 2022-01-12 not yet calculated CVE-2021-37530
MISC
fig2dev — fig2dev
 
A double-free vulnerability exists in fig2dev through 3.28a is affected by: via the free_stream function in readpics.c, which could cause a denial of service (context-dependent). 2022-01-12 not yet calculated CVE-2021-37529
MISC
flatpak — flatpak
 
Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak doesn’t properly validate that the permissions displayed to the user for an app at install time match the actual permissions granted to the app at runtime, in the case that there’s a null byte in the metadata file of an app. Therefore apps can grant themselves permissions without the consent of the user. Flatpak shows permissions to the user during install by reading them from the “xa.metadata” key in the commit metadata. This cannot contain a null terminator, because it is an untrusted GVariant. Flatpak compares these permissions to the *actual* metadata, from the “metadata” file to ensure it wasn’t lied to. However, the actual metadata contents are loaded in several places where they are read as simple C-style strings. That means that, if the metadata file includes a null terminator, only the content of the file from *before* the terminator gets compared to xa.metadata. Thus, any permissions that appear in the metadata file after a null terminator are applied at runtime but not shown to the user. So maliciously crafted apps can give themselves hidden permissions. Users who have Flatpaks installed from untrusted sources are at risk in case the Flatpak has a maliciously crafted metadata file, either initially or in an update. This issue is patched in versions 1.12.3 and 1.10.6. As a workaround, users can manually check the permissions of installed apps by checking the metadata file or the xa.metadata key on the commit metadata. 2022-01-12 not yet calculated CVE-2021-43860
MISC
MISC
MISC
MISC
CONFIRM
MISC
MISC
MISC
FEDORA
flatpak — flatpak
 
Flatpak is a Linux application sandboxing and distribution framework. A path traversal vulnerability affects versions of Flatpak prior to 1.12.3 and 1.10.6. flatpak-builder applies `finish-args` last in the build. At this point the build directory will have the full access that is specified in the manifest, so running `flatpak build` against it will gain those permissions. Normally this will not be done, so this is not problem. However, if `–mirror-screenshots-url` is specified, then flatpak-builder will launch `flatpak build –nofilesystem=host appstream-utils mirror-screenshots` after finalization, which can lead to issues even with the `–nofilesystem=host` protection. In normal use, the only issue is that these empty directories can be created wherever the user has write permissions. However, a malicious application could replace the `appstream-util` binary and potentially do something more hostile. This has been resolved in Flatpak 1.12.3 and 1.10.6 by changing the behaviour of `–nofilesystem=home` and `–nofilesystem=host`. 2022-01-13 not yet calculated CVE-2022-21682
CONFIRM
MISC
MISC
FEDORA
follow-redirects — follow-redirects
 
follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor 2022-01-10 not yet calculated CVE-2022-0155
CONFIRM
MISC
formpipe — lasernet
 
Formpipe Lasernet before 9.13.3 allows file inclusion in Client Web Services (either by an authenticated attacker, or in a configuration that does not require authentication). 2022-01-10 not yet calculated CVE-2022-22847
CONFIRM
gcc — gcc
 
GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service (DoS) by consuming excessive CPU and memory resources. 2022-01-14 not yet calculated CVE-2021-46195
MISC
gnome — gnome
 
GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12. 2022-01-12 not yet calculated CVE-2021-44648
MISC
MISC
gnu — recutils
 
An Use-After-Free vulnerability in rec_record_destroy() at rec-record.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash. 2022-01-14 not yet calculated CVE-2021-46021
MISC
gnu — recutils
 
An Use-After-Free vulnerability in rec_mset_elem_destroy() at rec-mset.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash. 2022-01-14 not yet calculated CVE-2021-46022
MISC
gnu — recutils
 
An untrusted pointer dereference in rec_db_destroy() at rec-db.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash. 2022-01-14 not yet calculated CVE-2021-46019
MISC
gnu_c_library — gnu_c_library
 
The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution. 2022-01-14 not yet calculated CVE-2022-23218
MISC
gnu_c_library — gnu_c_library
 
The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution. 2022-01-14 not yet calculated CVE-2022-23219
MISC
google — android
 
In inotify_cb of events.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-202159709 2022-01-14 not yet calculated CVE-2021-39632
MISC
google — android
 
In sortSimPhoneAccountsForEmergency of CreateConnectionProcessor.java, there is a possible prevention of access to emergency calling due to an unhandled exception. In rare instances, this could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-208267659 2022-01-14 not yet calculated CVE-2021-39659
MISC
google — android
 
In mgm_alloc_page of memory_group_manager.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-201677538References: N/A 2022-01-14 not yet calculated CVE-2021-39682
MISC
google — android
 
In copy_from_mbox of sss_ice_util.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-202003354References: N/A 2022-01-14 not yet calculated CVE-2021-39683
MISC
google — android
 
In target_init of gs101/abl/target/slider/target.c, there is a possible allocation of RWX memory due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-203250788References: N/A 2022-01-14 not yet calculated CVE-2021-39684
MISC
google — android
 
In <TBD> of <TBD>, there is a possible bypass of Factory Reset Protection due to <TBD>. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-171742549References: N/A 2022-01-14 not yet calculated CVE-2021-39678
MISC
google — android
 
In init of vendor_graphicbuffer_meta.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-188745089References: N/A 2022-01-14 not yet calculated CVE-2021-39679
MISC
google — android
 
In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-194695497 2022-01-14 not yet calculated CVE-2021-39626
MISC
google — android
 
In gre_handle_offloads of ip_gre.c, there is a possible page fault due to an invalid memory access. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-150694665References: Upstream kernel 2022-01-14 not yet calculated CVE-2021-39633
MISC
google — android
 
In delete_protocol of main.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-200251074References: N/A 2022-01-14 not yet calculated CVE-2021-39681
MISC
google — android
 
In executeRequest of OverlayManagerService.java, there is a possible way to control fabricated overlays from adb shell due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-202768292 2022-01-14 not yet calculated CVE-2021-39630
MISC
google — android
 
In phTmlNfc_Init and phTmlNfc_CleanUp of phTmlNfc.cc, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-197353344 2022-01-14 not yet calculated CVE-2021-39629
MISC
google — android
 
In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-185126549 2022-01-14 not yet calculated CVE-2021-39627
MISC
google — android
 
In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-185126319 2022-01-14 not yet calculated CVE-2021-39621
MISC
google — android
 
Hacker one bug ID: 1343975Product: AndroidVersions: Android SoCAndroid ID: A-204256722 2022-01-14 not yet calculated CVE-2021-1049
MISC
google — android
 
The broadcast that DevicePickerFragment sends when a new device is paired doesn’t have any permission checks, so any app can register to listen for it. This lets apps keep track of what devices are paired without requesting BLUETOOTH permissions.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-162951906 2022-01-14 not yet calculated CVE-2021-1037
MISC
google — android
 
In LocationSettingsActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-182812255 2022-01-14 not yet calculated CVE-2021-1036
MISC
google — android
 
In fs/eventpoll.c, there is a possible use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-204450605References: Upstream kernel 2022-01-14 not yet calculated CVE-2021-39634
MISC
google — android
 
In sec_SHA256_Transform of sha256_core.c, there is a possible way to read heap data due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-197965864References: N/A 2022-01-14 not yet calculated CVE-2021-39680
MISC
gpac — gpac
 
GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gf_list_last(). This vulnerability allows attackers to cause a Denial of Service (DoS). 2022-01-14 not yet calculated CVE-2021-45760
MISC
gpac — gpac
 
GPAC 1.1.0 was discovered to contain an invalid memory address dereference via the function lsr_read_id(). This vulnerability can lead to a Denial of Service (DoS). 2022-01-14 not yet calculated CVE-2021-45767
MISC
gpac — gpac
 
A heab-based buffer overflow vulnerability exists in MP4Box in GPAC 1.0.1 via media.c, which allows attackers to cause a denial of service or execute arbitrary code via a crafted file. 2022-01-10 not yet calculated CVE-2021-36414
MISC
gpac — gpac
 
A heap-based buffer overflow vulnerability exists in MP4Box in GPAC 1.0.1 via the gp_rtp_builder_do_mpeg12_video function, which allows attackers to possibly have unspecified other impact via a crafted file in the MP4Box command, 2022-01-10 not yet calculated CVE-2021-36412
MISC
gpac — gpac
 
GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gf_sg_vrml_mf_reset(). This vulnerability allows attackers to cause a Denial of Service (DoS). 2022-01-14 not yet calculated CVE-2021-45762
MISC
gpac — gpac
 
GPAC v1.1.0 was discovered to contain an invalid call in the function gf_node_changed(). This vulnerability can lead to a Denial of Service (DoS). 2022-01-14 not yet calculated CVE-2021-45763
MISC
gpac — gpac
 
GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function shift_chunk_offsets.isra(). 2022-01-14 not yet calculated CVE-2021-45764
MISC
h2database — h2databse
 
The org.h2.util.JdbcUtils.getConnection method of the H2 database takes as parameters the class name of the driver and URL of the database. An attacker may pass a JNDI driver name and a URL leading to a LDAP or RMI servers, causing remote code execution. This can be exploited through various attack vectors, most notably through the H2 Console which leads to unauthenticated remote code execution. 2022-01-10 not yet calculated CVE-2021-42392
MISC
MISC
halo — halo
 
In Halo, versions v1.0.0 to v1.4.17 (latest) are vulnerable to Stored Cross-Site Scripting (XSS) in the article tag. An authenticated admin attacker can inject arbitrary javascript code that will execute on a victim’s server. 2022-01-13 not yet calculated CVE-2022-22125
MISC
MISC
MISC
hermes — hermes
 
By passing invalid javascript code where await and yield were called upon non-async and non-generator getter/setter functions, Hermes would invoke generator functions and error out on invalid await/yield positions. This could result in segmentation fault as a consequence of type confusion error, with a low chance of RCE. This issue affects Hermes versions prior to v0.10.0. 2022-01-15 not yet calculated CVE-2021-24044
CONFIRM
hp — designjet_products
 
Certain HP DesignJet products may be vulnerable to unauthenticated HTTP requests which allow viewing and downloading of print job previews. 2022-01-14 not yet calculated CVE-2021-3965
MISC
ibm — aix_and_vios
 
IBM AIX 7.0, 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the lscore command which could lead to code execution. IBM X-Force ID: 212953. 2022-01-11 not yet calculated CVE-2021-38991
XF
CONFIRM
ibm — extended_dynamic_remote_sql_server
 
The IBM i 7.1, 7.2, 7.3, and 7.4 Extended Dynamic Remote SQL server (EDRSQL) could allow a remote authenticated user to send a specially crafted request and cause a denial of service. IBM X-Force ID: 214537. 2022-01-13 not yet calculated CVE-2021-39056
XF
CONFIRM
ibm — multiple_products
 
IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 as well as IBM Rational Team Concert 6.0.6 and 6.0.6.1 could allow an authenticated attacker to obtain sensitive information from build definitions that could aid in further attacks against the system. IBM X-Force ID: 200657. 2022-01-11 not yet calculated CVE-2021-29701
CONFIRM
XF
ibm — planning analytics_and_planning_analytics_workspace
 
IBM Planning Analytics 2.0 and IBM Planning Analytics Workspace 2.0 DQM API allows submitting of all control requests in unauthenticated sessions. This allows a remote threat actor who can access (without previous authentication) a valid PA endpoint to read and write files to the IBM Planning Analytics system. Depending on file system permissions up to path traversal and possibly remote code execution. IBM X-Force ID: 209511. 2022-01-12 not yet calculated CVE-2021-38892
XF
CONFIRM
ibm — sterling_gentran:server_for_windows
 
IBM Sterling Gentran:Server for Microsoft Windows 5.3 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 213962. 2022-01-14 not yet calculated CVE-2021-39032
XF
CONFIRM
imperva — web_application_firewall
 
Imperva Web Application Firewall (WAF) before 2021-12-23 allows remote unauthenticated attackers to use “Content-Encoding: gzip” to evade WAF security controls and send malicious HTTP POST requests to web servers behind the WAF. 2022-01-14 not yet calculated CVE-2021-45468
MISC
jenkins — jenkins Jenkins Publish Over SSH Plugin 1.22 and earlier does not escape the SSH server name, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Overall/Administer permission. 2022-01-12 not yet calculated CVE-2022-23110
CONFIRM
MLIST
jenkins — jenkins
 
Jenkins Docker Commons Plugin 1.17 and earlier does not sanitize the name of an image or a tag, resulting in an OS command execution vulnerability exploitable by attackers with Item/Configure permission or able to control the contents of a previously configured job’s SCM repository. 2022-01-12 not yet calculated CVE-2022-20617
CONFIRM
MLIST
jenkins — jenkins
 
Jenkins Metrics Plugin 4.0.2.8 and earlier stores an access key unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. 2022-01-12 not yet calculated CVE-2022-20621
CONFIRM
MLIST
jenkins — jenkins
 
Missing permission checks in Jenkins SSH Agent Plugin 1.23 and earlier allows attackers with Overall/Read access to enumerate credentials IDs of credentials stored in Jenkins. 2022-01-12 not yet calculated CVE-2022-20620
CONFIRM
MLIST
jenkins — jenkins
 
A cross-site request forgery (CSRF) vulnerability in Jenkins Bitbucket Branch Source Plugin 737.vdf9dc06105be and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. 2022-01-12 not yet calculated CVE-2022-20619
CONFIRM
MLIST
jenkins — jenkins
 
A cross-site request forgery (CSRF) vulnerability in Jenkins 2.329 and earlier, LTS 2.319.1 and earlier allows attackers to trigger build of job without parameters when no security realm is set. 2022-01-12 not yet calculated CVE-2022-20612
CONFIRM
MLIST
jenkins — jenkins
 
Jenkins Active Directory Plugin 2.25 and earlier does not encrypt the transmission of data between the Jenkins controller and Active Directory servers in most configurations. 2022-01-12 not yet calculated CVE-2022-23105
CONFIRM
MLIST
jenkins — jenkins
 
Jenkins Configuration as Code Plugin 1.55 and earlier used a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a valid authentication token. 2022-01-12 not yet calculated CVE-2022-23106
CONFIRM
MLIST
jenkins — jenkins
 
Jenkins Warnings Next Generation Plugin 9.10.2 and earlier does not restrict the name of a file when configuring custom ID, allowing attackers with Item/Configure permission to write and read specific files with a hard-coded suffix on the Jenkins controller file system. 2022-01-12 not yet calculated CVE-2022-23107
CONFIRM
MLIST
jenkins — jenkins
 
Jenkins Badge Plugin 1.9 and earlier does not escape the description and does not check for allowed protocols when creating a badge, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. 2022-01-12 not yet calculated CVE-2022-23108
CONFIRM
MLIST
jenkins — jenkins
 
A cross-site request forgery (CSRF) vulnerability in Jenkins Publish Over SSH Plugin 1.22 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials. 2022-01-12 not yet calculated CVE-2022-23111
CONFIRM
MLIST
jenkins — jenkins
 
A missing permission check in Jenkins Publish Over SSH Plugin 1.22 and earlier allows attackers with Overall/Read access to connect to an attacker-specified SSH server using attacker-specified credentials. 2022-01-12 not yet calculated CVE-2022-23112
CONFIRM
MLIST
jenkins — jenkins
 
A missing permission check in Jenkins Bitbucket Branch Source Plugin 737.vdf9dc06105be and earlier allows attackers with Overall/Read access to enumerate credentials IDs of credentials stored in Jenkins. 2022-01-12 not yet calculated CVE-2022-20618
CONFIRM
MLIST
jenkins — jenkins
 
Jenkins Publish Over SSH Plugin 1.22 and earlier performs a validation of the file name specifying whether it is present or not, resulting in a path traversal vulnerability allowing attackers with Item/Configure permission to discover the name of the Jenkins controller files. 2022-01-12 not yet calculated CVE-2022-23113
CONFIRM
MLIST
jenkins — jenkins
 
Jenkins HashiCorp Vault Plugin 3.7.0 and earlier does not mask Vault credentials in Pipeline build logs or in Pipeline step descriptions when Pipeline: Groovy Plugin 2.85 or later is installed. 2022-01-12 not yet calculated CVE-2022-23109
CONFIRM
MLIST
jenkins — jenkins
 
A cross-site request forgery (CSRF) vulnerability in Jenkins Mailer Plugin 391.ve4a_38c1b_cf4b_ and earlier allows attackers to use the DNS used by the Jenkins instance to resolve an attacker-specified hostname. 2022-01-12 not yet calculated CVE-2022-20613
CONFIRM
MLIST
jenkins — jenkins
 
Jenkins Credentials Binding Plugin 1.27 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read access to validate if a credential ID refers to a secret file credential and whether it’s a zip file. 2022-01-12 not yet calculated CVE-2022-20616
CONFIRM
MLIST
jenkins — jenkins
 
Jenkins Debian Package Builder Plugin 1.6.11 and earlier implements functionality that allows agents to invoke command-line `git` at an attacker-specified path on the controller, allowing attackers able to control agent processes to invoke arbitrary OS commands on the controller. 2022-01-12 not yet calculated CVE-2022-23118
CONFIRM
MLIST
jenkins — jenkins
 
Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able to control agent processes to retrieve all username/password credentials stored on the Jenkins controller. 2022-01-12 not yet calculated CVE-2022-23117
CONFIRM
MLIST
jenkins — jenkins
 
Jenkins Publish Over SSH Plugin 1.22 and earlier stores password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. 2022-01-12 not yet calculated CVE-2022-23114
CONFIRM
MLIST
jenkins — jenkins
 
Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able to control agent processes to decrypt secrets stored in Jenkins obtained through another method. 2022-01-12 not yet calculated CVE-2022-23116
CONFIRM
MLIST
jenkins — jenkins
 
Jenkins Matrix Project Plugin 1.19 and earlier does not escape HTML metacharacters in node and label names, and label descriptions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Agent/Configure permission. 2022-01-12 not yet calculated CVE-2022-20615
CONFIRM
MLIST
jenkins — jenkins
 
A missing permission check in Jenkins Mailer Plugin 391.ve4a_38c1b_cf4b_ and earlier allows attackers with Overall/Read access to use the DNS used by the Jenkins instance to resolve an attacker-specified hostname. 2022-01-12 not yet calculated CVE-2022-20614
CONFIRM
MLIST
jenkins — jenkins
 
Cross-site request forgery (CSRF) vulnerabilities in Jenkins batch task Plugin 1.19 and earlier allows attackers with Overall/Read access to retrieve logs, build or delete a batch task. 2022-01-12 not yet calculated CVE-2022-23115
CONFIRM
MLIST
jerryscript — jerryscript
 
An issue was discovered in JerryScript commit a6ab5e9. There is an Use-After-Free in lexer_compare_identifier_to_string in js-lexer.c file. 2022-01-14 not yet calculated CVE-2021-46170
MISC
jpress — jpress
 
jpress v4.2.0 admin panel provides a function through which attackers can modify the template and inject some malicious code. 2022-01-13 not yet calculated CVE-2021-45806
MISC
MISC
MISC
jpress — jpress
 
jpress v4.2.0 is vulnerable to command execution via io.jpress.web.admin._AddonController::doUploadAndInstall. 2022-01-13 not yet calculated CVE-2021-45807
MISC
MISC
MISC
keystonejs — keystone
 
keystone is vulnerable to Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) 2022-01-12 not yet calculated CVE-2022-0087
CONFIRM
MISC
le-yan — dental_management_system
 
The Le-yan dental management system contains a hard-coded credentials vulnerability in the web page source code, which allows an unauthenticated remote attacker to acquire administrator’s privilege and control the system or disrupt service. 2022-01-14 not yet calculated CVE-2022-22056
MISC
le-yan — dental_management_system
 
The Le-yan dental management system contains an SQL-injection vulnerability. An unauthenticated remote attacker can inject SQL commands into the input field of the login page to acquire administrator’s privilege and perform arbitrary operations on the system or disrupt service. 2022-01-14 not yet calculated CVE-2022-22055
MISC
lens — lens
 
In Lens prior to 5.3.4, custom helm chart configuration creates helm commands from string concatenation of provided arguments which are then executed in the user’s shell. Arguments can be provided which cause arbitrary shell commands to run on the system. 2022-01-10 not yet calculated CVE-2021-23154
MISC
lens — lens
 
Linux users running Lens 5.2.6 and earlier could be compromised by visiting a malicious website. The malicious website could make websocket connections from the victim’s browser to Lens and so operate the local terminal feature. This would allow the attacker to execute arbitrary commands as the Lens user. 2022-01-10 not yet calculated CVE-2021-44458
MISC
libreswan — libreswan
 
Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state object exists. This is fixed in 4.6. 2022-01-15 not yet calculated CVE-2022-23094
MISC
MISC
DEBIAN
libtiff — libtiff
 
LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field. 2022-01-10 not yet calculated CVE-2022-22844
MISC
MISC
linux — kernel
 
kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types. 2022-01-14 not yet calculated CVE-2022-23222
MISC
MLIST
linux — linux_kernel
 
nf_tables_newset in net/netfilter/nf_tables_api.c in the Linux kernel before 5.12.13 allows local users to cause a denial of service (NULL pointer dereference and general protection fault) because of the missing initialization for nft_set_elem_expr_alloc. A local user can set a netfilter table expression in their own namespace. 2022-01-11 not yet calculated CVE-2021-46283
MISC
MISC
MISC
livehelperchat — livehelperchat
 
livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) 2022-01-14 not yet calculated CVE-2022-0226
CONFIRM
MISC
livehelperchat — livehelperchat
 
livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) 2022-01-14 not yet calculated CVE-2022-0231
MISC
CONFIRM
lorensberg — connect
 
** DISPUTED ** Lorensbergs Connect2 3.13.7647.20190 is affected by an XSS vulnerability. Exploitation requires administrator privileges and is performed through the Wizard editor of the application. The attack requires an administrator to go into the Wizard editor and enter an XSS payload within the Page title, Page Instructions, Text before, Text after, or Text on side box. Once this has been done, the administrator must click save and finally wait until any user of the application performs a booking for rental items in the booking area of the application, where the XSS triggers. NOTE: another perspective is that the administrator may require JavaScript to customize any aspect of the page rendering. There is no effective way for the product to defend users in the face of a malicious administrator. 2022-01-12 not yet calculated CVE-2021-43960
MISC
MISC
lua — lua
 
Lua 5.4.4 and 5.4.2 are affected by SEGV by type confusion in funcnamefromcode function in ldebug.c which can cause a local denial of service. 2022-01-11 not yet calculated CVE-2021-44647
MISC
MISC
make-ca — make-ca
 
make-ca is a utility to deliver and manage a complete PKI configuration for workstations and servers. Starting with version 0.9 and prior to version 1.10, make-ca misinterprets Mozilla certdata.txt and treats explicitly untrusted certificates like trusted ones, causing those explicitly untrusted certificates trusted by the system. The explicitly untrusted certificates were used by some CAs already hacked. Hostile attackers may perform a MIM attack exploiting them. Everyone using the affected versions of make-ca should upgrade to make-ca-1.10, and run `make-ca -f -g` as the `root` user to regenerate the trusted store immediately. As a workaround, users may delete the untrusted certificates from /etc/pki/tls and /etc/ssl/certs manually (or by a script), but this is not recommended because the manual changes will be overwritten next time running make-ca to update the trusted anchor. 2022-01-10 not yet calculated CVE-2022-21672
CONFIRM
MISC
MISC
MISC
markdown-it — markdown-it
 
markdown-it is a Markdown parser. Prior to version 1.3.2, special patterns with length greater than 50 thousand characterss could slow down the parser significantly. Users should upgrade to version 12.3.2 to receive a patch. There are no known workarounds aside from upgrading. 2022-01-10 not yet calculated CVE-2022-21670
MISC
CONFIRM
markedjs — marked
 
Marked is a markdown parser and compiler. Prior to version 4.0.10, the regular expression `block.def` may cause catastrophic backtracking against some strings and lead to a regular expression denial of service (ReDoS). Anyone who runs untrusted markdown through a vulnerable version of marked and does not use a worker with a time limit may be affected. This issue is patched in version 4.0.10. As a workaround, avoid running untrusted markdown through marked or run marked on a worker thread and set a reasonable time limit to prevent draining resources. 2022-01-14 not yet calculated CVE-2022-21680
CONFIRM
MISC
MISC
markedjs — marked
 
Marked is a markdown parser and compiler. Prior to version 4.0.10, the regular expression `inline.reflinkSearch` may cause catastrophic backtracking against some strings and lead to a denial of service (DoS). Anyone who runs untrusted markdown through a vulnerable version of marked and does not use a worker with a time limit may be affected. This issue is patched in version 4.0.10. As a workaround, avoid running untrusted markdown through marked or run marked on a worker thread and set a reasonable time limit to prevent draining resources. 2022-01-14 not yet calculated CVE-2022-21681
CONFIRM
MISC
martdevelopers_inc — iresturant
 
MartDevelopers Inc iResturant v1.0 allows Stored XSS by placing a payload in the username field during a login attempt. When an administrator looks at the log of failed logins, the XSS payload will be executed. 2022-01-12 not yet calculated CVE-2021-43436
MISC
MISC
mattermost — focalboard
 
In Mattermost Focalboard, versions prior to v0.7.5, v0.8.4, v0.9.5, v0.10.1 and v0.11.0-rc1; as used respectively in Mattermost, versions prior to v5.37.6, v5.39.3, v6.0.4, v6.1.1 and v6.2.0, are vulnerable to Insufficient Session Expiration. When a user initiates a logout, their session is not invalidated properly. In addition, user sessions are stored in the browser’s local storage, which by default does not have an expiration time. This makes it possible for an attacker to steal and reuse the cookies using techniques such as XSS attacks, to completely take over a victim account. 2022-01-13 not yet calculated CVE-2022-22122
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
mcafee — techcheck
 
Uncontrolled search path element vulnerability in McAfee TechCheck prior to 4.0.0.2 allows a local administrator to load their own Dynamic Link Library (DLL) gaining elevation of privileges to system user. This was achieved through placing the malicious DLL in the same directory that the process was run from. 2022-01-11 not yet calculated CVE-2022-0129
CONFIRM
micro_focus — arcsight_enterprise_security_manager
 
Potential vulnerabilities have been identified in Micro Focus ArcSight Enterprise Security Manager, affecting versions 7.4.x and 7.5.x. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS). 2022-01-14 not yet calculated CVE-2021-38126
MISC
micro_focus — arcsight_enterprise_security_manager
 
Potential vulnerabilities have been identified in Micro Focus ArcSight Enterprise Security Manager, affecting versions 7.4.x and 7.5.x. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS). 2022-01-14 not yet calculated CVE-2021-38127
MISC
microsoft — .net_framework
 
.NET Framework Denial of Service Vulnerability. 2022-01-11 not yet calculated CVE-2022-21911
MISC
microsoft — dynamics_365_customer_engagement
 
Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability. 2022-01-11 not yet calculated CVE-2022-21932
MISC
microsoft — dynamics_365_sales
 
Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability. 2022-01-11 not yet calculated CVE-2022-21891
MISC
microsoft — edge
 
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21930, CVE-2022-21931. 2022-01-11 not yet calculated CVE-2022-21929
MISC
microsoft — edge
 
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21970. 2022-01-11 not yet calculated CVE-2022-21954
MISC
microsoft — edge
 
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21929, CVE-2022-21931. 2022-01-11 not yet calculated CVE-2022-21930
MISC
microsoft — edge
 
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21929, CVE-2022-21930. 2022-01-11 not yet calculated CVE-2022-21931
MISC
microsoft — edge
 
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21954. 2022-01-11 not yet calculated CVE-2022-21970
MISC
microsoft — exchange_server
 
Microsoft Exchange Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21846, CVE-2022-21855. 2022-01-11 not yet calculated CVE-2022-21969
MISC
microsoft — hevc_video_extensions
 
HEVC Video Extensions Remote Code Execution Vulnerability. 2022-01-11 not yet calculated CVE-2022-21917
MISC
microsoft — windows Windows IKE Extension Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-21843, CVE-2022-21848, CVE-2022-21889, CVE-2022-21890. 2022-01-11 not yet calculated CVE-2022-21883
MISC
microsoft — windows
 
Windows GDI Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21903
MISC
microsoft — windows
 
DirectX Graphics Kernel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21912. 2022-01-11 not yet calculated CVE-2022-21898
MISC
microsoft — windows
 
Windows GDI+ Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-21880. 2022-01-11 not yet calculated CVE-2022-21915
MISC
microsoft — windows
 
Windows Extensible Firmware Interface Security Feature Bypass Vulnerability. 2022-01-11 not yet calculated CVE-2022-21899
MISC
MISC
microsoft — windows
 
Windows Hyper-V Security Feature Bypass Vulnerability. This CVE ID is unique from CVE-2022-21905. 2022-01-11 not yet calculated CVE-2022-21900
MISC
microsoft — windows
 
Windows DWM Core Library Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21852, CVE-2022-21896. 2022-01-11 not yet calculated CVE-2022-21902
MISC
microsoft — windows
 
Windows Modern Execution Server Remote Code Execution Vulnerability. 2022-01-11 not yet calculated CVE-2022-21888
MISC
microsoft — windows
 
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21885. 2022-01-11 not yet calculated CVE-2022-21914
MISC
microsoft — windows
 
Local Security Authority (Domain Policy) Remote Protocol Security Feature Bypass. 2022-01-11 not yet calculated CVE-2022-21913
MISC
microsoft — windows
 
DirectX Graphics Kernel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21898. 2022-01-11 not yet calculated CVE-2022-21912
MISC
microsoft — windows
 
Windows Geolocation Service Remote Code Execution Vulnerability. 2022-01-11 not yet calculated CVE-2022-21878
MISC
microsoft — windows
 
Microsoft Cluster Port Driver Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21910
MISC
microsoft — windows
 
Windows Installer Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21908
MISC
microsoft — windows
 
HTTP Protocol Stack Remote Code Execution Vulnerability. 2022-01-11 not yet calculated CVE-2022-21907
MISC
MISC
MISC
microsoft — windows
 
Windows GDI Information Disclosure Vulnerability. 2022-01-11 not yet calculated CVE-2022-21904
MISC
microsoft — windows
 
Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21916. 2022-01-11 not yet calculated CVE-2022-21897
MISC
microsoft — windows
 
Windows Kerberos Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21920
MISC
microsoft — windows
 
Storage Spaces Controller Information Disclosure Vulnerability. 2022-01-11 not yet calculated CVE-2022-21877
MISC
MISC
microsoft — windows
 
Windows IKE Extension Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-21843, CVE-2022-21848, CVE-2022-21883, CVE-2022-21889. 2022-01-11 not yet calculated CVE-2022-21890
MISC
microsoft — windows
 
Remote Procedure Call Runtime Remote Code Execution Vulnerability. 2022-01-11 not yet calculated CVE-2022-21922
MISC
microsoft — windows
 
Windows User Profile Service Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21919. 2022-01-11 not yet calculated CVE-2022-21895
MISC
MISC
microsoft — windows
 
Windows Defender Credential Guard Security Feature Bypass Vulnerability. 2022-01-11 not yet calculated CVE-2022-21921
MISC
microsoft — windows
 
Secure Boot Security Feature Bypass Vulnerability. 2022-01-11 not yet calculated CVE-2022-21894
MISC
microsoft — windows
 
Windows DWM Core Library Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21852, CVE-2022-21902. 2022-01-11 not yet calculated CVE-2022-21896
MISC
microsoft — windows
 
Remote Desktop Protocol Remote Code Execution Vulnerability. 2022-01-11 not yet calculated CVE-2022-21893
MISC
microsoft — windows
 
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21928, CVE-2022-21958, CVE-2022-21959, CVE-2022-21960, CVE-2022-21961, CVE-2022-21962, CVE-2022-21963. 2022-01-11 not yet calculated CVE-2022-21892
MISC
microsoft — windows
 
Windows IKE Extension Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-21843, CVE-2022-21848, CVE-2022-21883, CVE-2022-21890. 2022-01-11 not yet calculated CVE-2022-21889
MISC
microsoft — windows
 
Windows BackupKey Remote Protocol Security Feature Bypass Vulnerability. 2022-01-11 not yet calculated CVE-2022-21925
MISC
microsoft — windows
 
Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21897. 2022-01-11 not yet calculated CVE-2022-21916
MISC
microsoft — windows
 
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21958, CVE-2022-21959, CVE-2022-21960, CVE-2022-21961, CVE-2022-21962, CVE-2022-21963. 2022-01-11 not yet calculated CVE-2022-21928
MISC
microsoft — windows
 
DirectX Graphics Kernel File Denial of Service Vulnerability. 2022-01-11 not yet calculated CVE-2022-21918
MISC
microsoft — windows
 
Windows Event Tracing Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21872
MISC
microsoft — windows
 
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21928, CVE-2022-21958, CVE-2022-21959, CVE-2022-21960, CVE-2022-21961, CVE-2022-21963. 2022-01-11 not yet calculated CVE-2022-21962
MISC
microsoft — windows
 
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21928, CVE-2022-21958, CVE-2022-21959, CVE-2022-21960, CVE-2022-21962, CVE-2022-21963. 2022-01-11 not yet calculated CVE-2022-21961
MISC
microsoft — windows
 
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21928, CVE-2022-21958, CVE-2022-21959, CVE-2022-21960, CVE-2022-21961, CVE-2022-21962. 2022-01-11 not yet calculated CVE-2022-21963
MISC
microsoft — windows
 
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21928, CVE-2022-21958, CVE-2022-21959, CVE-2022-21961, CVE-2022-21962, CVE-2022-21963. 2022-01-11 not yet calculated CVE-2022-21960
MISC
microsoft — windows
 
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21928, CVE-2022-21958, CVE-2022-21960, CVE-2022-21961, CVE-2022-21962, CVE-2022-21963. 2022-01-11 not yet calculated CVE-2022-21959
MISC
microsoft — windows
 
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21928, CVE-2022-21959, CVE-2022-21960, CVE-2022-21961, CVE-2022-21962, CVE-2022-21963. 2022-01-11 not yet calculated CVE-2022-21958
MISC
microsoft — windows
 
Windows Hyper-V Security Feature Bypass Vulnerability. This CVE ID is unique from CVE-2022-21900. 2022-01-11 not yet calculated CVE-2022-21905
MISC
microsoft — windows
 
Remote Desktop Licensing Diagnoser Information Disclosure Vulnerability. 2022-01-11 not yet calculated CVE-2022-21964
MISC
microsoft — windows
 
Clipboard User Service Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21869
MISC
microsoft — windows
 
Win32k Information Disclosure Vulnerability. 2022-01-11 not yet calculated CVE-2022-21876
MISC
MISC
microsoft — windows
 
Windows Storage Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21875
MISC
microsoft — windows
 
Windows Security Center API Remote Code Execution Vulnerability. 2022-01-11 not yet calculated CVE-2022-21874
MISC
microsoft — windows
 
Tile Data Repository Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21873
MISC
microsoft — windows
 
Windows User Profile Service Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21895. 2022-01-11 not yet calculated CVE-2022-21919
MISC
microsoft — windows
 
Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21871
MISC
microsoft — windows
 
Windows GDI+ Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-21915. 2022-01-11 not yet calculated CVE-2022-21880
MISC
microsoft — windows
 
Windows Defender Application Control Security Feature Bypass Vulnerability. 2022-01-11 not yet calculated CVE-2022-21906
MISC
microsoft — windows
 
Win32k Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21882. 2022-01-11 not yet calculated CVE-2022-21887
MISC
microsoft — windows
 
Win32k Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21887. 2022-01-11 not yet calculated CVE-2022-21882
MISC
microsoft — windows
 
Tablet Windows User Interface Application Core Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21870
MISC
microsoft — windows
 
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21879. 2022-01-11 not yet calculated CVE-2022-21881
MISC
microsoft — windows
 
Local Security Authority Subsystem Service Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21884
MISC
microsoft — windows
 
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21881. 2022-01-11 not yet calculated CVE-2022-21879
MISC
microsoft — windows
 
Windows AppContracts API Server Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21860
MISC
microsoft — windows
 
Windows UI Immersive Server API Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21864
MISC
microsoft — windows
 
Connected Devices Platform Service Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21865
MISC
microsoft — windows
 
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21914. 2022-01-11 not yet calculated CVE-2022-21885
MISC
microsoft — windows
 
Windows System Launcher Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21866
MISC
microsoft — windows
 
Windows Hyper-V Elevation of Privilege Vulnerability. 2022-01-11 not yet calculated CVE-2022-21901
MISC
microsoft — workstation
 
Workstation Service Remote Protocol Security Feature Bypass Vulnerability. 2022-01-11 not yet calculated CVE-2022-21924
MISC
mirantis — container_runtime
 
When running with FIPS mode enabled, Mirantis Container Runtime 20.10.8 leaks memory during TLS Handshakes which could be abused to cause a denial of service. 2022-01-10 not yet calculated CVE-2021-23218
MISC
mitre — caldera
 
An issue was discovered in CALDERA 2.8.1. It does not properly segregate user privileges, resulting in non-admin users having access to read and modify configuration or other components that should only be accessible by admin users. 2022-01-12 not yet calculated CVE-2021-42562
MISC
MISC
mitre — caldera
 
An issue was discovered in CALDERA 2.8.1. It contains multiple reflected, stored, and self XSS vulnerabilities that may be exploited by authenticated and unauthenticated attackers. 2022-01-12 not yet calculated CVE-2021-42558
MISC
MISC
mitre — caldera
 
An issue was discovered in CALDERA 2.8.1. When activated, the Human plugin passes the unsanitized name parameter to a python “os.system” function. This allows attackers to use shell metacharacters (e.g., backticks ““” or dollar parenthesis “$()” ) in order to escape the current command and execute arbitrary shell commands. 2022-01-12 not yet calculated CVE-2021-42561
MISC
MISC
mitre — caldera
 
An issue was discovered in CALDERA 2.8.1. It contains multiple startup “requirements” that execute commands when starting the server. Because these commands can be changed via the REST API, an authenticated user can insert arbitrary commands that will execute when the server is restarted. 2022-01-12 not yet calculated CVE-2021-42559
MISC
MISC
mitsubishi_electric — melsec_f_series_firmware
 
Improper initialization vulnerability in MELSEC-F series FX3U-ENET Firmware version 1.16 and prior, FX3U-ENET-L Firmware version 1.16 and prior and FX3U-ENET-P502 Firmware version 1.16 and prior allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition in communication function of the product by sending specially crafted packets. Control by MELSEC-F series PLC is not affected by this vulnerability, but system reset is required for recovery. 2022-01-14 not yet calculated CVE-2021-20613
MISC
MISC
MISC
mitsubishi_electric — melsec_f_series_firmware
 
Lack of administrator control over security vulnerability in MELSEC-F series FX3U-ENET Firmware version 1.14 and prior, FX3U-ENET-L Firmware version 1.14 and prior and FX3U-ENET-P502 Firmware version 1.14 and prior allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition in communication function of the product or other unspecified effects by sending specially crafted packets to an unnecessary opening of TCP port. Control by MELSEC-F series PLC is not affected by this vulnerability, but system reset is required for recovery. 2022-01-14 not yet calculated CVE-2021-20612
MISC
MISC
MISC
modex — modex
 
Modex v2.11 was discovered to contain an Use-After-Free vulnerability via the component tcache. 2022-01-14 not yet calculated CVE-2021-46169
MISC
modex — modex
 
Modex v2.11 was discovered to contain a NULL pointer dereference in set_create_id() at xtract.c. 2022-01-14 not yet calculated CVE-2021-46171
MISC
mp4box-gpac — mp4box-gpac
 
A Null pointer dereference vulnerability exits in MP4Box – GPAC version 0.8.0-rev177-g51a8ef874-master via the gf_isom_get_track_id function, which causes a denial of service. 2022-01-10 not yet calculated CVE-2020-25427
MISC
MISC
mruby — mruby
 
An untrusted pointer dereference in mrb_vm_exec() of mruby v3.0.0 can lead to a segmentation fault or application crash. 2022-01-14 not yet calculated CVE-2021-46020
MISC
my_cloud — os_5
 
A limited authentication bypass vulnerability was discovered that could allow an attacker to achieve remote code execution and escalate privileges on the My Cloud devices. Addressed this vulnerability by changing access token validation logic and rewriting rule logic on PHP scripts. 2022-01-13 not yet calculated CVE-2022-22990
MISC
my_cloud — os_5
 
A malicious user on the same LAN could use DNS spoofing followed by a command injection attack to trick a NAS device into loading through an unsecured HTTP call. Addressed this vulnerability by disabling checks for internet connectivity using HTTP. 2022-01-13 not yet calculated CVE-2022-22991
MISC
my_cloud — os_5
 
My Cloud OS 5 was vulnerable to a pre-authenticated stack overflow vulnerability on the FTP service. Addressed the vulnerability by adding defenses against stack overflow issues. 2022-01-13 not yet calculated CVE-2022-22989
MISC
mzautomation — lib60870
 
A NULL pointer dereference in CS104_IPAddress_setFromString at src/iec60870/cs104/cs104_slave.c of lib60870 commit 0d5e76e can lead to a segmentation fault or application crash. 2022-01-14 not yet calculated CVE-2021-45773
MISC
mzautomation — libiec61870
 
A NULL pointer dereference in AcseConnection_parseMessage at src/mms/iso_acse/acse.c of libiec61850 v1.5.0 can lead to a segmentation fault or application crash. 2022-01-14 not yet calculated CVE-2021-45769
MISC
nanoid — nanoid
 
The package nanoid before 3.1.31 are vulnerable to Information Exposure via the valueOf() function which allows to reproduce the last id generated. 2022-01-14 not yet calculated CVE-2021-23566
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
netbiblio — webopac
 
Cross-site Scripting (XSS) vulnerability in the search functionality of AlCoda NetBiblio WebOPAC allows an unauthenticated user to craft a reflected Cross-Site Scripting attack. This issue affects: AlCoda NetBiblio WebOPAC versions prior to 4.0.0.320; versions later than 4.0.0.328. This issue does not affect: AlCoda NetBiblio WebOPAC version 4.0.0.335 and later versions. 2022-01-14 not yet calculated CVE-2021-42551
CONFIRM
netgear — r6260_routers
 
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.78_1.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SOAP requests. When parsing the SOAPAction header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13512. 2022-01-13 not yet calculated CVE-2021-34979
MISC
MISC
netgear — r6260_routers
 
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.78_1.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the setupwizard.cgi page. A crafted SOAP request can trigger an overflow of a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13511. 2022-01-13 not yet calculated CVE-2021-34978
MISC
MISC
netgear — r6260_routers
 
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.78_1.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the setupwizard.cgi page. When parsing the SOAP_LOGIN_TOKEN environment variable, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-14107. 2022-01-13 not yet calculated CVE-2021-34980
MISC
MISC
netgear — r7000_routers
 
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7000 1.0.11.116_10.2.100 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of SOAP requests. The issue results from the lack of proper authentication verification before performing a password reset. An attacker can leverage this vulnerability to reset the admin password. Was ZDI-CAN-13483. 2022-01-13 not yet calculated CVE-2021-34977
MISC
MISC
nocobd — nocobd
 
In NocoDB, versions 0.9 to 0.83.8 are vulnerable to Observable Discrepancy in the password-reset feature. When requesting a password reset for a given email address, the application displays an error message when the email isn’t registered within the system. This allows attackers to enumerate the registered users’ email addresses. 2022-01-10 not yet calculated CVE-2022-22120
MISC
MISC
nocobd — nocobd
 
In NocoDB, versions 0.81.0 through 0.83.8 are affected by CSV Injection vulnerability (Formula Injection). A low privileged attacker can create a new table to inject payloads in the table rows. When an administrator accesses the User Management endpoint and exports the data as a CSV file and opens it, the payload gets executed. 2022-01-10 not yet calculated CVE-2022-22121
MISC
MISC
nuuo — nvrmini2
 
NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users because of the lack of handle_import_user.php authentication. When combined with another flaw (CVE-2011-5325), it is possible to overwrite arbitrary files under the web root and achieve code execution as root. 2022-01-14 not yet calculated CVE-2022-23227
MISC
MISC
MISC
MISC
nvidia — nemo
 
NVIDIA NeMo before 1.6.0 contains a vulnerability in ASR WebApp, in which ../ Path Traversal may lead to deletion of any directory when admin privileges are available. 2022-01-10 not yet calculated CVE-2022-22821
MISC
october_cms — october_cms
 
October CMS is a self-hosted content management system (CMS) platform based on the Laravel PHP Framework. Prior to versions 1.0.473 and 1.1.6, an attacker with access to the backend is able to execute PHP code by using the theme import feature. This will bypass the safe mode feature that prevents PHP execution in the CMS templates.The issue has been patched in Build 473 (v1.0.473) and v1.1.6. Those unable to upgrade may apply the patch to their installation manually as a workaround. 2022-01-14 not yet calculated CVE-2021-32650
CONFIRM
MISC
october_cms — october_cms
 
October CMS is a self-hosted content management system (CMS) platform based on the Laravel PHP Framework. Prior to versions 1.0.473 and 1.1.6, an attacker with “create, modify and delete website pages” privileges in the backend is able to execute PHP code by running specially crafted Twig code in the template markup. The issue has been patched in Build 473 (v1.0.473) and v1.1.6. Those unable to upgrade may apply the patch to their installation manually as a workaround. 2022-01-14 not yet calculated CVE-2021-32649
CONFIRM
MISC
omron — cx-one
 
Omron CX-One Versions 4.60 and prior are vulnerable to a stack-based buffer overflow while processing specific project files, which may allow an attacker to execute arbitrary code. 2022-01-14 not yet calculated CVE-2022-21137
MISC
open_design_alliance — drawings_sdk
 
Open Design Alliance Drawings SDK before 2022.12.1 mishandles the loading of JPG files. Unchecked input data from a crafted JPG file leads to memory corruption. An attacker can leverage this vulnerability to execute code in the context of the current process. 2022-01-15 not yet calculated CVE-2022-23095
MISC
opensuse — opensuse
 
A Incorrect Default Permissions vulnerability in the parsec package of openSUSE Factory allows local attackers to imitate the service leading to DoS or clients talking to an imposter service. This issue affects: openSUSE Factory parsec versions prior to 0.8.1-1.1. 2022-01-14 not yet calculated CVE-2021-36781
CONFIRM
orchardcore — orchardcore
 
orchardcore is vulnerable to Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) 2022-01-12 not yet calculated CVE-2022-0159
CONFIRM
MISC
owncloud — owncloud
 
The files_antivirus component before 1.0.0 for ownCloud mishandles the protection mechanism by which malicious files (that have been uploaded to a public share) are supposed to be deleted upon detection. 2022-01-15 not yet calculated CVE-2021-33828
MISC
MISC
owncloud — owncloud
 
The files_antivirus component before 1.0.0 for ownCloud allows OS Command Injection via the administration settings. 2022-01-15 not yet calculated CVE-2021-33827
MISC
MISC
owncloud — owncloud_client
 
ownCloud owncloud/client before 2.9.2 allows Resource Injection by a server into the desktop client via a URL, leading to remote code execution. 2022-01-15 not yet calculated CVE-2021-44537
MISC
panda_security — free_antivirus
 
This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Free Antivirus 20.2.0.0. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the use of named pipes. The issue results from allowing an untrusted process to impersonate the client of a pipe. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-14208. 2022-01-13 not yet calculated CVE-2021-34998
MISC
MISC
paritytech — frontier
 
Frontier is Substrate’s Ethereum compatibility layer. Prior to commit number `8a93fdc6c9f4eb1d2f2a11b7ff1d12d70bf5a664`, a bug in Frontier’s MODEXP precompile implementation can cause an integer underflow in certain conditions. This will cause a node crash for debug builds. For release builds (and production WebAssembly binaries), the impact is limited as it can only cause a normal EVM out-of-gas. Users who do not use MODEXP precompile in their runtime are not impacted. A patch is available in pull request #549. 2022-01-14 not yet calculated CVE-2022-21685
CONFIRM
MISC
MISC
partkeeper — partkeeper
 
PartKeepr versions up to v1.4.0, loads attachments using a URL while creating a part and allows the use of the ‘file://’ URI scheme, allowing an authenticated user to read local files. 2022-01-10 not yet calculated CVE-2022-22701
MISC
MISC
partkeepr — partkeepr
 
PartKeepr versions up to v1.4.0, in the functionality to upload attachments using a URL when creating a part does not validate that requests can be made to local ports, allowing an authenticated user to carry out SSRF attacks and port enumeration. 2022-01-10 not yet calculated CVE-2022-22702
MISC
MISC
peertube — peertube
 
peertube is vulnerable to Improper Access Control 2022-01-11 not yet calculated CVE-2022-0170
CONFIRM
MISC
pexip_infinity — pexip_infinity
 
Pexip Infinity before 26 allows remote denial of service because of missing H.264 input validation (issue 1 of 2). 2022-01-15 not yet calculated CVE-2021-33498
MISC
pexip_infinity — pexip_infinity
 
Pexip Infinity before 26 allows remote denial of service because of missing H.264 input validation (issue 2 of 2). 2022-01-15 not yet calculated CVE-2021-33499
MISC
pexip_infinity — pexip_infinity
 
Pexip Infinity before 26.2 allows temporary remote Denial of Service (abort) because of missing call-setup input validation. 2022-01-15 not yet calculated CVE-2021-42555
CONFIRM
pexip_infinity — pexip_infinity
 
Pexip Infinity before 26 allows temporary remote Denial of Service (abort) because of missing call-setup input validation. 2022-01-15 not yet calculated CVE-2021-35969
MISC
pexip_infinity — pexip_infinity
 
Pexip Infinity before 26 allows remote denial of service because of missing RTMP input validation. 2022-01-15 not yet calculated CVE-2021-32545
MISC
phoronix-test-suite — phoronix-test-suite
 
phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF) 2022-01-13 not yet calculated CVE-2022-0196
CONFIRM
MISC
phoronix-test-suite — phoronix-test-suite
 
phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF) 2022-01-13 not yet calculated CVE-2022-0197
CONFIRM
MISC
php_everywhere — php_everywhere
 
Cross-Site Request Forgery (CSRF) vulnerability discovered in PHP Everywhere (WordPress plugin) versions (<= 2.0.2). 2022-01-13 not yet calculated CVE-2021-23227
CONFIRM
CONFIRM
pillow — pillow
 
PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. 2022-01-10 not yet calculated CVE-2022-22817
MISC
pillow — pillow
 
path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path. 2022-01-10 not yet calculated CVE-2022-22816
MISC
MISC
pillow — pillow
 
path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path. 2022-01-10 not yet calculated CVE-2022-22815
MISC
MISC
publishpress_capabilities — publishpress_capabilities
 
The PublishPress Capabilities WordPress plugin before 2.3.1, PublishPress Capabilities Pro WordPress plugin before 2.3.1 does not have authorisation and CSRF checks when updating the plugin’s settings via the init hook, and does not ensure that the options to be updated belong to the plugin. As a result, unauthenticated attackers could update arbitrary blog options, such as the default role and make any new registered user with an administrator role. 2022-01-10 not yet calculated CVE-2021-25032
CONFIRM
MISC
puddingbot — puddingbot
 
PuddingBot is a group management bot. In version 0.0.6-b933652 and prior, the bot token is publicly exposed in main.py, making it accessible to malicious actors. The bot token has been revoked and new version is already running on the server. As of time of publication, the maintainers are planning to update code to reflect this change at a later date. 2022-01-11 not yet calculated CVE-2022-21669
CONFIRM
pypa — pipenv
 
pipenv is a Python development workflow tool. Starting with version 2018.10.9 and prior to version 2022.1.8, a flaw in pipenv’s parsing of requirements files allows an attacker to insert a specially crafted string inside a comment anywhere within a requirements.txt file, which will cause victims who use pipenv to install the requirements file to download dependencies from a package index server controlled by the attacker. By embedding malicious code in packages served from their malicious index server, the attacker can trigger arbitrary remote code execution (RCE) on the victims’ systems. If an attacker is able to hide a malicious `–index-url` option in a requirements file that a victim installs with pipenv, the attacker can embed arbitrary malicious code in packages served from their malicious index server that will be executed on the victim’s host during installation (remote code execution/RCE). When pip installs from a source distribution, any code in the setup.py is executed by the install process. This issue is patched in version 2022.1.8. The GitHub Security Advisory contains more information about this vulnerability. 2022-01-10 not yet calculated CVE-2022-21668
MISC
CONFIRM
MISC
qnap — multiple_nas_devices
 
A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QVR Elite, QVR Pro, QVR Guard: QuTS hero h5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QuTS hero h4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 4.5.4: QVR Guard 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Guard 2.1.3.0 (2021/12/06) and later 2022-01-14 not yet calculated CVE-2021-38691
CONFIRM
qnap — multiple_nas_devices
 
A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QVR Elite, QVR Pro, QVR Guard: QuTS hero h5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QuTS hero h4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 4.5.4: QVR Guard 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Guard 2.1.3.0 (2021/12/06) and later 2022-01-14 not yet calculated CVE-2021-38692
CONFIRM
qnap — multiple_nas_devices
 
An open redirect vulnerability has been reported to affect QNAP device running QcalAgent. If exploited, this vulnerability allows attackers to redirect users to an untrusted page that contains malware. We have already fixed this vulnerability in the following versions of QcalAgent: QcalAgent 1.1.7 and later 2022-01-14 not yet calculated CVE-2021-38678
CONFIRM
qnap — multiple_nas_devices
 
A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QVR Elite, QVR Pro, QVR Guard: QuTS hero h5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QuTS hero h4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 4.5.4: QVR Guard 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Guard 2.1.3.0 (2021/12/06) and later 2022-01-14 not yet calculated CVE-2021-38690
CONFIRM
qnap — multiple_nas_devices
 
A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QVR Elite, QVR Pro, QVR Guard: QuTS hero h5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QuTS hero h4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 4.5.4: QVR Guard 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Guard 2.1.3.0 (2021/12/06) and later 2022-01-14 not yet calculated CVE-2021-38689
CONFIRM
qnap — multiple_nas_devices
 
A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QVR Elite, QVR Pro, QVR Guard: QuTS hero h5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QuTS hero h4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 4.5.4: QVR Guard 2.1.3.0 and later QTS 5.0.0: QVR Guard 2.1.3.0 and later 2022-01-14 not yet calculated CVE-2021-38682
CONFIRM
qnap — qcalagent
 
A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running QcalAgent. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of QcalAgent: QcalAgent 1.1.7 and later 2022-01-14 not yet calculated CVE-2021-38677
CONFIRM
qualcomm — multiple_products Use after free condition can occur in wired connectivity due to a race condition while creating and deleting folders in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking 2022-01-13 not yet calculated CVE-2021-30313
CONFIRM
qualcomm — multiple_products
 
Possible buffer overflow while printing the HARQ memory partition detail due to improper validation of buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile 2022-01-13 not yet calculated CVE-2021-30308
CONFIRM
qualcomm — multiple_products
 
Improper validation of function pointer type with actual function signature can lead to assertion in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables 2022-01-13 not yet calculated CVE-2021-30353
CONFIRM
qualcomm — multiple_products
 
Lack of validation for third party application accessing the service can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables 2022-01-13 not yet calculated CVE-2021-30314
CONFIRM
qualcomm — multiple_products
 
Possible integer overflow due to improper validation of command length parameters while processing WMI command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music 2022-01-13 not yet calculated CVE-2021-30319
CONFIRM
qualcomm — multiple_products
 
Possible null pointer dereference due to improper validation of APE clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables 2022-01-13 not yet calculated CVE-2021-30330
CONFIRM
qualcomm — multiple_products
 
Possible heap overflow due to lack of index validation before allocating and writing to heap buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile 2022-01-13 not yet calculated CVE-2021-30311
CONFIRM
qxip_sipcature — homer
 
QXIP SIPCAPTURE homer-app before 1.4.28 for HOMER 7.x has the same 167f0db2-f83e-4baa-9736-d56064a5b415 JWT secret key across different customers’ installations. 2022-01-10 not yet calculated CVE-2022-22845
MISC
MISC
MISC
MISC
radare2 — radare2
 
radare2 is vulnerable to Out-of-bounds Read 2022-01-11 not yet calculated CVE-2022-0173
CONFIRM
MISC
ray-ban — stories
 
A logic flaw in Ray-Ban® Stories device software allowed some parameters like video capture duration limit to be modified through the Facebook View application. This issue affected versions of device software before 2107460.6810.0. 2022-01-14 not yet calculated CVE-2021-24046
CONFIRM
repirse — license_manager
 
Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability in the /goform/activate_process “count” parameter via GET. No authentication is required. 2022-01-13 not yet calculated CVE-2021-45422
MISC
MISC
MISC
replit — crosis
 
@replit/crosis is a JavaScript client that speaks Replit’s container protocol. A vulnerability that involves exposure of sensitive information exists in versions prior to 7.3.1. When using this library as a way to programmatically communicate with Replit in a standalone fashion, if there are multiple failed attempts to contact Replit through a WebSocket, the library will attempt to communicate using a fallback poll-based proxy. The URL of the proxy has changed, so any communication done to the previous URL could potentially reach a server that is outside of Replit’s control and the token used to connect to the Repl could be obtained by an attacker, leading to full compromise of that Repl (not of the account). This was patched in version 7.3.1 by updating the address of the fallback WebSocket polling proxy to the new one. As a workaround, a user may specify the new address for the polling host (`gp-v2.replit.com`) in the `ConnectArgs`. More information about this workaround is available in the GitHub Security Advisory. 2022-01-11 not yet calculated CVE-2022-21671
CONFIRM
MISC
ropium — ropium
 
ROPium v3.1 was discovered to contain an invalid memory address dereference via the find() function. 2022-01-14 not yet calculated CVE-2021-45761
MISC
samba — samba
 
All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed. 2022-01-11 not yet calculated CVE-2021-43566
MISC
MISC
MISC
samsung — android_applications
 
A vulnerability using PendingIntent in Reminder prior to version 12.2.05.0 in Android R(11.0) and 12.3.02.1000 in Android S(12.0) allows attackers to execute privileged action by hijacking and modifying the intent. 2022-01-10 not yet calculated CVE-2022-22285
MISC
samsung — android_applications
 
A vulnerability using PendingIntent in Bixby Routines prior to version 3.1.21.8 in Android R(11.0) and 2.6.30.5 in Android Q(10.0) allows attackers to execute privileged action by hijacking and modifying the intent. 2022-01-10 not yet calculated CVE-2022-22286
MISC
samsung — email
 
Abitrary file access vulnerability in Samsung Email prior to 6.1.60.16 allows attacker to read isolated data in sandbox. 2022-01-10 not yet calculated CVE-2022-22287
MISC
samsung — galaxy
 
Improper authorization vulnerability in Galaxy Store prior to 4.5.36.5 allows remote app installation of the allowlist. 2022-01-10 not yet calculated CVE-2022-22288
MISC
samsung — health
 
Improper session management vulnerability in Samsung Health prior to 6.20.1.005 prevents logging out from Samsung Health App. 2022-01-10 not yet calculated CVE-2022-22283
MISC
samsung — internet
 
Incorrect download source UI in Downloads in Samsung Internet prior to 16.0.6.23 allows attackers to perform domain spoofing via a crafted HTML page. 2022-01-14 not yet calculated CVE-2022-22290
MISC
samsung — internet
 
Improper authentication vulnerability in Samsung Internet prior to 16.0.2.19 allows attackers to bypass secret mode password authentication 2022-01-10 not yet calculated CVE-2022-22284
MISC
samsung — s_assistant
 
Improper access control vulnerability in S Assistant prior to version 7.5 allows attacker to remotely get senstive information. 2022-01-10 not yet calculated CVE-2022-22289
MISC
sap — business+_one
 
SAP Business One – version 10.0, extended log stores information that can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information. 2022-01-14 not yet calculated CVE-2021-44234
MISC
MISC
sap — enterprise_threat_detection
 
SAP Enterprise Threat Detection (ETD) – version 2.0, does not sufficiently encode user-controlled inputs which may lead to an unauthorized attacker possibly exploit XSS vulnerability. The UIs in ETD are using SAP UI5 standard controls, the UI5 framework provides automated output encoding for its standard controls. This output encoding prevents stored malicious user input from being executed when it is reflected in the UI. 2022-01-14 not yet calculated CVE-2022-22529
MISC
MISC
sap — f0743_create_single_payment
 
The F0743 Create Single Payment application of SAP S/4HANA – versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to inject dangerous content or malicious code which could result in critical information being modified or completely compromise the availability of the application. 2022-01-14 not yet calculated CVE-2022-22530
MISC
MISC
sap — f0743_create_single_payment
 
The F0743 Create Single Payment application of SAP S/4HANA – versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to run arbitrary script code, resulting in sensitive information being disclosed or modified. 2022-01-14 not yet calculated CVE-2022-22531
MISC
MISC
sap — netweaver
 
In SAP NetWeaver AS for ABAP and ABAP Platform – versions 701, 702, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 786, an attacker authenticated as a regular user can use the S/4 Hana dashboard to reveal systems and services which they would not normally be allowed to see. No information alteration or denial of service is possible. 2022-01-14 not yet calculated CVE-2021-42067
MISC
MISC
sensormatics_electronics — videoedge
 
Running a vulnerability scanner against VideoEdge NVRs can cause some functionality to stop. 2022-01-14 not yet calculated CVE-2021-36199
CERT
CONFIRM
shelljs — shelljs
 
shelljs is vulnerable to Improper Privilege Management 2022-01-11 not yet calculated CVE-2022-0144
CONFIRM
MISC
siemens — cp-8000_master_module
 
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions < V16.20), CP-8000 MASTER MODULE WITH I/O -40/+70°C (All versions < V16.20), CP-8021 MASTER MODULE (All versions < V16.20), CP-8022 MASTER MODULE WITH GPRS (All versions < V16.20). The web server of the affected system allows access to logfiles and diagnostic data generated by a privileged user. An unauthenticated attacker could access the files by knowing the corresponding download links. 2022-01-11 not yet calculated CVE-2021-45034
MISC
siemens — cp-8000_master_module
 
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions < V16.20), CP-8000 MASTER MODULE WITH I/O -40/+70°C (All versions < V16.20), CP-8021 MASTER MODULE (All versions < V16.20), CP-8022 MASTER MODULE WITH GPRS (All versions < V16.20). An undocumented debug port uses hard-coded default credentials. If this port is enabled by a privileged user, an attacker aware of the credentials could access an administrative debug shell on the affected device. 2022-01-11 not yet calculated CVE-2021-45033
MISC
siemens — sicam_pq_analyzer
 
A vulnerability has been identified in SICAM PQ Analyzer (All versions < V3.18). A service is started by an unquoted registry entry. As there are spaces in this path, attackers with write privilege to those directories might be able to plant executables that will run in place of the legitimate process. Attackers might achieve persistence on the system (“backdoors”) or cause a denial of service. 2022-01-11 not yet calculated CVE-2021-45460
MISC
siemens — siprotec_5_multiple_devices
 
A vulnerability has been identified in SIPROTEC 5 6MD85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD89 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MU85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7KE85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SA82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SA86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SA87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SD82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SD86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SD87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SJ81 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SJ82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SJ85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SJ86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SK82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SK85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SL82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SL86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SL87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SS85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7ST85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SX85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UM85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UT82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7UT85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UT86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UT87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7VE85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7VK87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 Compact 7SX800 devices (CPU variant CP050) (All versions < V8.83). An improper input validation vulnerability in the web server could allow an unauthenticated user to access device information. 2022-01-11 not yet calculated CVE-2021-41769
MISC
smarty-php — smarty
 
Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.43 and 4.0.3, template authors could run restricted static php methods. Users should upgrade to version 3.1.43 or 4.0.3 to receive a patch. 2022-01-10 not yet calculated CVE-2021-21408
MISC
MISC
CONFIRM
MISC
smarty-php — smarty
 
Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.42 and 4.0.2, template authors could run arbitrary PHP code by crafting a malicious math string. If a math string was passed through as user provided data to the math function, external users could run arbitrary PHP code by crafting a malicious math string. Users should upgrade to version 3.1.42 or 4.0.2 to receive a patch. 2022-01-10 not yet calculated CVE-2021-29454
MISC
CONFIRM
MISC
MISC
MISC
MISC
snipe-it — snipe-it
 
snipe-it is vulnerable to Improper Access Control 2022-01-13 not yet calculated CVE-2022-0178
CONFIRM
MISC
socket.io — engine.io
 
Engine.IO is the implementation of transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. A specially crafted HTTP request can trigger an uncaught exception on the Engine.IO server, thus killing the Node.js process. This impacts all the users of the `engine.io` package starting from version `4.0.0`, including those who uses depending packages like `socket.io`. Versions prior to `4.0.0` are not impacted. A fix has been released for each major branch, namely `4.1.2` for the `4.x.x` branch, `5.2.1` for the `5.x.x` branch, and `6.1.1` for the `6.x.x` branch. There is no known workaround except upgrading to a safe version. 2022-01-12 not yet calculated CVE-2022-21676
CONFIRM
MISC
MISC
MISC
MISC
MISC
MISC
sonicos — firmware
 
A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions. 2022-01-10 not yet calculated CVE-2021-20048
CONFIRM
sonicos — firmware
 
A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions. 2022-01-10 not yet calculated CVE-2021-20046
CONFIRM
sourcecodetester — printable_staff_id_card_creator_system
 
In Sourcecodetester Printable Staff ID Card Creator System 1.0 after compromising the database via SQLi, an attacker can log in and leverage an arbitrary file upload vulnerability to obtain remote code execution. 2022-01-12 not yet calculated CVE-2021-45411
MISC
MISC
sourceforge — salonerp
 
In SalonERP 3.0.1, a SQL injection vulnerability allows an attacker to inject payload using ‘sql’ parameter in SQL query while generating a report. Upon successfully discovering the login admin password hash, it can be decrypted to obtain the plain-text password. 2022-01-14 not yet calculated CVE-2021-45406
MISC
MISC
MISC
spin — spin
 
Spin v6.5.1 was discovered to contain an out-of-bounds write in lex() at spinlex.c. 2022-01-14 not yet calculated CVE-2021-46168
MISC
strukturag — libde265
 
A stack-buffer-overflow exists in libde265 v1.0.8 via fallback-motion.cc in function put_epel_hv_fallback when running program dec265. 2022-01-10 not yet calculated CVE-2021-36410
MISC
strukturag — libde265
 
An issue has been found in libde265 v1.0.8 due to incorrect access control. A SEGV caused by a READ memory access in function derive_boundaryStrength of deblock.cc has occurred. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service. 2022-01-10 not yet calculated CVE-2021-36411
MISC
strukturag — libde265
 
An Incorrect Access Control vulnerability exists in libde265 v1.0.8 due to a SEGV in slice.cc. 2022-01-10 not yet calculated CVE-2021-35452
MISC
strukturag — libde265
 
There is an Assertion `scaling_list_pred_matrix_id_delta==1′ failed at sps.cc:925 in libde265 v1.0.8 when decoding file, which allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file or possibly have unspecified other impact. 2022-01-10 not yet calculated CVE-2021-36409
MISC
strukturag — libde265
 
An issue was discovered in libde265 v1.0.8.There is a Heap-use-after-free in intrapred.h when decoding file using dec265. 2022-01-10 not yet calculated CVE-2021-36408
MISC
suitecrm — suitecrm
 
SuiteCRM through 7.11.21 is vulnerable to CSRF, with resultant remote code execution, via the UpgradeWizard functionality, if a PHP file is included in a ZIP archive. 2022-01-12 not yet calculated CVE-2021-41597
MISC
MISC
MISC
MISC
MISC
sysaid — itil
 
A SQL injection vulnerability in /mobile/SelectUsers.jsp in SysAid ITIL 20.4.74 b10 allows a remote authenticated attacker to execute arbitrary SQL commands via the filterText parameter. 2022-01-11 not yet calculated CVE-2021-43971
MISC
MISC
MISC
sysaid — itil
 
An unrestricted file copy vulnerability in /UserSelfServiceSettings.jsp in SysAid ITIL 20.4.74 b10 allows a remote authenticated attacker to copy arbitrary files on the server filesystem to the web root (with an arbitrary filename) via the tempFile and fileName parameters in the HTTP POST body. 2022-01-11 not yet calculated CVE-2021-43972
MISC
MISC
MISC
sysaid — itil
 
An unrestricted file upload vulnerability in /UploadPsIcon.jsp in SysAid ITIL 20.4.74 b10 allows a remote authenticated attacker to upload an arbitrary file via the file parameter in the HTTP POST body. A successful request returns the absolute, server-side filesystem path of the uploaded file. 2022-01-11 not yet calculated CVE-2021-43973
MISC
MISC
MISC
sysaid — itil
 
An issue was discovered in SysAid ITIL 20.4.74 b10. The /enduserreg endpoint is used to register end users anonymously, but does not respect the server-side setting that determines if anonymous users are allowed to register new accounts. Configuring the server-side setting to disable anonymous user registration only hides the client-side registration form. An attacker can still post registration data to create new accounts without prior authentication. 2022-01-11 not yet calculated CVE-2021-43974
MISC
MISC
MISC
teamviewer — teamviewer
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TeamViewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TVS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13606. 2022-01-13 not yet calculated CVE-2021-34858
MISC
MISC
tenable.sc — tenable.sc
 
Tenable.sc versions 5.14.0 through 5.19.1 were found to contain a remote code execution vulnerability which could allow a remote, unauthenticated attacker to execute code under special circumstances. An attacker would first have to stage a specific file type in the web server root of the Tenable.sc host prior to remote exploitation. 2022-01-14 not yet calculated CVE-2022-0130
MISC
tibco_software_inc — multiple products
 
The Data Virtualization Server component of TIBCO Software Inc.’s TIBCO Data Virtualization, TIBCO Data Virtualization, TIBCO Data Virtualization, and TIBCO Data Virtualization for AWS Marketplace contains a difficult to exploit vulnerability that allows a low privileged attacker with local access to download arbitrary files outside of the scope of the user’s permissions on the affected system. Affected releases are TIBCO Software Inc.’s TIBCO Data Virtualization: versions 8.3.0 and below, TIBCO Data Virtualization: version 8.4.0, TIBCO Data Virtualization: version 8.5.0, and TIBCO Data Virtualization for AWS Marketplace: versions 8.5.0 and below. 2022-01-12 not yet calculated CVE-2021-35500
CONFIRM
CONFIRM
tibco_software_inc — multiple_products
 
The eFTL Server component of TIBCO Software Inc.’s TIBCO eFTL – Community Edition, TIBCO eFTL – Developer Edition, and TIBCO eFTL – Enterprise Edition contains an easily exploitable vulnerability that allows clients to inherit the permissions of the client that initially connected on the affected system. Affected releases are TIBCO Software Inc.’s TIBCO eFTL – Community Edition: versions 6.7.2 and below, TIBCO eFTL – Developer Edition: versions 6.7.2 and below, and TIBCO eFTL – Enterprise Edition: versions 6.7.2 and below. 2022-01-11 not yet calculated CVE-2021-43055
CONFIRM
CONFIRM
tibco_software_inc — multiple_products
 
The Realm Server component of TIBCO Software Inc.’s TIBCO FTL – Community Edition, TIBCO FTL – Developer Edition, and TIBCO FTL – Enterprise Edition contains an easily exploitable vulnerability that allows authentication bypass due to a hard coded secret used in the default realm server of the affected system. Affected releases are TIBCO Software Inc.’s TIBCO FTL – Community Edition: versions 6.7.2 and below, TIBCO FTL – Developer Edition: versions 6.7.2 and below, and TIBCO FTL – Enterprise Edition: versions 6.7.2 and below. 2022-01-11 not yet calculated CVE-2021-43052
CONFIRM
CONFIRM
tibco_software_inc — multiple_products
 
The Realm Server component of TIBCO Software Inc.’s TIBCO FTL – Community Edition, TIBCO FTL – Developer Edition, and TIBCO FTL – Enterprise Edition contains a difficult to exploit vulnerability that allows an unauthenticated attacker with network access to obtain the cluster secret of another application connected to the realm server. Affected releases are TIBCO Software Inc.’s TIBCO FTL – Community Edition: versions 6.7.2 and below, TIBCO FTL – Developer Edition: versions 6.7.2 and below, and TIBCO FTL – Enterprise Edition: versions 6.7.2 and below. 2022-01-11 not yet calculated CVE-2021-43053
CONFIRM
CONFIRM
tibco_software_inc — multiple_products
 
The eFTL Server component of TIBCO Software Inc.’s TIBCO eFTL – Community Edition, TIBCO eFTL – Developer Edition, and TIBCO eFTL – Enterprise Edition contains an easily exploitable vulnerability that allows a low privileged attacker with network access to generate API tokens that can access any other channel with arbitrary permissions. Affected releases are TIBCO Software Inc.’s TIBCO eFTL – Community Edition: versions 6.7.2 and below, TIBCO eFTL – Developer Edition: versions 6.7.2 and below, and TIBCO eFTL – Enterprise Edition: versions 6.7.2 and below. 2022-01-11 not yet calculated CVE-2021-43054
CONFIRM
CONFIRM
trusted_firmware — trusted_firmware
 
Trusted Firmware-M (TF-M) 1.4.0, when Profile Small is used, has incorrect access control. NSPE can access a secure key (held by the Crypto service) based solely on knowledge of its key ID. For example, there is no authorization check associated with the relationship between a caller and a key owner. 2022-01-13 not yet calculated CVE-2021-40327
MISC
MISC
CONFIRM
ubiquiti — unifi_network
 
An injection vulnerability exists in a third-party library used in UniFi Network Version 6.5.53 and earlier (Log4J CVE-2021-44228) allows a malicious actor to control the application. 2022-01-14 not yet calculated CVE-2021-44530
MISC
unisys — clearpath_mcp_tcp-icp_networking_services
 
Unisys ClearPath MCP TCP/IP Networking Services 59.1, 60.0, and 62.0 has an Infinite Loop. 2022-01-12 not yet calculated CVE-2021-45445
MISC
MISC
useful_simple_open-source_cms — useful_simple_open-source_cms
 
Useful Simple Open-Source CMS (USOC) is a content management system (CMS) for programmers. Versions prior to Pb2.4Bfx3 allowed Sql injection in usersearch.php only for users with administrative privileges. Users should replace the file `admin/pages/useredit.php` with a newer version. USOC version Pb2.4Bfx3 contains a fixed version of `admin/pages/useredit.php`. 2022-01-10 not yet calculated CVE-2022-21666
MISC
MISC
CONFIRM
vim — vim
 
vim is vulnerable to Heap-based Buffer Overflow 2022-01-14 not yet calculated CVE-2022-0213
CONFIRM
MISC
MLIST
wecon — levistudiou
 
WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code. 2022-01-14 not yet calculated CVE-2021-23138
MISC
wecon — levistudiou
 
WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code. 2022-01-14 not yet calculated CVE-2021-23157
MISC
weseek — growi
 
growi is vulnerable to Authorization Bypass Through User-Controlled Key 2022-01-12 not yet calculated CVE-2021-3852
CONFIRM
MISC
z-wave — multiple_devices
 
Z-Wave devices based on Silicon Labs 700 series chipsets using S2 do not adequately authenticate or encrypt FIND_NODE_IN_RANGE frames, allowing a remote, unauthenticated attacker to inject a FIND_NODE_IN_RANGE frame with an invalid random payload, denying service by blocking the processing of upcoming events. 2022-01-10 not yet calculated CVE-2020-10137
MISC
CERT-VN
MISC
MISC
CERT-VN
z-wave — multiple_devices
 
Z-Wave devices using Silicon Labs 500 and 700 series chipsets, including but not likely limited to the SiLabs UZB-7 version 7.00, ZooZ ZST10 version 6.04, Aeon Labs ZW090-A version 3.95, and Samsung STH-ETH-200 version 6.04, are susceptible to denial of service via malformed routing messages. 2022-01-10 not yet calculated CVE-2020-9061
MISC
CERT-VN
MISC
MISC
CERT-VN
z-wave — multiple_devices
 
Z-Wave devices based on Silicon Labs 500 series chipsets using S0 authentication are susceptible to uncontrolled resource consumption leading to battery exhaustion. As an example, the Schlage BE468 version 3.42 door lock is vulnerable and fails open at a low battery level. 2022-01-10 not yet calculated CVE-2020-9059
MISC
CERT-VN
MISC
MISC
CERT-VN
z-wave — multiple_devices
 
Z-Wave devices based on Silicon Labs 500 series chipsets using S2, including but likely not limited to the ZooZ ZST10 version 6.04, ZooZ ZEN20 version 5.03, ZooZ ZEN25 version 5.03, Aeon Labs ZW090-A version 3.95, and Fibaro FGWPB-111 version 4.3, are susceptible to denial of service and resource exhaustion via malformed SECURITY NONCE GET, SECURITY NONCE GET 2, NO OPERATION, or NIF REQUEST messages. 2022-01-10 not yet calculated CVE-2020-9060
MISC
CERT-VN
MISC
MISC
CERT-VN
z-wave — multiple_devices
 
Z-Wave devices based on Silicon Labs 100, 200, and 300 series chipsets do not support encryption, allowing an attacker within radio range to take control of or cause a denial of service to a vulnerable device. An attacker can also capture and replay Z-Wave traffic. Firmware upgrades cannot directly address this vulnerability as it is an issue with the Z-Wave specification for these legacy chipsets. One way to protect against this vulnerability is to use 500 or 700 series chipsets that support Security 2 (S2) encryption. As examples, the Linear WADWAZ-1 version 3.43 and WAPIRZ-1 version 3.43 (with 300 series chipsets) are vulnerable. 2022-01-10 not yet calculated CVE-2020-9057
MISC
CERT-VN
MISC
MISC
CERT-VN
z-wave — multiple_devices
 
Z-Wave devices based on Silicon Labs 500 series chipsets using CRC-16 encapsulation, including but likely not limited to the Linear LB60Z-1 version 3.5, Dome DM501 version 4.26, and Jasco ZW4201 version 4.05, do not implement encryption or replay protection. 2022-01-10 not yet calculated CVE-2020-9058
MISC
CERT-VN
MISC
MISC
CERT-VN
zabbix — zabbix
 
In the case of instances where the SAML SSO authentication is enabled (non-default), session data can be modified by a malicious actor, because a user login stored in the session was not verified. Malicious unauthenticated actor may exploit this issue to escalate privileges and gain admin access to Zabbix Frontend. To perform the attack, SAML authentication is required to be enabled and the actor has to know the username of Zabbix user (or use the guest account, which is disabled by default). 2022-01-13 not yet calculated CVE-2022-23131
MISC
zabbix — zabbix
 
During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix] folder. In this case, Zabbix Proxy or Server processes can bypass file read, write and execute permissions check on the file system level 2022-01-13 not yet calculated CVE-2022-23132
MISC
zabbix — zabbix
 
An authenticated user can create a hosts group from the configuration with XSS payload, which will be available for other users. When XSS is stored by an authenticated malicious actor and other users try to search for groups during new host creation, the XSS payload will fire and the actor can steal session cookies and perform session hijacking to impersonate users or take over their accounts. 2022-01-13 not yet calculated CVE-2022-23133
MISC
zabbix — zabbix
 
After the initial setup process, some steps of setup.php file are reachable not only by super-administrators, but by unauthenticated users as well. Malicious actor can pass step checks and potentially change the configuration of Zabbix Frontend. 2022-01-13 not yet calculated CVE-2022-23134
MISC
zoho — manageengine_0365_manager_plus
 
Zoho ManageEngine O365 Manager Plus before Build 4416 allows remote code execution via BCP file overwrite through the ChangeDBAPI component. 2022-01-12 not yet calculated CVE-2021-44652
MISC
zoho — manageengine_applications_manager
 
A vulnerability in the showReports module of Zoho ManageEngine Applications Manager before build 14550 allows authenticated attackers to execute a SQL injection via a crafted request. 2022-01-10 not yet calculated CVE-2020-28679
MISC
zoho — manageengine_cloudsecurityplus
 
Zoho ManageEngine CloudSecurityPlus before Build 4117 allows remote code execution through the updatePersonalizeSettings component due to an improper security patch for CVE-2021-40175. 2022-01-12 not yet calculated CVE-2021-44651
MISC
zoho — mangeengine_m365_manager_plus
 
Zoho ManageEngine M365 Manager Plus before Build 4419 allows remote command execution when updating proxy settings through the Admin ProxySettings and Tenant ProxySettings components. 2022-01-12 not yet calculated CVE-2021-44650
MISC

Back to top

This product is provided subject to this Notification and this Privacy & Use policy.

Original release date: January 10, 2022

 

High Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
beyondtrust — appliance_base_software BeyondTrust Secure Remote Access Base Software through 6.0.1 allows an attacker to achieve full admin access to the appliance, by tricking the administrator into creating a new admin account through an XSS/CSRF attack involving a crafted request to the /appliance/users?action=edit endpoint. This cross-site-scripting (XSS) vulnerability occurs when it does not properly sanitize an unauthenticated crafted web request to the server 2022-01-05 9.3 CVE-2021-31589
MISC
MISC
MISC
sun_moon_jingyao — network_computer_terminal_protection_system_firmware The server-request receiver function of Shockwall system has an improper authentication vulnerability. An authenticated attacker of an agent computer within the local area network can use the local registry information to launch server-side request forgery (SSRF) attack on another agent computer, resulting in arbitrary code execution for controlling the system or disrupting service. 2022-01-03 7.7 CVE-2021-45917
CONFIRM
transloadit — uppy uppy is vulnerable to Server-Side Request Forgery (SSRF) 2022-01-04 7.5 CVE-2022-0086
MISC
CONFIRM

Back to top

 

Medium Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
artifex — ghostscript Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp). 2022-01-01 4.3 CVE-2021-45944
MISC
MISC
DEBIAN
artifex — ghostscript Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp). 2022-01-01 4.3 CVE-2021-45949
MISC
MISC
MISC
DEBIAN
assimp — assimp Open Asset Import Library (aka assimp) 5.1.0 and 5.1.1 has a heap-based buffer overflow in _m3d_safestr (called from m3d_load and Assimp::M3DWrapper::M3DWrapper). 2022-01-01 4.3 CVE-2021-45948
MISC
MISC
asus — rt-ac52u_b1_firmware Invalid input sanitizing leads to reflected Cross Site Scripting (XSS) in ASUS RT-AC52U_B1 3.0.0.4.380.10931 can lead to a user session hijack. 2022-01-03 4.3 CVE-2021-46109
MISC
atlassian — jira_server_and_data_center Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Reflected Cross-Site Scripting (XSS) vulnerability in the /rest/collectors/1.0/template/custom endpoint. To exploit this issue, the attacker must trick a user into visiting a malicious website. The affected versions are before version 8.13.15, and from version 8.14.0 before 8.20.3. 2022-01-04 4.3 CVE-2021-43942
MISC
booking_calendar_project — booking_calendar The Booking Calendar WordPress plugin before 8.9.2 does not sanitise and escape the booking_type parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting 2022-01-03 4.3 CVE-2021-25040
MISC
daybydaycrm — daybyday_crm In Daybyday CRM, versions 1.1 through 2.2.0 enforce weak password requirements in the user update functionality. A user with privileges to update his password could change it to a weak password, such as those with a length of a single character. This may allow an attacker to brute-force users’ passwords with minimal to no computational effort. 2022-01-05 4 CVE-2022-22110
CONFIRM
MISC
daybydaycrm — daybyday_crm In DayByDay CRM, version 2.2.0 is vulnerable to missing authorization. Any application user in the application who has update user permission enabled is able to change the password of other users, including the administrator’s. This allows the attacker to gain access to the highest privileged user in the application. 2022-01-05 6.5 CVE-2022-22111
CONFIRM
MISC
daybydaycrm — daybyday_crm In Daybyday CRM, versions 2.0.0 through 2.2.0 are vulnerable to Missing Authorization. An attacker that has the lowest privileges account (employee type user), can view the absences of all users in the system including administrators. This type of user is not authorized to view this kind of information. 2022-01-05 4 CVE-2022-22108
CONFIRM
MISC
daybydaycrm — daybyday_crm In Daybyday CRM, versions 2.0.0 through 2.2.0 are vulnerable to Missing Authorization. An attacker that has the lowest privileges account (employee type user), can view the appointments of all users in the system including administrators. However, this type of user is not authorized to view the calendar at all. 2022-01-05 4 CVE-2022-22107
CONFIRM
MISC
dhrystone_project — dhrystone A NULL pointer dereference in the main() function dhry_1.c of dhrystone 2.1 causes a denial of service (DoS). 2022-01-03 5 CVE-2020-23026
MISC
dmproadmap_project — dmproadmap DMP Roadmap before 3.0.4 allows XSS. 2022-01-01 4.3 CVE-2021-44896
MISC
MISC
MISC
fluxbb — fluxbb Fluxbb v1.4.12 is affected by a Cross Site Scripting (XSS) vulnerability. 2022-01-04 4.3 CVE-2021-43677
MISC
MISC
geminilabs — site_reviews The Site Reviews WordPress plugin before 5.17.3 does not sanitise and escape the site-reviews parameter of the glsr_action AJAX action (available to unauthenticated and any authenticated users), allowing them to perform Cross-Site Scripting attacks against logged in admins viewing the Tool dashboard of the plugin 2022-01-03 4.3 CVE-2021-24973
CONFIRM
MISC
github_readme_stats_project — github_readme_stats Github Read Me Stats commit 3c7220e4f7144f6cb068fd433c774f6db47ccb95 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the function renderError. 2022-01-06 4.3 CVE-2020-23986
MISC
gpac — gpac A Null Pointer Dereference vulnerability exitgs in GPAC 1.0.1 in MP4Box via __strlen_avx2, which causes a Denial of Service. 2022-01-05 4.3 CVE-2021-45831
MISC
gpac — gpac A Pointer Dereference vulnerability exists in GPAC 1.0.1 in unlink_chunk.isra, which causes a Denial of Service (context-dependent). 2022-01-05 4.3 CVE-2021-46038
MISC
ideabox — powerpack_addons_for_elementor The PowerPack Addons for Elementor WordPress plugin before 2.6.2 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting issue 2022-01-03 4.3 CVE-2021-25027
CONFIRM
MISC
premio — chaty The Chaty WordPress plugin before 2.8.3 and Chaty Pro WordPress plugin before 2.8.2 do not sanitise and escape the search parameter before outputting it back in the admin dashboard, leading to a Reflected Cross-Site Scripting 2022-01-03 4.3 CVE-2021-25016
MISC
updraftplus — updraftplus The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.16.66 does not sanitise and escape the backup_timestamp and job_id parameter before outputting then back in admin pages, leading to Reflected Cross-Site Scripting issues 2022-01-03 4.3 CVE-2021-25022
CONFIRM
CONFIRM
MISC
uwebsockets_project — uwebsockets uWebSockets 19.0.0 through 20.8.0 has an out-of-bounds write in std::__1::pair<unsigned int, void*> uWS::HttpParser::fenceAndConsumePostPadded<0 (called from uWS::HttpParser::consumePostPadded and std::__1::__function::__func<LLVMFuzzerTestOneInput::$_0, std::__1::allocator<LL). 2022-01-01 4.3 CVE-2021-45945
MISC
MISC
MISC
vim — vim vim is vulnerable to Use After Free 2021-12-31 6.8 CVE-2021-4192
CONFIRM
MISC
vim — vim vim is vulnerable to Out-of-bounds Read 2021-12-31 4.3 CVE-2021-4193
MISC
CONFIRM
vmware — cloud_foundation VMware ESXi (7.0, 6.7 before ESXi670-202111101-SG and 6.5 before ESXi650-202110101-SG), VMware Workstation (16.2.0) and VMware Fusion (12.2.0) contains a heap-overflow vulnerability in CD-ROM device emulation. A malicious actor with access to a virtual machine with CD-ROM device emulation may be able to exploit this vulnerability in conjunction with other issues to execute code on the hypervisor from a virtual machine. 2022-01-04 6.9 CVE-2021-22045
MISC
MISC
MISC
wasm3_project — wasm3 Wasm3 0.5.0 has an out-of-bounds write in CompileBlock (called from CompileElseBlock and Compile_If). 2022-01-01 4.3 CVE-2021-45929
MISC
MISC
wasm3_project — wasm3 Wasm3 0.5.0 has an out-of-bounds write in CompileBlock (called from Compile_LoopOrBlock and CompileBlockStatements). 2022-01-01 4.3 CVE-2021-45946
MISC
MISC
wasm3_project — wasm3 Wasm3 0.5.0 has an out-of-bounds write in Runtime_Release (called from EvaluateExpression and InitDataSegments). 2022-01-01 4.3 CVE-2021-45947
MISC
MISC

Back to top

 

Low Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
bludit — bludit A Stored Cross Site Scripting (XSS) vulnerability exists in Bludit 3.13.1 via the About Plugin in login panel. 2022-01-06 3.5 CVE-2021-45745
MISC
MISC
bludit — bludit A Stored Cross Site Scripting (XSS) vulnerability exists in bludit 3.13.1 via the TAGS section in login panel. 2022-01-06 3.5 CVE-2021-45744
MISC
MISC
booster — booster_for_woocommerce The Booster for WooCommerce WordPress plugin before 5.4.9 does not sanitise and escape the wcj_create_products_xml_result parameter before outputting back in the admin dashboard when the Product XML Feeds module is enabled, leading to a Reflected Cross-Site Scripting issue 2022-01-03 2.6 CVE-2021-25001
MISC
booster — booster_for_woocommerce The Booster for WooCommerce WordPress plugin before 5.4.9 does not sanitise and escape the wcj_delete_role parameter before outputting back in the admin dashboard when the General module is enabled, leading to a Reflected Cross-Site Scripting issue 2022-01-03 2.6 CVE-2021-25000
MISC
booster — booster_for_woocommerce The Booster for WooCommerce WordPress plugin before 5.4.9 does not sanitise and escape the wcj_notice parameter before outputting it back in the admin dashboard when the Pdf Invoicing module is enabled, leading to a Reflected Cross-Site Scripting 2022-01-03 2.6 CVE-2021-24999
MISC
convos — convos Convos is an open source multi-user chat that runs in a web browser. Characters starting with “https://” in the chat window create an <a> tag. Stored XSS vulnerability using onfocus and autofocus occurs because escaping exists for “<” or “>” but escaping for double quotes does not exist. Through this vulnerability, an attacker is capable to execute malicious scripts. Users are advised to update as soon as possible. 2022-01-04 3.5 CVE-2022-21649
CONFIRM
MISC
MISC
MISC
daybydaycrm — daybyday_crm In Daybyday CRM, version 2.2.0 is vulnerable to Stored Cross-Site Scripting (XSS) vulnerability that allows low privileged application users to store malicious scripts in the title field of new tasks. These scripts are executed in a victim’s browser when they open the “/tasks” page to view all the tasks. 2022-01-05 3.5 CVE-2022-22109
MISC
CONFIRM
litespeedtech — litespeed_cache The LiteSpeed Cache WordPress plugin before 4.4.4 does not escape the qc_res parameter before outputting it back in the JS code of an admin page, leading to a Reflected Cross-Site Scripting 2022-01-03 3.5 CVE-2021-24963
CONFIRM
MISC
litespeedtech — litespeed_cache The LiteSpeed Cache WordPress plugin before 4.4.4 does not properly verify that requests are coming from QUIC.cloud servers, allowing attackers to make requests to certain endpoints by using a specific X-Forwarded-For header value. In addition, one of the endpoint could be used to set CSS code if a setting is enabled, which will then be output in some pages without being sanitised and escaped. Combining those two issues, an unauthenticated attacker could put Cross-Site Scripting payloads in pages visited by users. 2022-01-03 2.6 CVE-2021-24964
MISC
mlcalc — mortgage_calculator\/loan_calculator The Mortgage Calculator / Loan Calculator WordPress plugin before 1.5.17 does not escape the some of the attributes of its mlcalc shortcode before outputting them, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks 2022-01-03 3.5 CVE-2021-24828
MISC
oroinc — oroplatform OroPlatform is a PHP Business Application Platform. In affected versions the email template preview is vulnerable to XSS payload added to email template content. An attacker must have permission to create or edit an email template. For successful payload, execution the attacked user must preview a vulnerable email template. There are no workarounds that address this vulnerability. Users are advised to upgrade as soon as is possible. 2022-01-04 3.5 CVE-2021-41236
CONFIRM
MISC
vehicle_service_management_system_project — vehicle_service_management_system A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Mechanic List Section in login panel. 2022-01-06 3.5 CVE-2021-46069
MISC
MISC
vehicle_service_management_system_project — vehicle_service_management_system A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service List Section in login panel. 2022-01-06 3.5 CVE-2021-46072
MISC
MISC
vehicle_service_management_system_project — vehicle_service_management_system A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service Requests Section in login panel. 2022-01-06 3.5 CVE-2021-46070
MISC
MISC
vehicle_service_management_system_project — vehicle_service_management_system A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the My Account Section in login panel. 2022-01-06 3.5 CVE-2021-46068
MISC
MISC
wpovernight — woocommerce_pdf_invoices\&_packing_slips The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 2.10.5 does not escape the tab and section parameters before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting in the admin dashboard 2022-01-03 3.5 CVE-2021-24991
MISC
wptravelengine — wp_travel_engine The WP Travel Engine WordPress plugin before 5.3.1 does not escape the Description field in the Trip Destination/Activities/Trip Type and Pricing Category pages, allowing users with a role as low as editor to perform Stored Cross-Site Scripting attacks, even when the unfiltered_html capability is disallowed 2022-01-03 3.5 CVE-2021-24680
MISC

Back to top

 

Severity Not Yet Assigned

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
harmonyos — mobile_devices HwPCAssistant has a Path Traversal vulnerability .Successful exploitation of this vulnerability may write any file. 2022-01-03 not yet calculated CVE-2021-37128
MISC
alpine — linux
 
The zabbix-agent2 package before 5.4.9-r1 for Alpine Linux sometimes allows privilege escalation to root because the design incorrectly expected that systemd would (in effect) determine part of the configuration. 2022-01-06 not yet calculated CVE-2022-22704
MISC
apache — avro
 
A vulnerability in the .NET SDK of Apache Avro allows an attacker to allocate excessive resources, potentially causing a denial-of-service attack. This issue affects .NET applications using Apache Avro version 1.10.2 and prior versions. Users should update to version 1.11.0 which addresses this issue. 2022-01-06 not yet calculated CVE-2021-43045
CONFIRM
MLIST
apache — geode
 
Apache Geode versions up to 1.12.4 and 1.13.4 are vulnerable to a log file redaction of sensitive information flaw when using values that begin with characters other than letters or numbers for passwords and security properties with the prefix “sysprop-“, “javax.net.ssl”, or “security-“. This issue is fixed by overhauling the log file redaction in Apache Geode versions 1.12.5, 1.13.5, and 1.14.0. 2022-01-04 not yet calculated CVE-2021-34797
MISC
MISC
apache — james
 
Apache James ManagedSieve implementation alongside with the file storage for sieve scripts is vulnerable to path traversal, allowing reading and writing any file. This vulnerability had been patched in Apache James 3.6.1 and higher. We recommend the upgrade. Distributed and Cassandra based products are also not impacted. 2022-01-04 not yet calculated CVE-2021-40525
MISC
MLIST
apache — james
 
In Apache James, while fuzzing with Jazzer the IMAP parsing stack, we discover that crafted APPEND and STATUS IMAP command could be used to trigger infinite loops resulting in expensive CPU computations and OutOfMemory exceptions. This can be used for a Denial Of Service attack. The IMAP user needs to be authenticated to exploit this vulnerability. This affected Apache James prior to version 3.6.1. This vulnerability had been patched in Apache James 3.6.1 and higher. We recommend the upgrade. 2022-01-04 not yet calculated CVE-2021-40111
MISC
MLIST
apache — james
 
In Apache James, using Jazzer fuzzer, we identified that an IMAP user can craft IMAP LIST commands to orchestrate a Denial Of Service using a vulnerable Regular expression. This affected Apache James prior to 3.6.1 We recommend upgrading to Apache James 3.6.1 or higher , which enforce the use of RE2J regular expression engine to execute regex in linear time without back-tracking. 2022-01-04 not yet calculated CVE-2021-40110
MISC
MLIST
apache — james
 
Apache James prior to release 3.6.1 is vulnerable to a buffering attack relying on the use of the STARTTLS command. This can result in Man-in -the-middle command injection attacks, leading potentially to leakage of sensible information. 2022-01-04 not yet calculated CVE-2021-38542
MISC
MLIST
apache — kylin In Apache Kylin, Cross-origin requests with credentials are allowed to be sent from any origin. This issue affects Apache Kylin 2 version 2.6.6 and prior versions; Apache Kylin 3 version 3.1.2 and prior versions; Apache Kylin 4 version 4.0.0 and prior versions. 2022-01-06 not yet calculated CVE-2021-45457
MISC
MLIST
apache — kylin
 
All request mappings in `StreamingCoordinatorController.java` handling `/kylin/api/streaming_coordinator/*` REST API endpoints did not include any security checks, which allowed an unauthenticated user to issue arbitrary requests, such as assigning/unassigning of streaming cubes, creation/modification and deletion of replica sets, to the Kylin Coordinator. For endpoints accepting node details in HTTP message body, unauthenticated (but limited) server-side request forgery (SSRF) can be achieved. This issue affects Apache Kylin Apache Kylin 3 versions prior to 3.1.2. 2022-01-06 not yet calculated CVE-2021-27738
MISC
MLIST
apache — kylin
 
Apache kylin checks the legitimacy of the project before executing some commands with the project name passed in by the user. There is a mismatch between what is being checked and what is being used as the shell command argument in DiagnosisService. This may cause an illegal project name to pass the check and perform the following steps, resulting in a command injection vulnerability. This issue affects Apache Kylin 4.0.0. 2022-01-06 not yet calculated CVE-2021-45456
MISC
MLIST
apache — kylin
 
Kylin can receive user input and load any class through Class.forName(…). This issue affects Apache Kylin 2 version 2.6.6 and prior versions; Apache Kylin 3 version 3.1.2 and prior versions; Apache Kylin 4 version 4.0.0 and prior versions. 2022-01-06 not yet calculated CVE-2021-31522
MISC
MLIST
apache — kylin
 
Apache Kylin provides encryption classes PasswordPlaceholderConfigurer to help users encrypt their passwords. In the encryption algorithm used by this encryption class, the cipher is initialized with a hardcoded key and IV. If users use class PasswordPlaceholderConfigurer to encrypt their password and configure it into kylin’s configuration file, there is a risk that the password may be decrypted. This issue affects Apache Kylin 2 version 2.6.6 and prior versions; Apache Kylin 3 version 3.1.2 and prior versions; Apache Kylin 4 version 4.0.0 and prior versions. 2022-01-06 not yet calculated CVE-2021-45458
MISC
MLIST
MLIST
apache — kylin
 
Apache Kylin allows users to read data from other database systems using JDBC. The MySQL JDBC driver supports certain properties, which, if left unmitigated, can allow an attacker to execute arbitrary code from a hacker-controlled malicious MySQL server within Kylin server processes. This issue affects Apache Kylin 2 version 2.6.6 and prior versions; Apache Kylin 3 version 3.1.2 and prior versions. 2022-01-06 not yet calculated CVE-2021-36774
MISC
MLIST
apache — pluto
 
The input fields of the Apache Pluto UrlTestPortlet are vulnerable to Cross-Site Scripting (XSS) attacks. Users should migrate to version 3.1.1 of the v3-demo-portlet.war artifact 2022-01-06 not yet calculated CVE-2021-36737
MISC
apache — pluto
 
The input fields in the JSP version of the Apache Pluto Applicant MVCBean CDI portlet are vulnerable to Cross-Site Scripting (XSS) attacks. Users should migrate to version 3.1.1 of the applicant-mvcbean-cdi-jsp-portlet.war artifact 2022-01-06 not yet calculated CVE-2021-36738
MISC
apache — pluto
 
The “first name” and “last name” fields of the Apache Pluto 3.1.0 MVCBean JSP portlet maven archetype are vulnerable to Cross-Site Scripting (XSS) attacks. 2022-01-06 not yet calculated CVE-2021-36739
MISC
asus — rt-ax56u_wi-fi_router
 
ASUS RT-AX56U Wi-Fi Router is vulnerable to stack-based buffer overflow due to improper validation for httpd parameter length. An authenticated local area network attacker can launch arbitrary code execution to control the system or disrupt service. 2022-01-03 not yet calculated CVE-2021-44158
CONFIRM
atalegacysmm — atalegacysmm
 
An issue was discovered in AtaLegacySmm in the kernel 5.0 before 05.08.46, 5.1 before 05.16.46, 5.2 before 05.26.46, 5.3 before 05.35.46, 5.4 before 05.43.46, and 5.5 before 05.51.45 in Insyde InsydeH2O. Code execution can occur because the SMI handler lacks a CommBuffer check. 2022-01-06 not yet calculated CVE-2021-41842
MISC
atlassian — jira_server
 
Affected versions of Atlassian Jira Server and Data Center allow remote attackers with administrator privileges to execute arbitrary code via a Remote Code Execution (RCE) vulnerability in the Email Templates feature. This issue bypasses the fix of https://jira.atlassian.com/browse/JSDSERVER-8665. The affected versions are before version 8.13.15, and from version 8.14.0 before 8.20.3. 2022-01-06 not yet calculated CVE-2021-43947
N/A
atlassian — jira_server
 
Affected versions of Atlassian Jira Server and Data Center allow authenticated remote attackers to add administrator groups to filter subscriptions via a Broken Access Control vulnerability in the /secure/EditSubscription.jspa endpoint. The affected versions are before version 8.21.0. 2022-01-05 not yet calculated CVE-2021-43946
MISC
bidriectional — unicode
 
Bidirectional Unicode text can be interpreted and compiled differently than how it appears in editors which can be exploited to get nefarious code passed a code review by appearing benign. An attacker could embed a source that is invisible to a code reviewer that modifies the behavior of a program in unexpected ways. 2022-01-05 not yet calculated CVE-2021-22567
MISC
MISC
bios — bios
 
A BIOS bug in firmware for a particular PC model leaves the Platform authorization value empty. This can be used to permanently brick the TPM in multiple ways, as well as to non-permanently DoS the system. 2022-01-03 not yet calculated CVE-2021-38576
MISC
bluetooth — bluetooth
 
In Bluetooth, there is a possible application crash due to bluetooth flooding a device with LMP_AU_rand packet. This could lead to remote denial of service of bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06198608; Issue ID: ALPS06198608. 2022-01-04 not yet calculated CVE-2022-20023
MISC
bluetooth — bluetooth
 
In Bluetooth, there is a possible link disconnection due to bluetooth does not properly handle a connection attempt from a host with the same BD address as the currently connected BT host. This could lead to remote denial of service of bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06198578; Issue ID: ALPS06198578. 2022-01-04 not yet calculated CVE-2022-20022
MISC
bluetooth — bluetooth
 
In Bluetooth, there is a possible application crash due to bluetooth does not properly handle the reception of multiple LMP_host_connection_req. This could lead to remote denial of service of bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06198513; Issue ID: ALPS06198513. 2022-01-04 not yet calculated CVE-2022-20021
MISC
bookstack — bookstack
 
bookstack is vulnerable to Improper Access Control 2022-01-06 not yet calculated CVE-2021-4194
CONFIRM
MISC
changlain — blocklist
 
Changlian Blocklist has a Business Logic Errors vulnerability .Successful exploitation of this vulnerability may expand the attack surface of the message class. 2022-01-03 not yet calculated CVE-2021-39968
MISC
codeigniter — codeigniter
 
CodeIgniter is an open source PHP full-stack web framework. Deserialization of Untrusted Data was found in the `old()` function in CodeIgniter4. Remote attackers may inject auto-loadable arbitrary objects with this vulnerability, and possibly execute existing PHP code on the server. We are aware of a working exploit, which can lead to SQL injection. Users are advised to upgrade to v4.1.6 or later. Users unable to upgrade as advised to not use the `old()` function and form_helper nor `RedirectResponse::withInput()` and `redirect()->withInput()`. 2022-01-04 not yet calculated CVE-2022-21647
MISC
CONFIRM
containerd — containerd
 
containerd is an open source container runtime. On installations using SELinux, such as EL8 (CentOS, RHEL), Fedora, or SUSE MicroOS, with containerd since v1.5.0-beta.0 as the backing container runtime interface (CRI), an unprivileged pod scheduled to the node may bind mount, via hostPath volume, any privileged, regular file on disk for complete read/write access (sans delete). Such is achieved by placing the in-container location of the hostPath volume mount at either `/etc/hosts`, `/etc/hostname`, or `/etc/resolv.conf`. These locations are being relabeled indiscriminately to match the container process-label which effectively elevates permissions for savvy containers that would not normally be able to access privileged host files. This issue has been resolved in version 1.5.9. Users are advised to upgrade as soon as possible. 2022-01-05 not yet calculated CVE-2021-43816
CONFIRM
MISC
MISC
MISC
controlup — real-time_agent
 
An unauthenticated Named Pipe channel in Controlup Real-Time Agent (cuAgent.exe) before 8.5 potentially allows an attacker to run OS commands via the ProcessActionRequest WCF method. 2022-01-04 not yet calculated CVE-2021-45912
MISC
MISC
controlup — real-time_agent
 
A hardcoded key in ControlUp Real-Time Agent (cuAgent.exe) before 8.2.5 may allow a potential attacker to run OS commands via a WCF channel. 2022-01-04 not yet calculated CVE-2021-45913
MISC
MISC
convos — convos
 
Convos is an open source multi-user chat that runs in a web browser. You can’t use SVG extension in Convos’ chat window, but you can upload a file with an .html extension. By uploading an SVG file with an html extension the upload filter can be bypassed. This causes Stored XSS. Also, after uploading a file the XSS attack is triggered upon a user viewing the file. Through this vulnerability, an attacker is capable to execute malicious scripts. Users are advised to update as soon as possible. 2022-01-04 not yet calculated CVE-2022-21650
CONFIRM
MISC
MISC
MISC
discourse — discourse
 
Discourse is an open source platform for community discussion. In affected versions admins users can trigger a Denial of Service attack via the `/message-bus/_diagnostics` path. The impact of this vulnerability is greater on multisite Discourse instances (where multiple forums are served from a single application server) where any admin user on any of the forums are able to visit the `/message-bus/_diagnostics` path. The problem has been patched. Please upgrade to 2.8.0.beta10 or 2.7.12. No workarounds for this issue exist. 2022-01-04 not yet calculated CVE-2021-43850
MISC
CONFIRM
discourse — discourse
 
Discourse is an open source platform for community discussion. In affected versions when composing a message from topic the composer user suggestions reveals whisper participants. The issue has been patched in stable version 2.7.13 and beta version 2.8.0.beta11. There is no workaround for this issue and users are advised to upgrade. 2022-01-05 not yet calculated CVE-2022-21642
MISC
CONFIRM
django — django
 
An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. Due to leveraging the Django Template Language’s variable resolution logic, the dictsort template filter was potentially vulnerable to information disclosure, or an unintended method call, if passed a suitably crafted key. 2022-01-05 not yet calculated CVE-2021-45116
MISC
MISC
CONFIRM
django — django
 
Storage.save in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1 allows directory traversal if crafted filenames are directly passed to it. 2022-01-05 not yet calculated CVE-2021-45452
MISC
MISC
CONFIRM
django — django
 
An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. UserAttributeSimilarityValidator incurred significant overhead in evaluating a submitted password that was artificially large in relation to the comparison values. In a situation where access to user registration was unrestricted, this provided a potential vector for a denial-of-service attack. 2022-01-05 not yet calculated CVE-2021-45115
MISC
MISC
CONFIRM
dolibarr — dolibarr
 
admin/limits.php in Dolibarr 7.0.2 allows HTML injection, as demonstrated by the MAIN_MAX_DECIMALS_TOT parameter. 2022-01-02 not yet calculated CVE-2022-22293
MISC
doprolog — doprolog
 
In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize. 2022-01-06 not yet calculated CVE-2021-46143
MISC
MISC
enc — datavault
 
ENC DataVault 7.1.1W uses an inappropriate encryption algorithm, such that an attacker (who does not know the secret key) can make ciphertext modifications that are reflected in modified plaintext. There is no data integrity mechanism. (This behavior occurs across USB drives sold under multiple brand names.) 2022-01-02 not yet calculated CVE-2021-36751
MISC
MISC
expat — expat
 
In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory). 2022-01-01 not yet calculated CVE-2021-45960
MISC
MISC
MISC
forge — forge
 
forge is vulnerable to URL Redirection to Untrusted Site 2022-01-06 not yet calculated CVE-2022-0122
MISC
CONFIRM
fortinet — fortimail
 
A exposure of sensitive information to an unauthorized actor in Fortinet FortiMail versions 6.0.9 and below, FortiMail versions 6.2.4 and below FortiMail versions 6.4.1 and 6.4.0 allows attacker to obtain potentially sensitive software-version information via client-side resources inspection. 2022-01-05 not yet calculated CVE-2020-15933
CONFIRM
fortinet — fortios
 
A download of code without integrity check vulnerability in the “execute restore src-vis” command of FortiOS before 7.0.3 may allow a local authenticated attacker to download arbitrary files on the device via specially crafted update packages. 2022-01-04 not yet calculated CVE-2021-44168
CONFIRM
foxit — pdf_reader Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary code via getURL in the JavaScript API. 2022-01-04 not yet calculated CVE-2021-45980
MISC
MISC
MISC
foxit — pdf_reader
 
Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary code via xfa.host.gotoURL in the XFA API. 2022-01-04 not yet calculated CVE-2021-45978
MISC
MISC
MISC
foxit — pdf_reader
 
Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary code via app.launchURL in the JavaScript API. 2022-01-04 not yet calculated CVE-2021-45979
MISC
MISC
MISC
giftrans — giftrans
 
The giftrans function in giftrans 1.12.2 contains a stack-based buffer overflow because a value inside the input file determines the amount of data to write. This allows an attacker to overwrite up to 250 bytes outside of the allocated buffer with arbitrary data. 2022-01-01 not yet calculated CVE-2021-45972
MISC
MISC
MISC
glpi — glpi
 
GLPI is an open source IT Asset Management, issue tracking system and service desk system. The GLPI addressing plugin in versions < 2.9.1 suffers from authenticated Remote Code Execution vulnerability, allowing access to the server’s underlying operating system using command injection abuse of functionality. There is no workaround for this issue and users are advised to upgrade or to disable the addressing plugin. 2022-01-05 not yet calculated CVE-2021-43779
MISC
CONFIRM
gpac — gpac A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1 via the finplace_shift_moov_meta_offsets function, which causes a Denial of Servie (context-dependent). 2022-01-06 not yet calculated CVE-2021-46040
MISC
gpac — gpac A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the _fseeko function, which causes a Denial of Service. 2022-01-06 not yet calculated CVE-2021-46042
MISC
gpac — gpac
 
A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1via ShiftMetaOffset.isra, which causes a Denial of Service (context-dependent). 2022-01-06 not yet calculated CVE-2021-46044
MISC
gpac — gpac
 
A Segmentation Fault Vulnerability exists in GPAC 1.0.1 via the co64_box_new function, which causes a Denial of Service. 2022-01-06 not yet calculated CVE-2021-46041
MISC
gpac — gpac
 
A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1 via the shift_chunk_offsets.part function, which causes a Denial of Service (context-dependent). 2022-01-06 not yet calculated CVE-2021-46039
MISC
gpac — gpac
 
A Pointer Dereference Vulnerability exits in GPAC 1.0.1 in the gf_list_count function, which causes a Denial of Service. 2022-01-06 not yet calculated CVE-2021-46043
MISC
harmonyos — mobile_devices HwPCAssistant has a Improper Input Validation vulnerability.Successful exploitation of this vulnerability may create any file with the system app permission. 2022-01-03 not yet calculated CVE-2021-39970
MISC
harmonyos — mobile_devices There is an Uninitialized AOD driver structure in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality. 2022-01-03 not yet calculated CVE-2021-39966
MISC
MISC
harmonyos — mobile_devices Chang Lian application has a vulnerability which can be maliciously exploited to hide the calling number.Successful exploitation of this vulnerability allows you to make an anonymous call. 2022-01-03 not yet calculated CVE-2021-39981
MISC
harmonyos — mobile_devices The HwNearbyMain module has a NULL Pointer Dereference vulnerability.Successful exploitation of this vulnerability may cause a process to restart. 2022-01-03 not yet calculated CVE-2021-39988
MISC
harmonyos — mobile_devices

 

Arbitrary file has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability .Successful exploitation of this vulnerability may cause confidentiality is affected. 2022-01-03 not yet calculated CVE-2021-37125
MISC
harmonyos — mobile_devices

 

There is a Configuration defects in Smartphone.Successful exploitation of this vulnerability may elevate the MEID (IMEI) permission. 2022-01-03 not yet calculated CVE-2021-37121
MISC
harmonyos — mobile_devices

 

There is an Out-of-bounds read vulnerability in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. 2022-01-03 not yet calculated CVE-2021-37114
MISC
MISC
harmonyos — mobile_devices

 

Arbitrary file has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability .Successful exploitation of this vulnerability may cause the directory is traversed. 2022-01-03 not yet calculated CVE-2021-37126
MISC
harmonyos — mobile_devices

 

There is a Memory leakage vulnerability in Smartphone.Successful exploitation of this vulnerability may cause memory exhaustion. 2022-01-03 not yet calculated CVE-2021-37111
MISC
MISC
harmonyos — mobile_devices

 

PCManager has a Weaknesses Introduced During Design vulnerability .Successful exploitation of this vulnerability may cause that the PIN of the subscriber is changed. 2022-01-03 not yet calculated CVE-2021-37116
MISC
harmonyos — mobile_devices
 
There is a Vulnerability of obtaining broadcast information improperly due to improper broadcast permission settings in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality. 2022-01-03 not yet calculated CVE-2021-39967
MISC
MISC
harmonyos — mobile_devices
 
There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality. 2022-01-03 not yet calculated CVE-2021-39969
MISC
MISC
harmonyos — mobile_devices
 
The HwNearbyMain module has a Improper Validation of Array Index vulnerability.Successful exploitation of this vulnerability may cause a process to restart. 2022-01-03 not yet calculated CVE-2021-39985
MISC
harmonyos — mobile_devices
 
There is a Null pointer dereference in Smartphones.Successful exploitation of this vulnerability may cause the kernel to break down. 2022-01-03 not yet calculated CVE-2021-39973
MISC
MISC
harmonyos — mobile_devices
 
Password vault has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability could compromise confidentiality. 2022-01-03 not yet calculated CVE-2021-39971
MISC
harmonyos — mobile_devices
 
There is an Out-of-bounds read in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality. 2022-01-03 not yet calculated CVE-2021-39974
MISC
MISC
harmonyos — mobile_devices
 
The screen lock module has a Stack-based Buffer Overflow vulnerability.Successful exploitation of this vulnerability may affect user experience. 2022-01-03 not yet calculated CVE-2021-39990
MISC
harmonyos — mobile_devices
 
The HwNearbyMain module has a NULL Pointer Dereference vulnerability.Successful exploitation of this vulnerability may cause a process to restart. 2022-01-03 not yet calculated CVE-2021-39977
MISC
harmonyos — mobile_devices
 
The HwNearbyMain module has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability may cause a process to restart. 2022-01-03 not yet calculated CVE-2021-39989
MISC
harmonyos — mobile_devices
 
HHEE system has a Code Injection vulnerability.Successful exploitation of this vulnerability may affect HHEE system integrity. 2022-01-03 not yet calculated CVE-2021-39979
MISC
harmonyos — mobile_devices
 
Telephony application has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could lead to sensitive information disclosure. 2022-01-03 not yet calculated CVE-2021-39980
MISC
harmonyos — mobile_devices
 
Phone Manager application has a Improper Privilege Management vulnerability.Successful exploitation of this vulnerability may read and write arbitrary files by tampering with Phone Manager notifications. 2022-01-03 not yet calculated CVE-2021-39982
MISC
harmonyos — mobile_devices
 
The HwNearbyMain module has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause a process to restart. 2022-01-03 not yet calculated CVE-2021-39983
MISC
harmonyos — mobile_devices
 
Telephony application has a SQL Injection vulnerability.Successful exploitation of this vulnerability may cause privacy and security issues. 2022-01-03 not yet calculated CVE-2021-39978
MISC
harmonyos — mobile_devices
 
There is a Double free vulnerability in Smartphone.Successful exploitation of this vulnerability may cause a kernel crash or privilege escalation. 2022-01-03 not yet calculated CVE-2021-37120
MISC
harmonyos — mobile_devices
 
Location-related APIs exists a Race Condition vulnerability.Successful exploitation of this vulnerability may use Higher Permissions for invoking the interface of location-related components. 2022-01-03 not yet calculated CVE-2021-37134
MISC
harmonyos — mobile_devices
 
There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS. 2022-01-03 not yet calculated CVE-2021-37119
MISC
MISC
harmonyos — mobile_devices
 
There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality. 2022-01-03 not yet calculated CVE-2021-37133
MISC
MISC
harmonyos — mobile_devices
 
There is a Timing design defects in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. 2022-01-03 not yet calculated CVE-2021-37110
MISC
MISC
harmonyos — mobile_devices
 
Hisuite module has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability may lead to Firmware leak. 2022-01-03 not yet calculated CVE-2021-37112
MISC
harmonyos — mobile_devices
 
There is a Privilege escalation vulnerability with the file system component in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. 2022-01-03 not yet calculated CVE-2021-37113
MISC
MISC
harmonyos — mobile_devices
 
There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS. 2022-01-03 not yet calculated CVE-2021-37117
MISC
MISC
harmonyos — mobile_devices
 
The HwNearbyMain module has a Improper Handling of Exceptional Conditions vulnerability.Successful exploitation of this vulnerability may lead to message leak. 2022-01-03 not yet calculated CVE-2021-37118
MISC
harmonyos — mobile_devices
 
The HwNearbyMain module has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause a process to restart. 2022-01-03 not yet calculated CVE-2021-39987
MISC
harmonyos — mobile_devices
 
PackageManagerService has a Permissions, Privileges, and Access Controls vulnerability .Successful exploitation of this vulnerability may cause that Third-party apps can obtain the complete list of Harmony apps without permission. 2022-01-03 not yet calculated CVE-2021-37132
MISC
hdf5 — hdf5 A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in /hdf5/src/H5Fint.c, which could cause a Denial of Service. 2022-01-05 not yet calculated CVE-2021-45830
MISC
hdf5 — hdf5
 
A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 via the H5D__create_chunk_file_map_hyper function in /hdf5/src/H5Dchunk.c, which causes a Denial of Service (context-dependent). 2022-01-05 not yet calculated CVE-2021-45833
MISC
hdf5 — hdf5
 
A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 at at hdf5/src/H5Eint.c, which causes a Denial of Service (context-dependent). 2022-01-05 not yet calculated CVE-2021-45832
MISC
hdf5 — hdf5
 
HDF5 1.13.1-1 is affected by: segmentation fault, which causes a Denial of Service. 2022-01-03 not yet calculated CVE-2021-45829
MISC
hilinksvc — hilinksvc
 
Hilinksvc has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause denial of service attacks. 2022-01-03 not yet calculated CVE-2021-39975
MISC
hilinksvc — hilinksvc
 
Hilinksvc service exists a Data Processing Errors vulnerability .Successful exploitation of this vulnerability may cause application crash. 2022-01-03 not yet calculated CVE-2021-37098
MISC
honda — civic_2012
 
The keyfob subsystem in Honda Civic 2012 vehicles allows a replay attack for unlocking. This is related to a non-expiring rolling code and counter resynchronization. 2022-01-06 not yet calculated CVE-2021-46145
MISC
MISC
MISC
MISC
hoppscotch — hoppscotch
 
hoppscotch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor 2022-01-06 not yet calculated CVE-2022-0121
CONFIRM
MISC
huawei — idap
 
Huawei idap module has a Out-of-bounds Read vulnerability.Successful exploitation of this vulnerability may cause Denial of Service. 2022-01-03 not yet calculated CVE-2021-39984
MISC
huawei — myhuawei_app
 
MyHuawei-App has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could compromise confidentiality. 2022-01-03 not yet calculated CVE-2021-39972
MISC
ibm — powervm_hypervisor
 
IBM PowerVM Hypervisor FW860, FW940, FW950, and FW1010, through a specific sequence of VM management operations could lead to a violation of the isolation between peer VMs. IBM X-Force ID: 210019. 2022-01-05 not yet calculated CVE-2021-38918
CONFIRM
XF
index.php — index.php
 
Cross-site scripting (XSS) vulnerability in index.php in emlog version <= pro-1.0.7 allows remote attackers to inject arbitrary web script or HTML via the s parameter. 2022-01-06 not yet calculated CVE-2021-44584
MISC
MISC
insta_hms — insta_hms
 
Insta HMS before 12.4.10 is vulnerable to XSS because of improper validation of user-supplied input by multiple scripts. A remote attacker could exploit this vulnerability via a crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials. 2022-01-06 not yet calculated CVE-2021-42841
MISC
insyde — insydeh20 An issue was discovered in SdHostDriver in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer (CommBufferData). 2022-01-06 not yet calculated CVE-2021-45971
MISC
insyde — insydeh20
 
An issue was discovered in SdLegacySmm in Insyde InsydeH2O with kernel 5.1 before 05.15.11, 5.2 before 05.25.11, 5.3 before 05.34.11, and 5.4 before 05.42.11. The software SMI handler allows untrusted external input because it does not verify CommBuffer. 2022-01-05 not yet calculated CVE-2020-5956
MISC
insyde — insydeh20
 
An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer (the CommBuffer+8 location). 2022-01-05 not yet calculated CVE-2021-45969
MISC
insyde — insydeh20
 
An issue was discovered in IdeBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer (the status code saved at the CommBuffer+4 location). 2022-01-05 not yet calculated CVE-2021-45970
MISC
jawn — jawn
 
Jawn is an open source JSON parser. Extenders of the `org.typelevel.jawn.SimpleFacade` and `org.typelevel.jawn.MutableFacade` who don’t override `objectContext()` are vulnerable to a hash collision attack which may result in a denial of service. Most applications do not implement these traits directly, but inherit from a library. `jawn-parser-1.3.1` fixes this issue and users are advised to upgrade. For users unable to upgrade override `objectContext()` to use a collision-safe collection. 2022-01-05 not yet calculated CVE-2022-21653
MISC
CONFIRM
kd_camera — hw_driver
 
In kd_camera_hw driver, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05862966; Issue ID: ALPS05862966. 2022-01-04 not yet calculated CVE-2022-20015
MISC
konica_minolta — bizhub Improper handling of exceptional conditions vulnerability in KONICA MINOLTA bizhub series (bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhub 750i/650i/550i/450i G00-37 and earlier, bizhub 360i/300i G00-33 and earlier, bizhub C287i/C257i/C227i G00-19 and earlier, bizhub 306i/266i/246i/226i G00-B6 and earlier, bizhub C759/C659 GC7-X8 and earlier, bizhub C658/C558/C458 GC7-X8 and earlier, bizhub 958/808/758 GC7-X8 and earlier, bizhub 658e/558e/458e GC7-X8 and earlier, bizhub C287/C227 GC7-X8 and earlier, bizhub 287/227 GC7-X8 and earlier, bizhub 368e/308e GC7-X8 and earlier, bizhub C368/C308/C258 GC9-X4 and earlier, bizhub 558/458/368/308 GC9-X4 and earlier, bizhub C754e/C654e GDQ-M0 and earlier, bizhub 754e/654e GDQ-M0 and earlier, bizhub C554e/C454e GDQ-M1 and earlier, bizhub C364e/C284e/C224e GDQ-M1 and earlier, bizhub 554e/454e/364e/284e/224e GDQ-M1 and earlier, bizhub C754/C654 C554/C454 GR1-M0 and earlier, bizhub C364/C284/C224 GR1-M0 and earlier, bizhub 754/654 GR1-M0 and earlier, bizhub C4050i/C3350i/C4000i/C3300i G00-B6 and earlier, bizhub C3320i G00-B6 and earlier, bizhub 4750i/4050i G00-22 and earlier, bizhub 4700i G00-22 and earlier, bizhub C3851FS/C3851/C3351 GC9-X4 and earlier, bizhub 4752/4052 GC9-X4 and earlier, bizhub C3850/C3350/3850FS, bizhub 4750/4050, bizhub C3110, bizhub C3100P) allows a physical attacker to obtain unsent scanned image data when scanned data transmission is stopped due to the network error by ejecting a HDD before the scan job times out. 2022-01-04 not yet calculated CVE-2021-20870
MISC
MISC
MISC
MISC
konica_minolta — bizhub Protection mechanism failure vulnerability in KONICA MINOLTA bizhub series (bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhub 750i/650i/550i/450i G00-37 and earlier, bizhub 360i/300i G00-33 and earlier, bizhub C287i/C257i/C227i G00-19 and earlier, bizhub 306i/266i/246i/226i G00-B6 and earlier, bizhub C759/C659 GC7-X8 and earlier, bizhub C658/C558/C458 GC7-X8 and earlier, bizhub 958/808/758 GC7-X8 and earlier, bizhub 658e/558e/458e GC7-X8 and earlier, bizhub C287/C227 GC7-X8 and earlier, bizhub 287/227 GC7-X8 and earlier, bizhub 368e/308e GC7-X8 and earlier, bizhub C368/C308/C258 GC9-X4 and earlier, bizhub 558/458/368/308 GC9-X4 and earlier, bizhub C754e/C654e GDQ-M0 and earlier, bizhub 754e/654e GDQ-M0 and earlier, bizhub C554e/C454e GDQ-M1 and earlier, bizhub C364e/C284e/C224e GDQ-M1 and earlier, bizhub 554e/454e/364e/284e/224e GDQ-M1 and earlier, bizhub C754/C654 C554/C454 GR1-M0 and earlier, bizhub C364/C284/C224 GR1-M0 and earlier, bizhub 754/654 GR1-M0 and earlier, bizhub C3851FS/C3851/C3351 GC9-X4 and earlier, bizhub 4752/4052 GC9-X4 and earlier) allows a physical attacker to bypass the firmware integrity verification and to install malicious firmware. 2022-01-04 not yet calculated CVE-2021-20872
MISC
MISC
MISC
MISC
konica_minolta — bizhub
 
Exposure of sensitive information to an unauthorized actor vulnerability in KONICA MINOLTA bizhub series (bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhub 750i/650i/550i/450i G00-37 and earlier, bizhub 360i/300i G00-33 and earlier, bizhub C287i/C257i/C227i G00-19 and earlier, bizhub 306i/266i/246i/226i G00-B6 and earlier, bizhub C759/C659 GC7-X8 and earlier, bizhub C658/C558/C458 GC7-X8 and earlier, bizhub 958/808/758 GC7-X8 and earlier, bizhub 658e/558e/458e GC7-X8 and earlier, bizhub C287/C227 GC7-X8 and earlier, bizhub 287/227 GC7-X8 and earlier, bizhub 368e/308e GC7-X8 and earlier, bizhub C368/C308/C258 GC9-X4 and earlier, bizhub 558/458/368/308 GC9-X4 and earlier, bizhub C754e/C654e GDQ-M0 and earlier, bizhub 754e/654e GDQ-M0 and earlier, bizhub C554e/C454e GDQ-M1 and earlier, bizhub C364e/C284e/C224e GDQ-M1 and earlier, bizhub 554e/454e/364e/284e/224e GDQ-M1 and earlier, bizhub C754/C654 C554/C454 GR1-M0 and earlier, bizhub C364/C284/C224 GR1-M0 and earlier, bizhub 754/654 GR1-M0 and earlier, bizhub C4050i/C3350i/C4000i/C3300i G00-B6 and earlier, bizhub C3320i G00-B6 and earlier, bizhub 4750i/4050i G00-22 and earlier, bizhub 4700i G00-22 and earlier, bizhub C3851FS/C3851/C3351 GC9-X4 and earlier, and bizhub 4752/4052 GC9-X4 and earlier) allows an attacker on the adjacent network to obtain the credentials if the destination information including credentials are registered in the address book via a specific SOAP message. 2022-01-04 not yet calculated CVE-2021-20871
MISC
MISC
MISC
MISC
konica_minolta — bizhub
 
Exposure of sensitive information to an unauthorized actor vulnerability in KONICA MINOLTA bizhub series (bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhub 750i/650i/550i/450i G00-37 and earlier, bizhub 360i/300i G00-33 and earlier, bizhub C287i/C257i/C227i G00-19 and earlier, bizhub 306i/266i/246i/226i G00-B6 and earlier, bizhub C759/C659 GC7-X8 and earlier, bizhub C658/C558/C458 GC7-X8 and earlier, bizhub 958/808/758 GC7-X8 and earlier, bizhub 658e/558e/458e GC7-X8 and earlier, bizhub C287/C227 GC7-X8 and earlier, bizhub 287/227 GC7-X8 and earlier, bizhub 368e/308e GC7-X8 and earlier, bizhub C368/C308/C258 GC9-X4 and earlier, bizhub 558/458/368/308 GC9-X4 and earlier, bizhub C754e/C654e GDQ-M0 and earlier, bizhub 754e/654e GDQ-M0 and earlier, bizhub C554e/C454e GDQ-M1 and earlier, bizhub C364e/C284e/C224e GDQ-M1 and earlier, bizhub 554e/454e/364e/284e/224e GDQ-M1 and earlier, bizhub C754/C654 C554/C454 GR1-M0 and earlier, bizhub C364/C284/C224 GR1-M0 and earlier, bizhub 754/654 GR1-M0 and earlier, bizhub C4050i/C3350i/C4000i/C3300i G00-B6 and earlier, bizhub C3320i G00-B6 and earlier, bizhub 4750i/4050i G00-22 and earlier, bizhub 4700i G00-22 and earlier, bizhub C3851FS/C3851/C3351 GC9-X4 and earlier, and bizhub 4752/4052 GC9-X4 and earlier) allows an attacker on the adjacent network to obtain some of user credentials if LDAP server authentication is enabled via a specific SOAP message. 2022-01-04 not yet calculated CVE-2021-20869
MISC
MISC
MISC
MISC
konica_minolta — bizhub
 
Incorrect authorization vulnerability in KONICA MINOLTA bizhub series (bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhub 750i/650i/550i/450i G00-37 and earlier, bizhub 360i/300i G00-33 and earlier, bizhub C287i/C257i/C227i G00-19 and earlier, bizhub 306i/266i/246i/226i G00-B6 and earlier, bizhub C759/C659 GC7-X8 and earlier, bizhub C658/C558/C458 GC7-X8 and earlier, bizhub 958/808/758 GC7-X8 and earlier, bizhub 658e/558e/458e GC7-X8 and earlier, bizhub C287/C227 GC7-X8 and earlier, bizhub 287/227 GC7-X8 and earlier, bizhub 368e/308e GC7-X8 and earlier, bizhub C368/C308/C258 GC9-X4 and earlier, bizhub 558/458/368/308 GC9-X4 and earlier, bizhub C754e/C654e GDQ-M0 and earlier, bizhub 754e/654e GDQ-M0 and earlier, bizhub C554e/C454e GDQ-M1 and earlier, bizhub C364e/C284e/C224e GDQ-M1 and earlier, bizhub 554e/454e/364e/284e/224e GDQ-M1 and earlier, bizhub C754/C654 C554/C454 GR1-M0 and earlier, bizhub C364/C284/C224 GR1-M0 and earlier, bizhub 754/654 GR1-M0 and earlier, bizhub C4050i/C3350i/C4000i/C3300i G00-B6 and earlier, bizhub C3320i G00-B6 and earlier, bizhub 4750i/4050i G00-22 and earlier, bizhub 4700i G00-22 and earlier, bizhub C3851FS/C3851/C3351 GC9-X4 and earlier, and bizhub 4752/4052 GC9-X4 and earlier) allows an attacker on the adjacent network to obtain user credentials if external server authentication is enabled via a specific SOAP message sent by an administrative user. 2022-01-04 not yet calculated CVE-2021-20868
MISC
MISC
MISC
MISC
kubectl — kubectl
 
kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as Events. 2022-01-07 not yet calculated CVE-2021-25743
CONFIRM
latte — latte
 
Latte is an open source template engine for PHP. Versions since 2.8.0 Latte has included a template sandbox and in affected versions it has been found that a sandbox escape exists allowing for injection into web pages generated from Latte. This may lead to XSS attacks. The issue is fixed in the versions 2.8.8, 2.9.6 and 2.10.8. Users unable to upgrade should not accept template input from untrusted sources. 2022-01-04 not yet calculated CVE-2022-21648
MISC
CONFIRM
libcodecdrv — libcodecdrv
 
In libvcodecdrv, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05943906; Issue ID: ALPS05943906. 2022-01-04 not yet calculated CVE-2022-20020
MISC
libming — libming
 
In libming 0.4.8, the parseSWF_DEFINELOSSLESS2 function in util/parser.c lacks a boundary check that would lead to denial-of-service attacks via a crafted SWF file. 2022-01-06 not yet calculated CVE-2021-44591
MISC
MISC
libming — libming
 
In libming 0.4.8, a memory exhaustion vulnerability exist in the function cws2fws in util/main.c. Remote attackers could launch denial of service attacks by submitting a crafted SWF file that exploits this vulnerability. 2022-01-06 not yet calculated CVE-2021-44590
MISC
MISC
libmtkomxgsmdec — libmtkomxgsmdec
 
In libMtkOmxGsmDec, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05917620; Issue ID: ALPS05917620. 2022-01-04 not yet calculated CVE-2022-20019
MISC
lighttpd — lighttpd
 
In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes), as demonstrated by remote denial of service (daemon crash). 2022-01-06 not yet calculated CVE-2022-22707
MISC
linux — linux_kernel
 
Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel’s netback driver are buffered until the guest is ready to process them. There are some measures taken for avoiding to pile up too much data, but those can be bypassed by the guest: There is a timeout how long the client side of an interface can stop consuming new packets before it is assumed to have stalled, but this timeout is rather long (60 seconds by default). Using a UDP connection on a fast interface can easily accumulate gigabytes of data in that time. (CVE-2021-28715) The timeout could even never trigger if the guest manages to have only one free slot in its RX queue ring page and the next package would require more than one free slot, which may be the case when using GSO, XDP, or software hashing. (CVE-2021-28714) 2022-01-06 not yet calculated CVE-2021-28715
MISC
linux — linux_kernel
 
Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel’s netback driver are buffered until the guest is ready to process them. There are some measures taken for avoiding to pile up too much data, but those can be bypassed by the guest: There is a timeout how long the client side of an interface can stop consuming new packets before it is assumed to have stalled, but this timeout is rather long (60 seconds by default). Using a UDP connection on a fast interface can easily accumulate gigabytes of data in that time. (CVE-2021-28715) The timeout could even never trigger if the guest manages to have only one free slot in its RX queue ring page and the next package would require more than one free slot, which may be the case when using GSO, XDP, or software hashing. (CVE-2021-28714) 2022-01-06 not yet calculated CVE-2021-28714
MISC
livehelperchat — livehelperchat
 
livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information 2022-01-04 not yet calculated CVE-2022-0083
CONFIRM
MISC
manageengine — adselfservice_plus
 
ManageEngine ADSelfService Plus below build 6116 contains an observable response discrepancy in the UMCP operation of the ChangePasswordAPI. This allows an unauthenticated remote attacker to determine whether a Windows domain user exists. 2022-01-03 not yet calculated CVE-2021-20147
MISC
manageengine — adselfservice_plus
 
ManageEngine ADSelfService Plus below build 6116 stores the password policy file for each domain under the html/ web root with a predictable filename based on the domain name. When ADSSP is configured with multiple Windows domains, a user from one domain can obtain the password policy for another domain by authenticating to the service and then sending a request specifying the password policy file of the other domain. 2022-01-03 not yet calculated CVE-2021-20148
MISC
mcafee — application_and_change_control
 
Potential product security bypass vulnerability in McAfee Application and Change Control (MACC) prior to version 8.3.4 allows a locally logged in attacker to circumvent the application solidification protection provided by MACC, permitting them to run applications that would usually be prevented by MACC. This would require the attacker to rename the specified binary to match name of any configured updater and perform a specific set of steps, resulting in the renamed binary to be to run. 2022-01-04 not yet calculated CVE-2021-31833
CONFIRM
mdp_driver — mdp_driver
 
In mdp driver, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05836478; Issue ID: ALPS05836478. 2022-01-04 not yet calculated CVE-2022-20012
MISC
mediatek — wifi_driver
 
In wifi driver, there is a possible system crash due to a missing validation check. This could lead to remote denial of service from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20190426015; Issue ID: GN20190426015. 2022-01-04 not yet calculated CVE-2021-41789
MISC
modem_emm — moden_emm
 
In Modem EMM, there is a possible information disclosure due to a missing data encryption. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00716585; Issue ID: ALPS05886933. 2022-01-04 not yet calculated CVE-2021-40148
MISC
mruby — mrruby
 
mruby is vulnerable to Heap-based Buffer Overflow 2022-01-02 not yet calculated CVE-2022-0080
CONFIRM
MISC
navigatecms — navigatecms
 
An arbitrary file read vulnerability exists in NavigateCMS 2.9 via /navigate/navigate_download.php id parameter. 2022-01-06 not yet calculated CVE-2021-44351
MISC
netskope — client
 
Netskope client prior to 89.x on macOS is impacted by a local privilege escalation vulnerability. The XPC implementation of nsAuxiliarySvc process does not perform validation on new connections before accepting the connection. Thus any low privileged user can connect and call external methods defined in XPC service as root, elevating their privilege to the highest level. 2022-01-04 not yet calculated CVE-2021-41388
CONFIRM
nltk — nltk
 
nltk is vulnerable to Inefficient Regular Expression Complexity 2022-01-04 not yet calculated CVE-2021-3842
CONFIRM
MISC
openexr — openexr
 
OpenEXR 3.1.0 through 3.1.3 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (called from IlmThread_3_1::NullThreadPoolProvider::addTask and IlmThread_3_1::ThreadPool::addGlobalTask). NOTE: db217f2 may be inapplicable. 2022-01-01 not yet calculated CVE-2021-45942
MISC
MISC
MISC
MISC
CONFIRM
openwhyd — openwhyd
 
openwhyd is vulnerable to Improper Authorization 2022-01-03 not yet calculated CVE-2021-3837
CONFIRM
MISC
opmantek — open-audit
 
An information exposure issue has been discovered in Opmantek Open-AudIT 4.2.0. The vulnerability allows an authenticated attacker to read file outside of the restricted directory. 2022-01-03 not yet calculated CVE-2021-44674
MISC
MISC
MISC
MISC
oroplatform — oroplatform
 
OroPlatform is a PHP Business Application Platform. In affected versions by sending a specially crafted request, an attacker could inject properties into existing JavaScript language construct prototypes, such as objects. Later this injection may lead to JS code execution by libraries that are vulnerable to Prototype Pollution. This issue has been patched in version 4.2.8. Users unable to upgrade may configure a firewall to drop requests containing next strings: `__proto__` , `constructor[prototype]`, and `constructor.prototype` to mitigate this issue. 2022-01-04 not yet calculated CVE-2021-43852
MISC
CONFIRM
pac4j — pac4j
 
Pac4j v5.1 and earlier allows (by default) clients to accept and successfully validate ID Tokens with “none” algorithm (i.e., tokens with no signature) which is not secure and violates the OpenID Core Specification. The “none” algorithm does not require any signature verification when validating the ID tokens, which allows the attacker to bypass the token validation by injecting a malformed ID token using “none” as the value of “alg” key in the header with an empty signature value. 2022-01-06 not yet calculated CVE-2021-44878
MISC
MISC
pjsip — pjsip
 
PJSIP is a free and open source multimedia communication library written in the C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In various parts of PJSIP, when error/failure occurs, it is found that the function returns without releasing the currently held locks. This could result in a system deadlock, which cause a denial of service for the users. No release has yet been made which contains the linked fix commit. All versions up to an including 2.11.1 are affected. Users may need to manually apply the patch. 2022-01-04 not yet calculated CVE-2021-41141
CONFIRM
MISC
qualcomm — bluecore
 
Possible memory corruption in BT controller when it receives an oversized LMP packet over 2-DH1 link and leads to denial of service in BlueCore 2022-01-03 not yet calculated CVE-2021-35093
CONFIRM
qualcomm — multiple_snapdragon_products Possible integer overflow in access control initialization interface due to lack and size and address validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking 2022-01-03 not yet calculated CVE-2021-30274
CONFIRM
qualcomm — multiple_snapdragon_products Possible buffer overflow due to lack of range check while processing a DIAG command for COEX management in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables 2022-01-03 not yet calculated CVE-2021-30289
CONFIRM
qualcomm — multiple_snapdragon_products Possible integer overflow in page alignment interface due to lack of address and size validation before alignment in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking 2022-01-03 not yet calculated CVE-2021-30275
CONFIRM
qualcomm — multiple_snapdragon_products Possible assertion due to improper handling of IPV6 packet with invalid length in destination options header in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables 2022-01-03 not yet calculated CVE-2021-30273
CONFIRM
qualcomm — multiple_snapdragon_products Possible null pointer dereference in thread cache operation handler due to lack of validation of user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking 2022-01-03 not yet calculated CVE-2021-30272
CONFIRM
qualcomm — multiple_snapdragon_products Improper input validation in TrustZone memory transfer interface can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking 2022-01-03 not yet calculated CVE-2021-30278
CONFIRM
qualcomm — multiple_snapdragon_products Possible out of bound write in RAM partition table due to improper validation on number of partitions provided in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking 2022-01-03 not yet calculated CVE-2021-30282
CONFIRM
qualcomm — multiple_snapdragon_products Possible denial of service due to improper handling of debug register trap from user applications in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile 2022-01-03 not yet calculated CVE-2021-30283
CONFIRM
qualcomm — multiple_snapdragon_products Possible assertion in QOS request due to improper validation when multiple add or update request are received simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking 2022-01-03 not yet calculated CVE-2021-30335
CONFIRM
qualcomm — multiple_snapdragon_products Possible assertion due to lack of input validation in PUSCH configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT 2022-01-03 not yet calculated CVE-2021-30293
CONFIRM
qualcomm — multiple_snapdragon_products Possible buffer overflow due to lack of buffer length check when segmented WMI command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking 2022-01-03 not yet calculated CVE-2021-30303
CONFIRM
qualcomm — multiple_snapdragon_products Possible null pointer dereference in thread profile trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking 2022-01-03 not yet calculated CVE-2021-30270
CONFIRM
qualcomm — multiple_snapdragon_products Possible out of bound read due to lack of domain input validation while processing APK close session request in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Wearables 2022-01-03 not yet calculated CVE-2021-30336
CONFIRM
qualcomm — multiple_snapdragon_products Possible use after free when process shell memory is freed using IOCTL call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking 2022-01-03 not yet calculated CVE-2021-30337
CONFIRM
qualcomm — multiple_snapdragon_products Improper validation of LLM utility timers availability can lead to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music 2022-01-03 not yet calculated CVE-2021-30348
CONFIRM
qualcomm — multiple_snapdragon_products An out of bound memory access can occur due to improper validation of number of frames being passed during music playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking 2022-01-03 not yet calculated CVE-2021-30351
CONFIRM
qualcomm — multiple_snapdragon_products Improper handling of resource allocation in virtual machines can lead to information exposure in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile 2022-01-03 not yet calculated CVE-2021-1918
CONFIRM
qualcomm — multiple_snapdragon_products Improper access control in TrustZone due to improper error handling while handling the signing key in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking 2022-01-03 not yet calculated CVE-2021-1894
CONFIRM
qualcomm — multiple_snapdragon_products Possible null pointer dereference due to lack of TLB validation for user provided address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking 2022-01-03 not yet calculated CVE-2021-30269
CONFIRM
qualcomm — multiple_snapdragon_products
 
Improper validation of a socket state when socket events are being sent to clients can lead to invalid access of memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables 2022-01-03 not yet calculated CVE-2021-30262
CONFIRM
qualcomm — multiple_snapdragon_products
 
Possible integer overflow to buffer overflow due to improper input validation in FTM ARA commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile 2022-01-03 not yet calculated CVE-2021-30267
CONFIRM
qualcomm — multiple_snapdragon_products
 
Possible heap Memory Corruption Issue due to lack of input validation when sending HWTC IQ Capture command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables 2022-01-03 not yet calculated CVE-2021-30268
CONFIRM
qualcomm — multiple_snapdragon_products
 
An integer overflow due to improper check performed after the address and size passed are aligned in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking 2022-01-03 not yet calculated CVE-2020-11263
CONFIRM
qualcomm — multiple_snapdragon_products
 
Possible null pointer dereference in trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking 2022-01-03 not yet calculated CVE-2021-30271
CONFIRM
qualcomm — multiple_snapdragon_products
 
Possible access control violation while setting current permission for VMIDs due to improper permission masking in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking 2022-01-03 not yet calculated CVE-2021-30279
CONFIRM
qualcomm — multiple_snapdragon_products
 
Possible out of bound access due to improper validation of item size and DIAG memory pools data while switching between USB and PCIE interface in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking 2022-01-03 not yet calculated CVE-2021-30298
CONFIRM
qualcomm — multiple_snapdragon_products
 
Improper access control while doing XPU re-configuration dynamically can lead to unauthorized access to a secure resource in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wired Infrastructure and Networking 2022-01-03 not yet calculated CVE-2021-30276
CONFIRM
qutscloud — multiple_devices
 
A cross-site scripting (XSS) vulnerability has been reported to affect QTS, QuTS hero and QuTScloud. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of QTS, QuTS hero and QuTScloud: QuTS hero h4.5.4.1771 build 20210825 and later QTS 4.5.4.1787 build 20210910 and later QuTScloud c4.5.7.1864 and later 2022-01-07 not yet calculated CVE-2021-38674
MISC
roundcube — roundcube
 
Roundcube before 1.4.13 and 1.5.x before 1.5.2 allows XSS via an HTML e-mail message with crafted Cascading Style Sheets (CSS) token sequences. 2022-01-06 not yet calculated CVE-2021-46144
MISC
MISC
MISC
MISC
MISC
DEBIAN
scratch-svg-renderer — scratch-svg-renderer
 
A DOM-based cross-site scripting (XSS) vulnerability in Scratch-Svg-Renderer v0.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted sb3 file. 2022-01-06 not yet calculated CVE-2020-27428
MISC
seninf — driver
 
In seninf driver, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05863018; Issue ID: ALPS05863018. 2022-01-04 not yet calculated CVE-2022-20018
MISC
shockwall — shockwall
 
The programming function of Shockwall system has an improper input validation vulnerability. An authenticated attacker within the local area network can send malicious response to the server to disrupt the service partially. 2022-01-03 not yet calculated CVE-2021-45916
CONFIRM
shopware — shopware
 
Shopware is an open source e-commerce software platform. In affected versions shopware would not invalidate a user session in the event of a password change. With version 5.7.7 the session validation was adjusted, so that sessions created prior to the latest password change of a customer account can’t be used to login with said account. This also means, that upon a password change, all existing sessions for a given customer account are automatically considered invalid. There is no workaround for this issue. 2022-01-05 not yet calculated CVE-2022-21652
MISC
CONFIRM
MISC
shopware — shopware
 
Shopware is an open source e-commerce software platform. An open redirect vulnerability has been discovered. Users may be arbitrary redirected due to incomplete URL handling in the shopware router. This issue has been resolved in version 5.7.7. There is no workaround and users are advised to upgrade as soon as possible. 2022-01-05 not yet calculated CVE-2022-21651
MISC
CONFIRM
MISC
showdoc — showdoc
 
showdoc is vulnerable to Generation of Error Message Containing Sensitive Information 2022-01-03 not yet calculated CVE-2022-0079
CONFIRM
MISC
sourcecodester — vehicle_service_managemant_system In Vehicle Service Management System 1.0 an attacker can steal the cookies leading to Full Account Takeover. 2022-01-06 not yet calculated CVE-2021-46067
MISC
MISC
sourcecodester — vehicle_service_managemant_system
 
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Category List Section in login panel. 2022-01-06 not yet calculated CVE-2021-46071
MISC
MISC
sourcecodester — vehicle_service_managemant_system
 
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Settings Section in login panel. 2022-01-06 not yet calculated CVE-2021-46074
MISC
MISC
sourcecodester — vehicle_service_management_system A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the User List Section in login panel. 2022-01-06 not yet calculated CVE-2021-46073
MISC
MISC
sourcecodester — vehicle_service_management_system
 
Sourcecodester Vehicle Service Management System 1.0 is vulnerable to File upload. An attacker can upload a malicious php file in multiple endpoints it leading to Code Execution. 2022-01-06 not yet calculated CVE-2021-46076
MISC
MISC
sourcecodester — vehicle_service_management_system
 
A Cross Site Request Forgery (CSRF) vulnerability exists in Vehicle Service Management System 1.0. An successful CSRF attacks leads to Stored Cross Site Scripting Vulnerability. 2022-01-06 not yet calculated CVE-2021-46080
MISC
MISC
sourcecodester — vehicle_service_management_system
 
An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to Html Injection. 2022-01-06 not yet calculated CVE-2021-46079
MISC
MISC
sourcecodester — vehicle_service_management_system
 
A Privilege Escalation vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. Staff account users can access the admin resources and perform CRUD Operations. 2022-01-06 not yet calculated CVE-2021-46075
MISC
MISC
sourcecodester — vehicle_service_management_system
 
An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to a Stored Cross-Site Scripting vulnerability. 2022-01-06 not yet calculated CVE-2021-46078
MISC
MISC
spinnaker — spinnaker
 
Spinnaker is an open source, multi-cloud continuous delivery platform. Spinnaker has improper permissions allowing pipeline creation & execution. This lets an arbitrary user with access to the gate endpoint to create a pipeline and execute it without authentication. If users haven’t setup Role-based access control (RBAC) with-in spinnaker, this enables remote execution and access to deploy almost any resources on any account. Patches are available on the latest releases of the supported branches and users are advised to upgrade as soon as possible. Users unable to upgrade should enable RBAC on ALL accounts and applications. This mitigates the ability of a pipeline to affect any accounts. Block application access unless permission are enabled. Users should make sure ALL application creation is restricted via appropriate wildcards. 2022-01-04 not yet calculated CVE-2021-43832
CONFIRM
spinnaker — spinnaker
 
Spinnaker is an open source, multi-cloud continuous delivery platform. A path traversal vulnerability was discovered in uses of TAR files by AppEngine for deployments. This uses a utility to extract files locally for deployment without validating the paths in that deployment don’t override system files. This would allow an attacker to override files on the container, POTENTIALLY introducing a MITM type attack vector by replacing libraries or injecting wrapper files. Users are advised to update as soon as possible. For users unable to update disable Google AppEngine deployments and/or disable artifacts that provide TARs. 2022-01-04 not yet calculated CVE-2021-39143
CONFIRM
starwind — san_&_nas_build_1578
 
StarWind SAN & NAS build 1578 and StarWind Command Center Build 6864 Update Manager allows authentication with JTW token which is signed with any key. An attacker could use self-signed JTW token to bypass authentication resulting in escalation of privileges. 2022-01-04 not yet calculated CVE-2021-45389
MISC
sync — sync2101
 
A security vulnerability originally reported in the SYNC2101 product, and applicable to specific sub-families of SYNC devices, allows an attacker to download the configuration file used in the device and apply a modified configuration file back to the device. The attack requires network access to the SYNC device and knowledge of its IP address. The attack exploits the unsecured communication channel used between the administration tool Easyconnect and the SYNC device (in the affected family of SYNC products). 2022-01-06 not yet calculated CVE-2021-44564
MISC
MISC
talkyard — talkyard
 
In Talkyard, regular versions v0.2021.20 through v0.2021.33 and dev versions v0.2021.20 through v0.2021.34, are vulnerable to Insufficient Session Expiration. This may allow an attacker to reuse the admin’s still-valid session token even when logged-out, to gain admin privileges, given the attacker is able to obtain that token (via other, hypothetical attacks) 2022-01-03 not yet calculated CVE-2021-25981
MISC
MISC
MISC
tcpslice — tcpslice
 
Use after free in tcpslice triggers AddressSanitizer, no other confirmed impact. 2022-01-05 not yet calculated CVE-2021-41043
MISC
tlr — 2005ksh
 
TLR-2005KSH is affected by an incorrect access control vulnerability. THe PUT method is enabled so an attacker can upload arbitrary files including HTML and CGI formats. 2022-01-03 not yet calculated CVE-2021-45428
MISC
totolink — ex200
 
The downloadFlile.cgi binary file in TOTOLINK EX200 V4.0.3c.7646_B20201211 has a command injection vulnerability when receiving GET parameters. The parameter name can be constructed for unauthenticated command execution. 2022-01-04 not yet calculated CVE-2021-43711
MISC
uriparser — uriparser An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax. 2022-01-06 not yet calculated CVE-2021-46142
MISC
MISC
CONFIRM
uriparser — uriparser An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner. 2022-01-06 not yet calculated CVE-2021-46141
MISC
MISC
CONFIRM
userfrosting — userfrosting
 
In Userfrosting, versions v0.3.1 to v4.6.2 are vulnerable to Host Header Injection. By luring a victim application user to click on a link, an unauthenticated attacker can use the “forgot password” functionality to reset the victim’s password and successfully take over their account. 2022-01-03 not yet calculated CVE-2021-25994
MISC
MISC
usoc — usoc USOC is an open source CMS with a focus on simplicity. In affected versions USOC allows for SQL injection via usersearch.php. In search terms provided by the user were not sanitized and were used directly to construct a sql statement. The only users permitted to search are site admins. Users are advised to upgrade as soon as possible. There are not workarounds for this issue. 2022-01-04 not yet calculated CVE-2022-21644
CONFIRM
MISC
usoc — usoc
 
USOC is an open source CMS with a focus on simplicity. In affected versions USOC allows for SQL injection via register.php. In particular usernames, email addresses, and passwords provided by the user were not sanitized and were used directly to construct a sql statement. Users are advised to upgrade as soon as possible. There are not workarounds for this issue. 2022-01-04 not yet calculated CVE-2022-21643
MISC
CONFIRM
vim — vim
 
vim is vulnerable to Out-of-bounds Read 2022-01-06 not yet calculated CVE-2022-0128
MISC
CONFIRM
vow_driver — vow_driver
 
In vow driver, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05862986; Issue ID: ALPS05862986. 2022-01-04 not yet calculated CVE-2022-20016
MISC
vow_driver — vow_driver
 
In vow driver, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05837742; Issue ID: ALPS05837742. 2022-01-04 not yet calculated CVE-2022-20013
MISC
vow_driver — vow_driver
 
In vow driver, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05857308; Issue ID: ALPS05857308. 2022-01-04 not yet calculated CVE-2022-20014
MISC
whatsapp — whatsapp
 
The calling logic for WhatsApp for Android prior to v2.21.23, WhatsApp Business for Android prior to v2.21.23, WhatsApp for iOS prior to v2.21.230, WhatsApp Business for iOS prior to v2.21.230, WhatsApp for KaiOS prior to v2.2143, WhatsApp Desktop prior to v2.2146 could have allowed an out-of-bounds write if a user makes a 1:1 call to a malicious actor. 2022-01-04 not yet calculated CVE-2021-24042
CONFIRM
wordpress — wordpress The CAOS | Host Google Analytics Locally WordPress plugin before 4.1.9 does not validate the cache directory setting, allowing high privilege users to use a path traversal vector and delete arbitrary folders when uninstalling the plugin 2022-01-03 not yet calculated CVE-2021-25020
MISC
wordpress — wordpress The Stars Rating WordPress plugin before 3.5.1 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service in the comments section, or pending comment dashboard depending if the user sent it as unauthenticated or authenticated. 2022-01-03 not yet calculated CVE-2021-24893
MISC
wordpress — wordpress The Events Made Easy WordPress plugin before 2.2.36 does not sanitise and escape the search_text parameter before using it in a SQL statement via the eme_searchmail AJAX action, available to any authenticated users. As a result, users with a role as low as subscriber can call it and perform SQL injection attacks 2022-01-03 not yet calculated CVE-2021-25030
MISC
wordpress — wordpress
 
WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to improper sanitization in WP_Query, there can be cases where SQL injection is possible through plugins or themes that use it in a certain way. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this vulnerability. 2022-01-06 not yet calculated CVE-2022-21661
CONFIRM
MISC
MISC
wordpress — wordpress
 
WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to lack of proper sanitization in one of the classes, there’s potential for unintended SQL queries to be executed. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 4.1.34. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this issue. 2022-01-06 not yet calculated CVE-2022-21664
MISC
CONFIRM
MISC
wordpress — wordpress
 
WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. On a multisite, users with Super Admin role can bypass explicit/additional hardening under certain conditions through object injection. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this issue. 2022-01-06 not yet calculated CVE-2022-21663
MISC
CONFIRM
wordpress — wordpress
 
WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Low-privileged authenticated users (like author) in WordPress core are able to execute JavaScript/perform stored XSS attack, which can affect high-privileged users. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this issue. 2022-01-06 not yet calculated CVE-2022-21662
MISC
CONFIRM
wordpress — wordpress
 
All AJAX actions of the Tab WordPress plugin before 1.3.2 are available to both unauthenticated and authenticated users, allowing unauthenticated attackers to modify various data in the plugin, such as add/edit/delete arbitrary tabs. 2022-01-03 not yet calculated CVE-2021-24831
MISC
wordpress — wordpress
 
The Download Monitor WordPress plugin before 4.4.5 does not properly validate and escape the “orderby” GET parameter before using it in a SQL statement when viewing the logs, leading to an SQL Injection issue 2022-01-03 not yet calculated CVE-2021-24786
MISC
wordpress — wordpress
 
The Speed Booster Pack âš¡ PageSpeed Optimization Suite WordPress plugin before 4.3.3.1 does not escape the sbp_convert_table_name parameter before using it in a SQL statement to convert the related table, leading to an SQL injection 2022-01-03 not yet calculated CVE-2021-25023
MISC
wordpress — wordpress
 
The OMGF | Host Google Fonts Locally WordPress plugin before 4.5.12 does not validate the cache directory setting, allowing high privilege users to use a path traversal vector and delete arbitrary folders when uninstalling the plugin 2022-01-03 not yet calculated CVE-2021-25021
MISC
ws-scrcpy — ws-scrcpy
 
ws-scrcpy is vulnerable to External Control of File Name or Path 2022-01-04 not yet calculated CVE-2021-3845
MISC
CONFIRM
xen — xen

 

Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as “driver domains”. Running PV backends in driver domains has one primary security advantage: if a driver domain gets compromised, it doesn’t have the privileges to take over the system. However, a malicious driver domain could try to attack other guests via sending events at a high frequency leading to a Denial of Service in the guest due to trying to service interrupts for elongated amounts of time. There are three affected backends: * blkfront patch 1, CVE-2021-28711 * netfront patch 2, CVE-2021-28712 * hvc_xen (console) patch 3, CVE-2021-28713 2022-01-05 not yet calculated CVE-2021-28713
MISC
xen — xen
 
Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as “driver domains”. Running PV backends in driver domains has one primary security advantage: if a driver domain gets compromised, it doesn’t have the privileges to take over the system. However, a malicious driver domain could try to attack other guests via sending events at a high frequency leading to a Denial of Service in the guest due to trying to service interrupts for elongated amounts of time. There are three affected backends: * blkfront patch 1, CVE-2021-28711 * netfront patch 2, CVE-2021-28712 * hvc_xen (console) patch 3, CVE-2021-28713 2022-01-05 not yet calculated CVE-2021-28711
MISC
xen — xen
 
Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as “driver domains”. Running PV backends in driver domains has one primary security advantage: if a driver domain gets compromised, it doesn’t have the privileges to take over the system. However, a malicious driver domain could try to attack other guests via sending events at a high frequency leading to a Denial of Service in the guest due to trying to service interrupts for elongated amounts of time. There are three affected backends: * blkfront patch 1, CVE-2021-28711 * netfront patch 2, CVE-2021-28712 * hvc_xen (console) patch 3, CVE-2021-28713 2022-01-05 not yet calculated CVE-2021-28712
MISC

Back to top

This product is provided subject to this Notification and this Privacy & Use policy.

Original release date: January 4, 2022

 

High Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
There were no high vulnerabilities recorded this week.

Back to top

 

Medium Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
apache — log4j Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2. 2021-12-28 6 CVE-2021-44832
MISC
MISC
MLIST
CONFIRM
MLIST
livehelperchat — live_helper_chat livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) 2021-12-26 4.3 CVE-2021-4169
MISC
CONFIRM
mediawiki — mediawiki In MediaWiki through 1.37, blocked IP addresses are allowed to edit EntitySchema items. 2021-12-24 5 CVE-2021-45471
MISC
MISC
MISC
mediawiki — mediawiki In MediaWiki through 1.37, XSS can occur in Wikibase because an external identifier property can have a URL format that includes a $1 formatter substitution marker, and the javascript: URL scheme (among others) can be used. 2021-12-24 4.3 CVE-2021-45472
MISC
MISC
mediawiki — mediawiki In MediaWiki through 1.37, Wikibase item descriptions allow XSS, which is triggered upon a visit to an action=info URL (aka a page-information sidebar). 2021-12-24 4.3 CVE-2021-45473
MISC
MISC
mediawiki — mediawiki In MediaWiki through 1.37, the Special:ImportFile URI (aka FileImporter) allows XSS, as demonstrated by the clientUrl parameter. 2021-12-24 4.3 CVE-2021-45474
MISC
MISC
netgear — rbk752_firmware Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6. 2021-12-26 5.2 CVE-2021-45584
MISC

Back to top

 

Low Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
invoiceninja — invoice_ninja invoiceninja is vulnerable to Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) 2021-12-24 3.5 CVE-2021-3977
MISC
CONFIRM

Back to top

 

Severity Not Yet Assigned

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
netgear — ac2600_firmware Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects AC2100 before 1.2.0.88, AC2400 before 1.2.0.88, AC2600 before 1.2.0.88, R6220 before 1.1.0.110, R6230 before 1.1.0.110, R6260 before 1.1.0.84, R6330 before 1.1.0.84, R6350 before 1.1.0.84, R6700v2 before 1.2.0.88, R6800 before 1.2.0.88, R6850 before 1.1.0.84, R6900v2 before 1.2.0.88, R7200 before 1.2.0.88, R7350 before 1.2.0.88, R7400 before 1.2.0.88, and R7450 before 1.2.0.88. 2021-12-26 not yet calculated CVE-2021-45644
MISC
netgear — d7000v2_firmware Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D7000v2 before 1.0.0.66, D8500 before 1.0.3.58, R7000 before 1.0.11.110, R7100LG before 1.0.0.72, R7900 before 1.0.4.30, R8000 before 1.0.4.62, XR300 before 1.0.3.56, R7000P before 1.3.2.132, R8500 before 1.0.2.144, R6900P before 1.3.2.132, and R8300 before 1.0.2.144. 2021-12-26 not yet calculated CVE-2021-45624
MISC
4nb — videooffice
 
An arbitrary file download and execution vulnerability was found in the VideoOffice X2.9 and earlier versions (CVE-2020-7878). This issue is due to missing support for integrity check. 2021-12-28 not yet calculated CVE-2020-7878
MISC
actix — actix-web
 
An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly extend the lifetime of a string, leading to memory corruption. 2021-12-27 not yet calculated CVE-2018-25025
MISC
MISC
actix — actix-web
 
An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly coerce an immutable reference into a mutable reference, leading to memory corruption. 2021-12-27 not yet calculated CVE-2018-25024
MISC
MISC
actix — actix-web
 
An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can add the Send marker trait to an object that cannot be sent between threads safely, leading to memory corruption. 2021-12-27 not yet calculated CVE-2018-25026
MISC
MISC
apache — apisix_dashboard
 
In Apache APISIX Dashboard before 2.10.1, the Manager API uses two frameworks and introduces framework `droplet` on the basis of framework `gin`, all APIs and authentication middleware are developed based on framework `droplet`, but some API directly use the interface of framework `gin` thus bypassing the authentication. 2021-12-27 not yet calculated CVE-2021-45232
CONFIRM
MLIST
archivy — archivy
 
archivy is vulnerable to Cross-Site Request Forgery (CSRF) 2021-12-25 not yet calculated CVE-2021-4162
CONFIRM
MISC
asus — rt-n53_devices
 
ASUS RT-N53 3.0.0.4.376.3754 devices have a buffer overflow via a long lan_dns1_x or lan_dns2_x parameter to Advanced_LAN_Content.asp. 2021-12-28 not yet calculated CVE-2019-20082
MISC
MISC
attendance_management_system — attendance_management_system
 
Attendance Management System 1.0 is affected by a Cross Site Scripting (XSS) vulnerability. The value of the FirstRecord request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The attacker can access the system, by using the XSS-reflected method, and then can store information by injecting the admin account on this system. 2021-12-26 not yet calculated CVE-2021-44598
MISC
authguard — authguard
 
basic/BasicAuthProvider.java in AuthGuard before 0.9.0 allows authentication via an inactive identifier. 2021-12-27 not yet calculated CVE-2021-45890
MISC
MISC
MISC
MISC
avast — antivirus Privilege escalation vulnerability in Avast Antivirus prior to 20.4 allows a local user to gain elevated privileges by “hollowing” trusted process which could lead to the bypassing of Avast self-defense. 2021-12-27 not yet calculated CVE-2021-45339
MISC
MISC
avast — antivirus
 
Privilege escalation vulnerability in the Sandbox component of Avast Antivirus prior to 20.4 allows a local sandboxed code to gain elevated privileges by using system IPC interfaces which could lead to exit the sandbox and acquire SYSTEM privileges. 2021-12-27 not yet calculated CVE-2021-45336
MISC
MISC
avast — antivirus
 
Privilege escalation vulnerability in the Self-Defense driver of Avast Antivirus prior to 20.8 allows a local user with SYSTEM privileges to gain elevated privileges by “hollowing” process wsc_proxy.exe which could lead to acquire antimalware (AM-PPL) protection. 2021-12-27 not yet calculated CVE-2021-45337
MISC
MISC
avast — antivirus
 
Multiple privilege escalation vulnerabilities in Avast Antivirus prior to 20.4 allow a local user to gain elevated privileges by calling unnecessarily powerful internal methods of the main antivirus service which could lead to the (1) arbitrary file delete, (2) write and (3) reset security. 2021-12-27 not yet calculated CVE-2021-45338
MISC
MISC
MISC
MISC
avast — antivirus
 
Sandbox component in Avast Antivirus prior to 20.4 has an insecure permission which could be abused by local user to control the outcome of scans, and therefore evade detection or delete arbitrary system files. 2021-12-27 not yet calculated CVE-2021-45335
MISC
MISC
biostar — racing_gt_evo
 
An issue was discovered in BS_RCIO64.sys in Biostar RACING GT Evo 2.1.1905.1700. A low-integrity process can open the driver’s device object and issue IOCTLs to read or write to arbitrary physical memory locations (or call an arbitrary address), leading to execution of arbitrary code. This is associated with 0x226040, 0x226044, and 0x226000. 2022-01-01 not yet calculated CVE-2021-44852
MISC
bitmask — riseup
 
Bitmask Riseup VPN 0.21.6 contains a local privilege escalation flaw due to improper access controls. When the software is installed with a non-default installation directory off of the system root, the installer fails to properly set ACLs. This allows lower privileged users to replace the VPN executable with a malicious one. When a higher privileged user such as an Administrator launches that executable, it is possible for the lower privileged user to escalate to Administrator privileges. 2021-12-30 not yet calculated CVE-2021-44466
MISC
brave — brave_desktop
 
In Brave Desktop 1.17 through 1.33 before 1.33.106, when CNAME-based adblocking and a proxying extension with a SOCKS fallback are enabled, additional DNS requests are issued outside of the proxying extension using the system’s DNS settings, resulting in information disclosure. NOTE: this issue exists because of an incomplete fix for CVE-2021-21323 and CVE-2021-22916. 2021-12-27 not yet calculated CVE-2021-45884
MISC
MISC
MISC
MISC
carinal — tien_hospital_health_report_system
 
Carinal Tien Hospital Health Report System’s login page has improper authentication, a remote attacker can acquire another general user’s privilege by modifying the cookie parameter without authentication. The attacker can then perform limited operations on the system or modify data, making the service partially unavailable to the user. 2021-12-29 not yet calculated CVE-2021-44160
MISC
celery — celery
 
This affects the package celery before 5.2.2. It by default trusts the messages and metadata stored in backends (result stores). When reading task metadata from the backend, the data is deserialized. Given that an attacker can gain access to, or somehow manipulate the metadata within a celery backend, they could trigger a stored command injection vulnerability and potentially gain further access to the system. 2021-12-29 not yet calculated CVE-2021-23727
MISC
MISC
cscms — cscms
 
An issue in the user login box of CSCMS v4.0 allows attackers to hijack user accounts via brute force attacks. 2021-12-27 not yet calculated CVE-2020-21238
MISC
damicms — damicms
 
A vulnerability in /damicms-master/admin.php?s=/Article/doedit of DamiCMS v6.0 allows attackers to compromise and impersonate user accounts via obtaining a user’s session cookie. 2021-12-27 not yet calculated CVE-2020-21236
MISC
dl-axist — devices
 
The Datalogic DXU service on (for example) DL-Axist devices does not require authentication for configuration changes or disclosure of configuration settings. 2022-01-01 not yet calculated CVE-2021-43333
MISC
CONFIRM
dmp — roadmap
 
DMP Roadmap before 3.0.4 allows XSS. 2022-01-01 not yet calculated CVE-2021-44896
MISC
MISC
MISC
dnsmasq — dnsmasq
 
Dnsmasq 2.86 has a heap-based buffer overflow in answer_request (called from FuzzAnswerTheRequest and fuzz_rfc1035.c). 2022-01-01 not yet calculated CVE-2021-45957
MISC
MISC
dnsmasq — dnsmasq
 
Dnsmasq 2.86 has a heap-based buffer overflow in check_bad_address (called from check_for_bogus_wildcard and FuzzCheckForBogusWildcard). 2022-01-01 not yet calculated CVE-2021-45951
MISC
MISC
dnsmasq — dnsmasq
 
Dnsmasq 2.86 has a heap-based buffer overflow in print_mac (called from log_packet and dhcp_reply). 2022-01-01 not yet calculated CVE-2021-45956
MISC
MISC
dnsmasq — dnsmasq
 
Dnsmasq 2.86 has a heap-based buffer overflow in dhcp_reply (called from dhcp_packet and FuzzDhcp). 2022-01-01 not yet calculated CVE-2021-45952
MISC
MISC
dnsmasq — dnsmasq Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from hash_questions and fuzz_util.c). 2022-01-01 not yet calculated CVE-2021-45953
MISC
MISC
dnsmasq — dnsmasq
 
Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from answer_auth and FuzzAuth). 2022-01-01 not yet calculated CVE-2021-45954
MISC
MISC
dnsmasq — dnsmasq
 
Dnsmasq 2.86 has a heap-based buffer overflow in resize_packet (called from FuzzResizePacket and fuzz_rfc1035.c). 2022-01-01 not yet calculated CVE-2021-45955
MISC
MISC
elgg — elgg
 
elgg is vulnerable to Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) 2021-12-24 not yet calculated CVE-2021-4072
MISC
CONFIRM
emerson — xweb_300d_evo
 
Emerson XWEB 300D EVO 3.0.7–3ee403 is affected by: unauthenticated arbitrary file deletion due to path traversal. An attacker can browse and delete files without any authentication due to incorrect access control and directory traversal. 2021-12-30 not yet calculated CVE-2021-45427
MISC
MISC
MISC
emuse — eservices_and_envoice
 
Emuse – eServices / eNvoice SQL injection can be used in various ways ranging from bypassing login authentication or dumping the whole database to full RCE on the affected endpoints. The SQLi caused by CWE-209: Generation of Error Message Containig Sensetive Information, showing parts of the aspx code and the webroot location , information an attacker can leverage to further compromise the host. 2021-12-29 not yet calculated CVE-2021-36722
CONFIRM
emuse — eservices_and_envoice
 
Emuse – eServices / eNvoice Exposure Of Private Personal Information due to lack of identification mechanisms and predictable IDs an attacker can scrape all the files on the service. 2021-12-29 not yet calculated CVE-2021-36723
CONFIRM
evga — precision_xoc
 
The WinRin0x64.sys and WinRing0.sys low-level drivers in EVGA Precision XOC version v6.2.7 were discovered to be configured with the default security descriptor which allows attackers to access sensitive components and data. 2021-12-28 not yet calculated CVE-2020-22057
MISC
expat — expat
 
In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory). 2022-01-01 not yet calculated CVE-2021-45960
MISC
MISC
MISC
fatek — winproladder
 
FATEK WinProladder Versions 3.30_24518 and prior are vulnerable to a stack-based buffer overflow while processing project files, which may allow an attacker to execute arbitrary code. 2021-12-28 not yet calculated CVE-2021-43556
MISC
fatek — winproladder
 
FATEK WinProladder Versions 3.30_24518 and prior are vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code. 2021-12-28 not yet calculated CVE-2021-43554
MISC
forescout — secureconnector_local_service
 
ForeScout – SecureConnector Local Service DoS – A low privilaged user which doesn’t have permissions to shutdown the secure connector service writes a large amount of characters in the installationPath. This will cause the buffer to overflow and override the stack cookie causing the service to crash. 2021-12-29 not yet calculated CVE-2021-36724
CONFIRM
gdal — gdal
 
GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment). 2022-01-01 not yet calculated CVE-2021-45943
MISC
MISC
MISC
MISC
gerapy — gerapy
 
Gerapy is a distributed crawler management framework. Gerapy prior to version 0.9.8 is vulnerable to remote code execution, and this issue is patched in version 0.9.8. 2021-12-27 not yet calculated CVE-2021-43857
CONFIRM
MISC
MISC
ghostscript — ghostpdl Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp). 2022-01-01 not yet calculated CVE-2021-45944
MISC
MISC
ghostscript — ghostpdl
 
Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp). 2022-01-01 not yet calculated CVE-2021-45949
MISC
MISC
MISC
gif2apng — gif2apng An issue was discovered in gif2apng 1.9. There is a heap-based buffer overflow within the main function. It allows an attacker to write data outside of the allocated buffer. The attacker has control over a part of the address that data is written to, control over the written data, and (to some extent) control over the amount of data that is written. 2021-12-28 not yet calculated CVE-2021-45910
MISC
gif2apng — gif2apng An issue was discovered in gif2apng 1.9. There is a heap-based buffer overflow vulnerability in the DecodeLZW function. It allows an attacker to write a large amount of arbitrary data outside the boundaries of a buffer. 2021-12-28 not yet calculated CVE-2021-45909
MISC
gif2apng — gif2apng An issue was discovered in gif2apng 1.9. There is a stack-based buffer overflow involving a for loop. An attacker has little influence over the data written to the stack, making it unlikely that the flow of control can be subverted. 2021-12-28 not yet calculated CVE-2021-45907
MISC
gif2apng — gif2apng An issue was discovered in gif2apng 1.9. There is a stack-based buffer overflow involving a while loop. An attacker has little influence over the data written to the stack, making it unlikely that the flow of control can be subverted. 2021-12-28 not yet calculated CVE-2021-45908
MISC
gif2apng — gif2apng
 
An issue was discovered in gif2apng 1.9. There is a heap-based buffer overflow in the main function. It allows an attacker to write 2 bytes outside the boundaries of the buffer. 2021-12-28 not yet calculated CVE-2021-45911
MISC
giftrans — giftrans
 
The giftrans function in giftrans 1.12.2 contains a stack-based buffer overflow because a value inside the input file determines the amount of data to write. This allows an attacker to overwrite up to 250 bytes outside of the allocated buffer with arbitrary data. 2022-01-01 not yet calculated CVE-2021-45972
MISC
MISC
MISC
glewlwyd — glewlwyd
 
Glewlwyd 2.0.0, fixed in 2.6.1 is affected by an incorrect access control vulnerability. One user can attempt to log in as another user without its password. 2021-12-30 not yet calculated CVE-2021-45379
MISC
MISC
go — go
 
net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests. 2022-01-01 not yet calculated CVE-2021-44716
CONFIRM
go — go
 
Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file or unintended network connection as a consequence of erroneous closing of file descriptor 0 after file-descriptor exhaustion. 2022-01-01 not yet calculated CVE-2021-44717
CONFIRM
google — android
 
An improper authentication vulnerability has been reported to affect Android App Qfile. If exploited, this vulnerability allows attackers to compromise app and access information We have already fixed this vulnerability in the following versions of Qfile: Qfile 3.0.0.1105 and later 2021-12-29 not yet calculated CVE-2021-38688
CONFIRM
grok — grok
 
Grok 9.5.0 has a heap-based buffer overflow in openhtj2k::T1OpenHTJ2K::decompress (called from std::__1::__packaged_task_func<std::__1::__bind<grk::T1DecompressScheduler::deco and std::__1::packaged_task<int). 2022-01-01 not yet calculated CVE-2021-45935
MISC
MISC
MISC
groupsession — bycloud_and_zion
 
Path traversal vulnerability in GroupSession Free edition ver5.1.1 and earlier, GroupSession byCloud ver5.1.1 and earlier, and GroupSession ZION ver5.1.1 and earlier allows an attacker with an administrative privilege to obtain sensitive information stored in the hierarchy above the directory on the published site’s server via unspecified vectors. 2021-12-24 not yet calculated CVE-2021-20876
MISC
MISC
groupsession — bycloud_and_zion
 
Incorrect permission assignment for critical resource vulnerability in GroupSession Free edition ver5.1.1 and earlier, GroupSession byCloud ver5.1.1 and earlier, and GroupSession ZION ver5.1.1 and earlier allows a remote unauthenticated attacker to access arbitrary files on the server and obtain sensitive information via unspecified vectors. 2021-12-24 not yet calculated CVE-2021-20874
MISC
MISC
groupsession — bycloud_and_zion Open redirect vulnerability in GroupSession Free edition ver5.1.1 and earlier, GroupSession byCloud ver5.1.1 and earlier, and GroupSession ZION ver5.1.1 and earlier allows a remote unauthenticated attacker to redirect users to arbitrary web sites and conduct phishing attacks by having a user to access a specially crafted URL. 2021-12-24 not yet calculated CVE-2021-20875
MISC
MISC
harfbuzz– harfbuzz HarfBuzz 2.9.0 has an out-of-bounds write in hb_bit_set_invertible_t::set (called from hb_sparseset_t<hb_bit_set_invertible_t>::set and hb_set_copy). 2022-01-01 not yet calculated CVE-2021-45931
MISC
MISC
MISC
iball — wrd12en
 
iBall WRD12EN 1.0.0 devices allow cross-site request forgery (CSRF) attacks as demonstrated by enabling DNS settings or modifying the range for IP addresses. 2021-12-30 not yet calculated CVE-2020-29292
MISC
MISC
ibm — x-force
 
IBM OPENBMC OP910 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 212049. 2021-12-27 not yet calculated CVE-2021-38961
CONFIRM
XF
ibm — x-force
 
IBM i 7.2, 7.3, and 7.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 208404. 2021-12-30 not yet calculated CVE-2021-38876
CONFIRM
XF
idec — idec
 
Unprotected transport of credentials vulnerability in IDEC PLCs (FC6A Series MICROSmart All-in-One CPU module v2.32 and earlier, FC6A Series MICROSmart Plus CPU module v1.91 and earlier, WindLDR v8.19.1 and earlier, WindEDIT Lite v1.3.1 and earlier, and Data File Manager v2.12.1 and earlier) allows an attacker to obtain the PLC Web server user credentials from the communication between the PLC and the software. As a result, the complete access privileges to the PLC Web server may be obtained, and manipulation of the PLC output and/or suspension of the PLC may be conducted. 2021-12-24 not yet calculated CVE-2021-20826
MISC
MISC
idec — idec
 
Plaintext storage of a password vulnerability in IDEC PLCs (FC6A Series MICROSmart All-in-One CPU module v2.32 and earlier, FC6A Series MICROSmart Plus CPU module v1.91 and earlier, WindLDR v8.19.1 and earlier, WindEDIT Lite v1.3.1 and earlier, and Data File Manager v2.12.1 and earlier) allows an attacker to obtain the PLC Web server user credentials from file servers, backup repositories, or ZLD files saved in SD cards. As a result, the attacker may access the PLC Web server and hijack the PLC, and manipulation of the PLC output and/or suspension of the PLC may be conducted. 2021-12-24 not yet calculated CVE-2021-20827
MISC
MISC
idec — multiple_products An attacker may obtain the user credentials from file servers, backup repositories, or ZLD files saved in SD cards. As a result, the PLC user program may be uploaded, altered, and/or downloaded. 2021-12-28 not yet calculated CVE-2021-37401
MISC
MISC
MISC
MISC
idec — multiple_products An attacker may obtain the user credentials from the communication between the PLC and the software. As a result, the PLC user program may be uploaded, altered, and/or downloaded. 2021-12-28 not yet calculated CVE-2021-37400
MISC
MISC
MISC
MISC
ifme — ifme In “ifme”, versions 1.0.0 to v7.31.4 are vulnerable against stored XSS vulnerability in the markdown editor. It can be exploited by making a victim a Leader of a group which triggers the payload for them. 2021-12-29 not yet calculated CVE-2021-25989
MISC
CONFIRM
ifme — ifme
 
In “ifme”, versions v7.22.0 to v7.31.4 are vulnerable against self-stored XSS in the contacts field as it allows loading XSS payloads fetched via an iframe. 2021-12-29 not yet calculated CVE-2021-25990
MISC
CONFIRM
ifme — ifme
 
In Ifme, versions v5.0.0 to v7.32 are vulnerable against an improper access control, which makes it possible for admins to ban themselves leading to their deactivation from Ifme account and complete loss of admin access to Ifme. 2021-12-29 not yet calculated CVE-2021-25991
MISC
CONFIRM
ifme — ifme
 
In “ifme”, versions 1.0.0 to v7.31.4 are vulnerable against stored XSS vulnerability (notifications section) which can be directly triggered by sending an ally request to the admin. 2021-12-29 not yet calculated CVE-2021-25988
CONFIRM
MISC
intellibridge — ec_40_and_60_hub The standard access path of the IntelliBridge EC 40 and 60 Hub (C.00.04 and prior) requires authentication, but the product has an alternate path or channel that does not require authentication. 2021-12-27 not yet calculated CVE-2021-33017
MISC
intellibridge — ec_40_and_60_hub
 
IntelliBridge EC 40 and 60 Hub (C.00.04 and prior) contains hard-coded credentials, such as a password or a cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. 2021-12-27 not yet calculated CVE-2021-32993
MISC
iris — iris This affects all versions of package github.com/kataras/iris; all versions of package github.com/kataras/iris/v12. The unsafe handling of file names during upload using UploadFormFiles method may enable attackers to write to arbitrary locations outside the designated target folder. 2021-12-24 not yet calculated CVE-2021-23772
CONFIRM
CONFIRM
CONFIRM
jeecg — jeecg
 
An arbitrary file download vulnerability in jeecg v3.8 allows attackers to access sensitive files via modification of the “localPath” variable. 2021-12-27 not yet calculated CVE-2020-20948
MISC
jquery — terminal_emulator
 
jQuery Terminal Emulator is a plugin for creating command line interpreters in your applications. Versions prior to 2.31.1 contain a low impact and limited cross-site scripting (XSS) vulnerability. The code for XSS payload is always visible, but an attacker can use other techniques to hide the code the victim sees. If the application uses the `execHash` option and executes code from URL, the attacker can use this URL to execute their code. The scope is limited because the javascript attribute used is added to span tag, so no automatic execution like with `onerror` on images is possible. This issue is fixed in version 2.31.1. As a workaround, the user can use formatting that wrap whole user input and its no op. The code for this workaround is available in the GitHub Security Advisory. The fix will only work when user of the library is not using different formatters (e.g. to highlight code in different way). 2021-12-30 not yet calculated CVE-2021-43862
CONFIRM
MISC
MISC
MISC
js-data — js-data
 
All versions of package js-data are vulnerable to Prototype Pollution via the deepFillIn and the set functions. This is an incomplete fix of [CVE-2020-28442](https://snyk.io/vuln/SNYK-JS-JSDATA-1023655). 2021-12-24 not yet calculated CVE-2021-23574
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
kubernetes — minio
 
MinIO is a Kubernetes native application for cloud storage. Prior to version `RELEASE.2021-12-27T07-23-18Z`, a malicious client can hand-craft an HTTP API call that allows for updating policy for a user and gaining higher privileges. The patch in version `RELEASE.2021-12-27T07-23-18Z` changes the accepted request body type and removes the ability to apply policy changes through this API. There is a workaround for this vulnerability: Changing passwords can be disabled by adding an explicit `Deny` rule to disable the API for users. 2021-12-27 not yet calculated CVE-2021-43858
MISC
MISC
MISC
CONFIRM
MISC
libbpf — libbpf
 
libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow (8 bytes) in __bpf_object__open (called from bpf_object__open_mem and bpf-object-fuzzer.c). 2022-01-01 not yet calculated CVE-2021-45941
MISC
MISC
libbpf — libbpf
 
libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow (4 bytes) in __bpf_object__open (called from bpf_object__open_mem and bpf-object-fuzzer.c). 2022-01-01 not yet calculated CVE-2021-45940
MISC
MISC
libjxl — libjxl
 
libjxl b02d6b9, as used in libvips 8.11 through 8.11.2 and other products, has an out-of-bounds write in jxl::ModularFrameDecoder::DecodeGroup (called from jxl::FrameDecoder::ProcessACGroup and jxl::ThreadPool::RunCallState<jxl::FrameDecoder::ProcessSections). 2022-01-01 not yet calculated CVE-2021-45928
MISC
MISC
MISC
MISC
MISC
libredwg — libredwg
 
LibreDWG 0.12.4.4313 through 0.12.4.4367 has an out-of-bounds write in dwg_free_BLOCK_private (called from dwg_free_BLOCK and dwg_free_object). 2022-01-01 not yet calculated CVE-2021-45950
MISC
MISC
linux — linux_kernel
 
In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn’t properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses. 2021-12-25 not yet calculated CVE-2021-45485
MISC
MISC
MISC
linux — linux_kernel
 
An issue was discovered in the Linux kernel before 5.15.11. There is a memory leak in the __rds_conn_create() function in net/rds/connection.c in a certain combination of circumstances. 2021-12-24 not yet calculated CVE-2021-45480
MISC
MISC
linux — linux_kernel
 
In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small. 2021-12-25 not yet calculated CVE-2021-45486
MISC
MISC
MISC
livehelperchat — livehelperchat livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) 2021-12-29 not yet calculated CVE-2021-4175
MISC
CONFIRM
livehelperchat — livehelperchat livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) 2021-12-29 not yet calculated CVE-2021-4176
CONFIRM
MISC
livehelperchat — livehelperchat livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information 2021-12-28 not yet calculated CVE-2021-4177
MISC
CONFIRM
livehelperchat — livehelperchat livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) 2021-12-28 not yet calculated CVE-2021-4179
MISC
CONFIRM
ljcms — ljcms
 
An issue in the user login box of LJCMS v1.11 allows attackers to hijack user accounts via brute force attacks. 2021-12-27 not yet calculated CVE-2020-21237
MISC
max_mazurov — maddy
 
A Broken or Risky Cryptographic Algorithm exists in Max Mazurov Maddy before 0.5.2, which is an unnecessary risk that may result in the exposure of sensitive information. 2021-12-28 not yet calculated CVE-2021-42583
MISC
MISC
mdbtools — mdbtools MDB Tools (aka mdbtools) 0.9.2 has a stack-based buffer overflow (at 0x7ffd0c689be0) in mdb_numeric_to_string (called from mdb_xfer_bound_data and _mdb_attempt_bind). 2022-01-01 not yet calculated CVE-2021-45926
MISC
MISC
MISC
mdbtools — mdbtools
 
MDB Tools (aka mdbtools) 0.9.2 has a stack-based buffer overflow (at 0x7ffd6e029ee0) in mdb_numeric_to_string (called from mdb_xfer_bound_data and _mdb_attempt_bind). 2022-01-01 not yet calculated CVE-2021-45927
MISC
MISC
MISC
mermaid — mermaid
 
Mermaid is a Javascript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams. Prior to version 8.13.8, malicious diagrams can run javascript code at diagram readers’ machines. Users should upgrade to version 8.13.8 to receive a patch. There are no known workarounds aside from upgrading. 2021-12-30 not yet calculated CVE-2021-43861
MISC
MISC
CONFIRM
microsoft — sharepoint
 
Microsoft SharePoint Elevation of Privilege Vulnerability. 2021-12-29 not yet calculated CVE-2021-43876
MISC
motp — motp
 
Changing MOTP (Mobile One Time Password) system’s specific function parameter has insufficient validation for user input. A attacker in local area network can perform SQL injection attack to read, modify or delete backend database without authentication. 2021-12-29 not yet calculated CVE-2021-44161
MISC
moxa — multiple_mgate_products
 
The affected products contain vulnerable firmware, which could allow an attacker to sniff the traffic and decrypt login credential details. This could give an attacker admin rights through the HTTP web server. 2021-12-27 not yet calculated CVE-2021-4161
MISC
mruby — mruby
 
mruby is vulnerable to NULL Pointer Dereference 2021-12-30 not yet calculated CVE-2021-4188
MISC
CONFIRM
netbsd — netbsd
 
In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures. 2021-12-25 not yet calculated CVE-2021-45487
MISC
MISC
netbsd — netbsd
 
In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG. 2021-12-25 not yet calculated CVE-2021-45484
MISC
MISC
netbsd — netbsd
 
In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG. 2021-12-25 not yet calculated CVE-2021-45489
MISC
MISC
netbsd — netbsd
 
In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm. 2021-12-25 not yet calculated CVE-2021-45488
MISC
MISC
netgear — ac2100_firmware
 
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects AC2100 before 1.2.0.88, AC2400 before 1.2.0.88, AC2600 before 1.2.0.88, D7000 before 1.0.1.82, R6220 before 1.1.0.110, R6230 before 1.1.0.110, R6260 before 1.1.0.84, R6330 before 1.1.0.84, R6350 before 1.1.0.84, R6700v2 before 1.2.0.88, R6800 before 1.2.0.88, R6850 before 1.1.0.84, R6900v2 before 1.2.0.88, R7200 before 1.2.0.88, R7350 before 1.2.0.88, R7400 before 1.2.0.88, and R7450 before 1.2.0.88. 2021-12-26 not yet calculated CVE-2021-45534
MISC
MISC
netgear — ac2100_firmware
 
Certain NETGEAR devices are affected by authentication bypass. This affects AC2100 before 2021-08-27, AC2400 before 2021-08-27, AC2600 before 2021-08-27, D7000 before 2021-08-27, R6220 before 2021-08-27, R6230 before 2021-08-27, R6260 before 2021-08-27, R6330 before 2021-08-27, R6350 before 2021-08-27, R6700v2 before 2021-08-27, R6800 before 2021-08-27, R6850 before 2021-08-27, R6900v2 before 2021-08-27, R7200 before 2021-08-27, R7350 before 2021-08-27, R7400 before 2021-08-27, and R7450 before 2021-08-27. 2021-12-26 not yet calculated CVE-2021-45511
MISC
netgear — ac2400_firmware
 
Certain NETGEAR devices are affected by authentication bypass. This affects AC2400 before 1.1.0.84, AC2600 before 1.1.0.84, D7000 before 1.0.1.82, R6020 before 1.0.0.52, R6080 before 1.0.0.52, R6120 before 1.0.0.80, R6220 before 1.1.0.110, R6230 before 1.1.0.110, R6260 before 1.1.0.84, R6330 before 1.1.0.84, R6350 before 1.1.0.84, R6700v2 before 1.1.0.84, R6800 before 1.1.0.84, R6850 before 1.1.0.84, R6900v2 before 1.1.0.84, R7200 before 1.1.0.84, R7350 before 1.1.0.84, R7400 before 1.1.0.84, and R7450 before 1.1.0.84. 2021-12-26 not yet calculated CVE-2021-45501
MISC
netgear — cbr40_firmware Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX7500 before 1.0.0.72, R6400 before 1.0.1.68, R6900P before 1.3.2.132, R7000 before 1.0.11.116, R7000P before 1.3.2.132, R7900 before 1.0.4.38, R7960P before 1.4.1.66, R8000 before 1.0.4.66, RAX200 before 1.0.3.106, RS400 before 1.5.1.80, XR300 before 1.0.3.68, MK62 before 1.0.6.110, MR60 before 1.0.6.110, R6400v2 before 1.0.4.106, R8000P before 1.4.1.66, RAX20 before 1.0.2.64, RAX45 before 1.0.2.82, RAX80 before 1.0.3.106, MS60 before 1.0.6.110, R6700v3 before 1.0.4.106, R7900P before 1.4.1.66, RAX15 before 1.0.2.64, RAX50 before 1.0.2.82, RAX75 before 1.0.3.106, RBR750 before 3.2.16.22, RBR850 before 3.2.16.22, RBS750 before 3.2.16.22, RBS850 before 3.2.16.22, RBK752 before 3.2.16.22, and RBK852 before 3.2.16.22. 2021-12-26 not yet calculated CVE-2021-45617
MISC
netgear — cbr40_firmware Certain NETGEAR devices are affected by command injection by an authenticated user. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. 2021-12-26 not yet calculated CVE-2021-45598
MISC
netgear — cbr40_firmware Certain NETGEAR devices are affected by command injection by an authenticated user. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and RBS850 before 3.2.17.12. 2021-12-26 not yet calculated CVE-2021-45597
MISC
netgear — cbr40_firmware Certain NETGEAR devices are affected by reflected XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.32, EAX80 before 1.0.1.62, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7000 before 1.0.1.104, EX7500 before 1.0.0.72, R7000 before 1.0.11.110, R7900 before 1.0.4.30, R7960P before 1.4.1.66, R8000 before 1.0.4.62, RAX200 before 1.0.2.102, XR300 before 1.0.3.50, EX3700 before 1.0.0.90, MR60 before 1.0.5.102, R7000P before 1.3.2.126, R8000P before 1.4.1.66, RAX20 before 1.0.1.64, RAX50 before 1.0.2.28, RAX80 before 1.0.3.102, EX3800 before 1.0.0.90, MS60 before 1.0.5.102, R6900P before 1.3.2.126, R7900P before 1.4.1.66, RAX15 before 1.0.1.64, RAX45 before 1.0.2.28, RAX75 before 1.0.3.102, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6. 2021-12-26 not yet calculated CVE-2021-45639
MISC
netgear — cbr40_firmware
 
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000P before 1.4.2.84, R8300 before 1.0.2.154, R8500 before 1.0.2.154, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. 2021-12-26 not yet calculated CVE-2021-45615
MISC
netgear — cbr40_firmware
 
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX7500 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6400 before 1.0.1.70, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.116, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.38, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68. 2021-12-26 not yet calculated CVE-2021-45622
MISC
netgear — cbr40_firmware
 
Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, R7960P before 1.4.1.66, RAX200 before 1.0.3.106, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, EX3700 before 1.0.0.90, MR60 before 1.0.6.110, R8000P before 1.4.1.66, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, EX3800 before 1.0.0.90, MS60 before 1.0.6.110, R7900P before 1.4.1.66, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6. 2021-12-26 not yet calculated CVE-2021-45667
MISC
netgear — cbr40_firmware
 
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 3.2.18.2, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBS40V before 2.6.2.4, and RBW30 before 2.6.2.2. 2021-12-26 not yet calculated CVE-2021-45628
MISC
netgear — cbr40_firmware
 
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. 2021-12-26 not yet calculated CVE-2021-45631
MISC
netgear — cbr40_firmware
 
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. 2021-12-26 not yet calculated CVE-2021-45630
MISC
netgear — cbr40_firmware
 
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX7500 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7850 before 1.0.5.74, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68. 2021-12-26 not yet calculated CVE-2021-45612
MISC
netgear — cbr40_firmware Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX80 before 1.0.1.62, EX7500 before 1.0.0.72, R7900 before 1.0.4.38, R8000 before 1.0.4.68, RAX200 before 1.0.4.120, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, MR60 before 1.0.6.110, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.4.120, MS60 before 1.0.6.110, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.4.120, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6. 2021-12-26 not yet calculated CVE-2021-45671
MISC
netgear — cbr40_firmware
 
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, D7000v2 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, MR80 before 1.1.2.20, MS80 before 1.1.2.20, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX43 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX35v2 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and XR1000 before 1.0.0.58. 2021-12-26 not yet calculated CVE-2021-45613
MISC
netgear — cbr40_firmware
 
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, LAX20 before 1.1.6.28, MR60 before 1.0.6.116, MR80 before 1.1.2.20, MS60 before 1.0.6.116, MS80 before 1.1.2.20, MK62 before 1.0.6.116, MK83 before 1.1.2.20, R6400 before 1.0.1.70, R6400v2 before 1.0.4.106, R6700v3 before 1.0.4.106, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7850 before 1.0.5.74, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68. 2021-12-26 not yet calculated CVE-2021-45620
MISC
netgear — cbr40_firmware
 
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects CBR40 before 2.3.5.12, D7000v2 before 1.0.0.66, D8500 before 1.0.3.58, R6400 before 1.0.1.70, R7000 before 1.0.11.126, R6900P before 1.3.2.124, R7000P before 1.3.2.124, R7900 before 1.0.4.30, R8000 before 1.0.4.52, and WNR3500Lv2 before 1.2.0.62. 2021-12-26 not yet calculated CVE-2021-45529
MISC
netgear — cbr40_firmware
 
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBW30 before 2.6.2.2, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and RBS40V before 2.6.2.8. 2021-12-26 not yet calculated CVE-2021-45507
MISC
netgear — cbr40_firmware Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX80 before 1.0.1.64, EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, RBW30 before 2.6.1.4, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, and RBS40V before 2.6.1.4. 2021-12-26 not yet calculated CVE-2021-45666
MISC
netgear — cbr40_firmware
 
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 3.2.18.2, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX3700 before 1.0.0.94, EX3800 before 1.0.0.94, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7000 before 1.0.1.104, EX7500 before 1.0.0.74, LAX20 before 1.1.6.28, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6300v2 before 1.0.4.52, R6400 before 1.0.1.70, R6400v2 before 1.0.4.106, R6700v3 before 1.0.4.106, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7100LG before 1.0.0.72, R7850 before 1.0.5.74, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, R8300 before 1.0.2.154, R8500 before 1.0.2.154, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68. 2021-12-26 not yet calculated CVE-2021-45621
MISC
netgear — cbr40_firmware Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBR852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. 2021-12-26 not yet calculated CVE-2021-45504
MISC
netgear — cbr40_firmware Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, R7000 before 1.0.11.116, R7900 before 1.0.4.38, R8000 before 1.0.4.68, RAX200 before 1.0.3.106, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, EX3700 before 1.0.0.90, MR60 before 1.0.6.110, R7000P before 1.3.2.126, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, EX3800 before 1.0.0.90, MS60 before 1.0.6.110, R6900P before 1.3.2.126, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6. 2021-12-26 not yet calculated CVE-2021-45670
MISC
netgear — cbr40_firmware
 
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, and RBR850 before 3.2.17.12. 2021-12-26 not yet calculated CVE-2021-45508
MISC
netgear — cbr40_firmware Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. 2021-12-26 not yet calculated CVE-2021-45509
MISC
netgear — cbr40_firmware Certain NETGEAR devices are affected by command injection by an authenticated user. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. 2021-12-26 not yet calculated CVE-2021-45601
MISC
netgear — cbr40_firmware
 
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. 2021-12-26 not yet calculated CVE-2021-45599
MISC
netgear — cbr750_firmware Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. 2021-12-26 not yet calculated CVE-2021-45627
MISC
netgear — cbr750_firmware
 
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects CBR750 before 4.6.3.6, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. 2021-12-26 not yet calculated CVE-2021-45600
MISC
netgear — cbr750_firmware Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. 2021-12-26 not yet calculated CVE-2021-45506
MISC
netgear — cbr750_firmware
 
Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. 2021-12-26 not yet calculated CVE-2021-45503
MISC
netgear — cbr750_firmware Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, and RBK852 before 3.2.17.12. 2021-12-26 not yet calculated CVE-2021-45633
MISC
netgear — cbr750_firmware
 
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects CBR750 before 3.2.18.2, D6220 before 1.0.0.68, D6400 before 1.0.0.102, D8500 before 1.0.3.60, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6300v2 before 1.0.4.50, R6400 before 1.0.1.68, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.116, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.38, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, and XR1000 before 1.0.0.58. 2021-12-26 not yet calculated CVE-2021-45604
MISC
netgear — cbr750_firmware
 
Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. 2021-12-26 not yet calculated CVE-2021-45505
MISC
netgear — cbr750_firmware
 
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. 2021-12-26 not yet calculated CVE-2021-45596
MISC
netgear — cbr750_firmware
 
Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. 2021-12-26 not yet calculated CVE-2021-45502
MISC
netgear — cbr750_firmware Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. 2021-12-26 not yet calculated CVE-2021-45632
MISC
netgear — cbr750_firmware
 
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. 2021-12-26 not yet calculated CVE-2021-45634
MISC
netgear — cbr750_firmware
 
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. 2021-12-26 not yet calculated CVE-2021-45635
MISC
netgear — cbr750_firmware
 
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 3.2.18.2, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, and XR1000 before 1.0.0.58. 2021-12-26 not yet calculated CVE-2021-45616
MISC
netgear — cbr750_firmware
 
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. 2021-12-26 not yet calculated CVE-2021-45629
MISC
netgear — d3600_firmware
 
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.78, D6100 before 1.0.0.63, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DGN2200Bv4 before 1.0.0.109, DGN2200v4 before 1.0.0.110, R6250 before 1.0.4.34, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700 before 1.0.2.6, R6700v3 before 1.0.2.66, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7100LG before 1.0.0.50, R7300 before 1.0.0.70, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.28, R8000P before 1.4.1.30, R8300 before 1.0.2.128, R8500 before 1.0.2.128, WNDR3400v3 before 1.0.1.24, WNR3500Lv2 before 1.2.0.62, and XR500 before 2.3.2.56. 2021-12-26 not yet calculated CVE-2021-45550
MISC
netgear — d3600_firmware Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6200 before 1.1.00.34, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000 before 1.0.1.74, D7000v2 before 1.0.0.53, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, DM200 before 1.0.0.61, EX3700 before 1.0.0.76, EX3800 before 1.0.0.76, EX6120 before 1.0.0.46, EX6130 before 1.0.0.28, EX7000 before 1.0.1.78, PR2000 before 1.0.0.28, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6250 before 1.0.4.34, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700 before 1.0.2.6, R6700v3 before 1.0.2.66, R6900 before 1.0.2.6, R7000 before 1.0.9.34, R7100LG before 1.0.0.50, R7500v2 before 1.0.3.40, R7900P before 1.4.1.50, R8000P before 1.4.1.50, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBK40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR20 before 2.3.0.28, RBR40 before 2.3.0.28, RBR50 before 2.3.0.32, RBS20 before 2.3.0.28, RBS40 before 2.3.0.28, RBS50 before 2.3.0.32, WN3000RPv2 before 1.0.0.78, WNDR3400v3 before 1.0.1.24, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, WNR3500Lv2 before 1.2.0.62, XR450 before 2.3.2.56, and XR500 before 2.3.2.56. 2021-12-26 not yet calculated CVE-2021-45640
MISC
netgear — d3600_firmware
 
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6200 before 1.1.00.34, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000 before 1.0.1.74, D7000v2 before 1.0.0.53, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200Bv4 before 1.0.0.109, DGN2200v4 before 1.0.0.110, DM200 before 1.0.0.61, EX3700 before 1.0.0.76, EX3800 before 1.0.0.76, EX6120 before 1.0.0.46, EX6130 before 1.0.0.28, EX7000 before 1.0.1.78, PR2000 before 1.0.0.28, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6250 before 1.0.4.34, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700v3 before 1.0.2.66, R6700 before 1.0.2.6, R6900 before 1.0.2.6, R7000 before 1.0.9.34, R7100LG before 1.0.0.50, R7500v2 before 1.0.3.40, R7900P before 1.4.1.50, R8000P before 1.4.1.50, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, WN3000RPv2 before 1.0.0.78, WNDR3400v3 before 1.0.1.24, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, and XR500 before 2.3.2.56. 2021-12-26 not yet calculated CVE-2021-45641
MISC
netgear — d6200_firmware
 
Certain NETGEAR devices are affected by Stored XSS. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before 1.0.0.48, R6080 before 1.0.0.48, R6120 before 1.0.0.76, R6220 before 1.1.0.110, R6230 before 1.1.0.110, R6260 before 1.1.0.78, R6800 before 1.2.0.76, R6900v2 before 1.2.0.76, R6700v2 before 1.2.0.76, R6850 before 1.1.0.78, R7200 before 1.2.0.76, R7350 before 1.2.0.76, R7400 before 1.2.0.76, R7450 before 1.2.0.76, AC2100 before 1.2.0.76, AC2400 before 1.2.0.76, AC2600 before 1.2.0.76, and RAX40 before 1.0.3.62. 2021-12-26 not yet calculated CVE-2021-45672
MISC
netgear — d6200_firmware
 
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before 1.0.0.42, R6080 before 1.0.0.42, R6050 before 1.0.1.26, JR6150 before 1.0.1.26, R6120 before 1.0.0.66, R6220 before 1.1.0.110, R6230 before 1.1.0.110, R6260 before 1.1.0.64, R6800 before 1.2.0.62, R6700v2 before 1.2.0.62, R6900v2 before 1.2.0.62, R7450 before 1.2.0.62, AC2100 before 1.2.0.62, AC2400 before 1.2.0.62, AC2600 before 1.2.0.62, and WNR2020 before 1.1.0.62. 2021-12-26 not yet calculated CVE-2021-45551
MISC
netgear — d6200_firmware Certain NETGEAR devices are affected by server-side injection. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, R6020 before 1.0.0.48, R6080 before 1.0.0.48, R6050 before 1.0.1.26, JR6150 before 1.0.1.26, R6120 before 1.0.0.66, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.78, R6800 before 1.2.0.76, R6900v2 before 1.2.0.76, R6700v2 before 1.2.0.76, R7450 before 1.2.0.76, AC2100 before 1.2.0.76, AC2400 before 1.2.0.76, AC2600 before 1.2.0.76, RBK40 before 2.5.1.16, RBR40 before 2.5.1.16, RBS40 before 2.5.1.16, RBK20 before 2.5.1.16, RBR20 before 2.5.1.16, RBS20 before 2.5.1.16, RBK50 before 2.5.1.16, RBR50 before 2.5.1.16, RBS50 before 2.5.1.16, and RBS50Y before 2.6.1.40. 2021-12-26 not yet calculated CVE-2021-45656
MISC
netgear — d6200_firmware
 
Certain NETGEAR devices are affected by server-side injection. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, R6020 before 1.0.0.48, R6080 before 1.0.0.48, R6050 before 1.0.1.26, JR6150 before 1.0.1.26, R6120 before 1.0.0.66, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.78, R6800 before 1.2.0.76, R6900v2 before 1.2.0.76, R6700v2 before 1.2.0.76, R7450 before 1.2.0.76, AC2100 before 1.2.0.76, AC2400 before 1.2.0.76, AC2600 before 1.2.0.76, RBK40 before 2.5.1.16, RBR40 before 2.5.1.16, RBS40 before 2.5.1.16, RBK20 before 2.5.1.16, RBR20 before 2.5.1.16, RBS20 before 2.5.1.16, RBK50 before 2.5.1.16, RBR50 before 2.5.1.16, RBS50 before 2.5.1.16, RBS50Y before 2.6.1.40, and WNR2020 before 1.1.0.62. 2021-12-26 not yet calculated CVE-2021-45657
MISC
netgear — d6220_firmware NETGEAR D6220 devices before 1.0.0.76 are affected by command injection by an authenticated user. 2021-12-26 not yet calculated CVE-2021-45531
MISC
netgear — d6220_firmware
 
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.66, D6400 before 1.0.0.100, D7000v2 before 1.0.0.66, D8500 before 1.0.3.58, DC112A before 1.0.0.52, DGN2200v4 before 1.0.0.118, EAX80 before 1.0.1.64, R6250 before 1.0.4.48, R7000 before 1.0.11.110, R7100LG before 1.0.0.72, R7900 before 1.0.4.30, R7960P before 1.4.1.64, R8000 before 1.0.4.62, RAX200 before 1.0.3.106, RS400 before 1.5.1.80, XR300 before 1.0.3.68, R6400v2 before 1.0.4.106, R7000P before 1.3.2.132, R8000P before 1.4.1.64, RAX20 before 1.0.2.82, RAX45 before 1.0.2.82, RAX80 before 1.0.3.106, R6700v3 before 1.0.4.106, R6900P before 1.3.2.132, R7900P before 1.4.1.64, RAX15 before 1.0.2.82, RAX50 before 1.0.2.82, and RAX75 before 1.0.3.106. 2021-12-26 not yet calculated CVE-2021-45610
MISC
netgear — d6220_firmware
 
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.68, D6400 before 1.0.0.102, D7000v2 before 1.0.0.74, D8500 before 1.0.3.60, DC112A before 1.0.0.56, R6300v2 before 1.0.4.50, R6400 before 1.0.1.68, R7000 before 1.0.11.116, R7100LG before 1.0.0.70, RBS40V before 2.6.2.8, RBW30 before 2.6.2.2, RS400 before 1.5.1.80, R7000P before 1.3.2.132, and R6900P before 1.3.2.132. 2021-12-26 not yet calculated CVE-2021-45638
MISC
netgear — d6220_firmware
 
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.68, D6400 before 1.0.0.102, D7000v2 before 1.0.0.66, D8500 before 1.0.3.58, DC112A before 1.0.0.54, EX7000 before 1.0.1.94, EX7500 before 1.0.0.72, R6250 before 1.0.4.48, R6300v2 before 1.0.4.52, R6400 before 1.0.1.70, R6400v2 before 1.0.4.102, R6700v3 before 1.0.4.102, R7000 before 1.0.11.116, R7100LG before 1.0.0.64, R7850 before 1.0.5.68, R7900 before 1.0.4.30, R7960P before 1.4.1.68, R8000 before 1.0.4.52, RAX200 before 1.0.2.88, RBS40V before 2.6.2.4, RS400 before 1.5.1.80, XR300 before 1.0.3.56, R7000P before 1.3.2.124, R8000P before 1.4.1.68, R8500 before 1.0.2.144, RAX80 before 1.0.3.102, R6900P before 1.3.2.124, R7900P before 1.4.1.68, R8300 before 1.0.2.144, RAX75 before 1.0.3.102, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, and RBK852 before 3.2.17.12. 2021-12-26 not yet calculated CVE-2021-45527
MISC
netgear — d7000_firmware NETGEAR D7000 devices before 1.0.1.82 are affected by authentication bypass. 2021-12-26 not yet calculated CVE-2021-45497
MISC
netgear — d7000_firmware NETGEAR D7000 devices before 1.0.1.68 are affected by authentication bypass. 2021-12-26 not yet calculated CVE-2021-45495
MISC
netgear — d7000_firmware NETGEAR D7000 devices before 1.0.1.82 are affected by authentication bypass. 2021-12-26 not yet calculated CVE-2021-45496
MISC
netgear — d7000_firmware NETGEAR D7000 devices before 1.0.1.82 are affected by a stack-based buffer overflow by an unauthenticated attacker. 2021-12-26 not yet calculated CVE-2021-45636
MISC
netgear — d7000v2_firmware Certain NETGEAR devices are affected by weak cryptography. This affects D7000v2 before 1.0.0.62, D8500 before 1.0.3.50, EX3700 before 1.0.0.84, EX3800 before 1.0.0.84, EX6120 before 1.0.0.54, EX6130 before 1.0.0.36, EX7000 before 1.0.1.90, R6250 before 1.0.4.42, R6400v2 before 1.0.4.98, R6700v3 before 1.0.4.98, R6900P before 1.3.2.124, R7000 before 1.0.11.106, R7000P before 1.3.2.124, R7100LG before 1.0.0.56, R7900 before 1.0.4.26, R8000 before 1.0.4.58, R8300 before 1.0.2.134, R8500 before 1.0.2.134, RS400 before 1.5.0.48, WNR3500Lv2 before 1.2.0.62, and XR300 before 1.0.3.50. 2021-12-26 not yet calculated CVE-2021-45512
MISC
netgear — d7000v2_firmware Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D7000v2 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX43 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX35v2 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and XR1000 before 1.0.0.58. 2021-12-26 not yet calculated CVE-2021-45614
MISC
netgear — d7800_firmware
 
Certain NETGEAR devices are affected by server-side injection. This affects D7800 before 1.0.1.58, DM200 before 1.0.0.66, EX2700 before 1.0.1.56, EX6150v2 before 1.0.1.86, EX6100v2 before 1.0.1.86, EX6200v2 before 1.0.1.78, EX6250 before 1.0.0.110, EX6410 before 1.0.0.110, EX6420 before 1.0.0.110, EX6400v2 before 1.0.0.110, EX7300 before 1.0.2.144, EX6400 before 1.0.2.144, EX7320 before 1.0.0.110, EX7300v2 before 1.0.0.110, R7500v2 before 1.0.3.48, R7800 before 1.0.2.68, R8900 before 1.0.5.2, R9000 before 1.0.5.2, RAX120 before 1.0.1.90, RBK40 before 2.5.1.16, RBK20 before 2.5.1.16, RBR20 before 2.5.1.16, RBS20 before 2.5.1.16, RBK50 before 2.5.1.16, RBR50 before 2.5.1.16, RBS50 before 2.5.1.16, RBS50Y before 2.6.1.40, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.80, WNR2000v5 before 1.0.0.72, XR500 before 2.3.2.56, and XR700 before 1.0.1.20. 2021-12-26 not yet calculated CVE-2021-45658
MISC
netgear — d7800_firmware
 
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.66, EX2700 before 1.0.1.68, WN3000RPv2 before 1.0.0.90, WN3000RPv3 before 1.0.2.100, LBR1020 before 2.6.5.20, LBR20 before 2.6.5.32, R6700AX before 1.0.10.110, R7800 before 1.0.2.86, R8900 before 1.0.5.38, R9000 before 1.0.5.38, RAX10 before 1.0.10.110, RAX120v1 before 1.2.3.28, RAX120v2 before 1.2.3.28, RAX70 before 1.0.10.110, RAX78 before 1.0.10.110, XR450 before 2.3.2.130, XR500 before 2.3.2.130, and XR700 before 1.0.1.46. 2021-12-26 not yet calculated CVE-2021-45602
MISC
MISC
netgear — d7800_firmware Certain NETGEAR devices are affected by disclosure of sensitive information. A UPnP request reveals a device’s serial number, which can be used for a password reset. This affects D7800 before 1.0.1.66, EX2700 before 1.0.1.68, WN3000RPv2 before 1.0.0.90, WN3000RPv3 before 1.0.2.100, LBR1020 before 2.6.5.20, LBR20 before 2.6.5.32, R6700AX before 1.0.10.110, R7800 before 1.0.2.86, R8900 before 1.0.5.38, R9000 before 1.0.5.38, RAX10 before 1.0.10.110, RAX120v1 before 1.2.3.28, RAX120v2 before 1.2.3.28, RAX70 before 1.0.10.110, RAX78 before 1.0.10.110, XR450 before 2.3.2.130, XR500 before 2.3.2.130, and XR700 before 1.0.1.46. 2021-12-26 not yet calculated CVE-2021-45603
MISC
MISC
netgear — d7800_firmware
 
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D7800 before 1.0.1.64, EX6250 before 1.0.0.134, EX7700 before 1.0.0.222, LBR20 before 2.6.3.50, RBS50Y before 2.7.3.22, R8900 before 1.0.5.26, R9000 before 1.0.5.26, XR450 before 2.3.2.66, XR500 before 2.3.2.66, XR700 before 1.0.1.36, EX7320 before 1.0.0.134, RAX120 before 1.2.2.24, EX7300v2 before 1.0.0.134, RAX120v2 before 1.2.2.24, EX6410 before 1.0.0.134, RBR10 before 2.7.3.22, RBR20 before 2.7.3.22, RBR40 before 2.7.3.22, RBR50 before 2.7.3.22, EX6420 before 1.0.0.134, RBS10 before 2.7.3.22, RBS20 before 2.7.3.22, RBS40 before 2.7.3.22, RBS50 before 2.7.3.22, EX6400v2 before 1.0.0.134, RBK12 before 2.7.3.22, RBK20 before 2.7.3.22, RBK40 before 2.7.3.22, and RBK50 before 2.7.3.22. 2021-12-26 not yet calculated CVE-2021-45642
MISC
netgear — d7800_firmware
 
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.58, R7500v2 before 1.0.3.48, R7800 before 1.0.2.68, R8900 before 1.0.5.2, R9000 before 1.0.5.2, RAX120 before 1.0.1.108, and XR700 before 1.0.1.20. 2021-12-26 not yet calculated CVE-2021-45552
MISC
netgear — d7800_firmware
 
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.60, DM200 before 1.0.0.66, EX2700 before 1.0.1.56, EX6150v2 before 1.0.1.86, EX6200v2 before 1.0.1.86, EX6250 before 1.0.0.128, EX6400 before 1.0.2.144, EX6400v2 before 1.0.0.128, EX6410 before 1.0.0.128, EX6420 before 1.0.0.128, EX7300 before 1.0.2.144, EX7300v2 before 1.0.0.128, EX7320 before 1.0.0.128, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.5.26, R9000 before 1.0.5.2, RAX120 before 1.0.1.128, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.80, WNR2000v5 before 1.0.0.74, XR500 before 2.3.2.66, RBK20 before 2.7.3.22, RBR20 before 2.7.3.22, RBS20 before 2.7.3.22, RBK40 before 2.7.3.22, RBR40 before 2.7.3.22, and RBS40 before 2.7.3.22. 2021-12-26 not yet calculated CVE-2021-45548
MISC
netgear — d7800_firmware
 
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D7800 before 1.0.1.64, EX6200v2 before 1.0.1.86, EX6250 before 1.0.0.134, EX7700 before 1.0.0.216, EX8000 before 1.0.1.232, LBR20 before 2.6.3.50, R7800 before 1.0.2.80, R8900 before 1.0.5.26, R9000 before 1.0.5.26, RAX120 before 1.2.0.16, RBS50Y before 1.0.0.56, WNR2000v5 before 1.0.0.76, XR450 before 2.3.2.114, XR500 before 2.3.2.114, XR700 before 1.0.1.36, EX6150v2 before 1.0.1.98, EX7300 before 1.0.2.158, EX7320 before 1.0.0.134, EX6100v2 before 1.0.1.98, EX6400 before 1.0.2.158, EX7300v2 before 1.0.0.134, EX6410 before 1.0.0.134, RBR10 before 2.6.1.44, RBR20 before 2.6.2.104, RBR40 before 2.6.2.104, RBR50 before 2.7.2.102, EX6420 before 1.0.0.134, RBS10 before 2.6.1.44, RBS20 before 2.6.2.104, RBS40 before 2.6.2.104, RBS50 before 2.7.2.102, EX6400v2 before 1.0.0.134, RBK12 before 2.6.1.44, RBK20 before 2.6.2.104, RBK40 before 2.6.2.104, and RBK50 before 2.7.2.102. 2021-12-26 not yet calculated CVE-2021-45618
MISC
netgear — d7800_firmware Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D7800 before 1.0.1.68, R6400v2 before 1.0.4.122, and R6700v3 before 1.0.4.122. 2021-12-26 not yet calculated CVE-2021-45608
MISC
netgear — d8500_firmware
 
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D8500 before 1.0.3.58, R6250 before 1.0.4.48, R7000 before 1.0.11.116, R7100LG before 1.0.0.64, R7900 before 1.0.4.38, R8300 before 1.0.2.144, R8500 before 1.0.2.144, XR300 before 1.0.3.68, R7000P before 1.3.2.132, and R6900P before 1.3.2.132. 2021-12-26 not yet calculated CVE-2021-45609
MISC
netgear — dc112a_firmware Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects DC112A before 1.0.0.52, R6400 before 1.0.1.68, RAX200 before 1.0.3.106, WNDR3400v3 before 1.0.1.38, XR300 before 1.0.3.68, R8500 before 1.0.2.144, RAX75 before 1.0.3.106, R8300 before 1.0.2.144, and RAX80 before 1.0.3.106. 2021-12-26 not yet calculated CVE-2021-45611
MISC
netgear — eax20_firmware
 
Certain NETGEAR devices are affected by stored XSS. This affects EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, RBW30 before 2.6.1.4, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, and RBS40V before 2.6.1.4. 2021-12-26 not yet calculated CVE-2021-45665
MISC
netgear — eax20_firmware Certain NETGEAR devices are affected by stored XSS. This affects EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, R7960P before 1.4.1.66, R7900P before 1.4.1.66, R8000P before 1.4.1.66, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX45 before 1.0.2.72, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, and RAX80 before 1.0.3.106. 2021-12-26 not yet calculated CVE-2021-45668
MISC
netgear — eax80_firmware Certain NETGEAR devices are affected by disclosure of sensitive information. This affects EAX80 before 1.0.1.62, EX7000 before 1.0.1.104, R6120 before 1.0.0.76, R6220 before 1.1.0.110, R6230 before 1.1.0.110, R6260 before 1.1.0.78, R6850 before 1.1.0.78, R6350 before 1.1.0.78, R6330 before 1.1.0.78, R6800 before 1.2.0.76, R6900v2 before 1.2.0.76, R6700v2 before 1.2.0.76, R7000 before 1.0.11.116, R6900P before 1.3.3.140, R7000P before 1.3.3.140, R7200 before 1.2.0.76, R7350 before 1.2.0.76, R7400 before 1.2.0.76, R7450 before 1.2.0.76, AC2100 before 1.2.0.76, AC2400 before 1.2.0.76, AC2600 before 1.2.0.76, R7900 before 1.0.4.38, R7960P before 1.4.1.66, R8000 before 1.0.4.68, R7900P before 1.4.1.66, R8000P before 1.4.1.66, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX45 before 1.0.2.72, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, and RAX80 before 1.0.3.106. 2021-12-26 not yet calculated CVE-2021-45647
MISC
netgear — ex6000_firmware Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects EX6000 before 1.0.0.38, EX6120 before 1.0.0.48, EX6130 before 1.0.0.30, R6300v2 before 1.0.4.52, R6400 before 1.0.1.52, R7000 before 1.0.11.126, R7900 before 1.0.4.30, R8000 before 1.0.4.52, R7000P before 1.3.2.124, R8000P before 1.4.1.50, RAX80 before 1.0.3.88, R6900P before 1.3.2.124, R7900P before 1.4.1.50, and RAX75 before 1.0.3.88. 2021-12-26 not yet calculated CVE-2021-45526
MISC
netgear — ex6100v2_firmware
 
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects EX6100v2 before 1.0.1.106, EX6150v2 before 1.0.1.106, EX6250 before 1.0.0.146, EX6400 before 1.0.2.164, EX6400v2 before 1.0.0.146, EX6410 before 1.0.0.146, EX6420 before 1.0.0.146, EX7300 before 1.0.2.164, EX7300v2 before 1.0.0.146, EX7320 before 1.0.0.146, EX7700 before 1.0.0.222, LBR1020 before 2.6.5.16, LBR20 before 2.6.5.2, RBK352 before 4.3.4.7, RBK50 before 2.7.3.22, RBR350 before 4.3.4.7, RBR50 before 2.7.3.22, and RBS350 before 4.3.4.7. 2021-12-26 not yet calculated CVE-2021-45648
MISC
netgear — ex6120_firmware
 
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects EX6120 before 1.0.0.66, EX6130 before 1.0.0.46, EX7000 before 1.0.1.106, EX7500 before 1.0.1.76, EX3700 before 1.0.0.94, EX3800 before 1.0.0.94, RBR850 before 4.6.3.9, RBS850 before 4.6.3.9, and RBK852 before 4.6.3.9. 2021-12-26 not yet calculated CVE-2021-45533
MISC
netgear — ex6200v2_firmware
 
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects EX6200v2 before 1.0.1.86, EX6250 before 1.0.0.134, EX7700 before 1.0.0.216, EX8000 before 1.0.1.232, LBR1020 before 2.6.3.58, LBR20 before 2.6.3.50, R7800 before 1.0.2.80, R8900 before 1.0.5.26, R9000 before 1.0.5.26, RBS50Y before 2.7.3.22, WNR2000v5 before 1.0.0.76, XR700 before 1.0.1.36, EX6150v2 before 1.0.1.98, EX7300 before 1.0.2.158, EX7320 before 1.0.0.134, RAX10 before 1.0.2.88, RAX120 before 1.2.0.16, RAX70 before 1.0.2.88, EX6100v2 before 1.0.1.98, EX6400 before 1.0.2.158, EX7300v2 before 1.0.0.134, R6700AX before 1.0.2.88, RAX120v2 before 1.2.0.16, RAX78 before 1.0.2.88, EX6410 before 1.0.0.134, RBR10 before 2.7.3.22, RBR20 before 2.7.3.22, RBR350 before 4.3.4.7, RBR40 before 2.7.3.22, RBR50 before 2.7.3.22, EX6420 before 1.0.0.134, RBS10 before 2.7.3.22, RBS20 before 2.7.3.22, RBS350 before 4.3.4.7, RBS40 before 2.7.3.22, RBS50 before 2.7.3.22, EX6400v2 before 1.0.0.134, RBK12 before 2.7.3.22, RBK20 before 2.7.3.22, RBK352 before 4.3.4.7, RBK40 before 2.7.3.22, and RBK50 before 2.7.3.22. 2021-12-26 not yet calculated CVE-2021-45619
MISC
netgear — ex7000_firmware Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects EX7000 before 1.0.1.80, R6400 before 1.0.1.50, R6400v2 before 1.0.4.118, R6700 before 1.0.2.8, R6700v3 before 1.0.4.118, R6900 before 1.0.2.8, R6900P before 1.3.2.124, R7000 before 1.0.9.88, R7000P before 1.3.2.124, R7900 before 1.0.3.18, R7900P before 1.4.1.50, R8000 before 1.0.4.46, R8000P before 1.4.1.50, RAX80 before 1.0.1.56, and WNR3500Lv2 before 1.2.0.62. 2021-12-26 not yet calculated CVE-2021-45525
MISC
netgear — ex7500_firmware
 
Certain NETGEAR devices are affected by denial of service. This affects EX7500 before 1.0.0.72, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, RBRE960 before 6.0.3.68, RBSE960 before 6.0.3.68, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, and RBK852 before 3.2.17.12. 2021-12-26 not yet calculated CVE-2021-45515
MISC
netgear — gc108p_firmware
 
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects GC108P before 1.0.8.2, GC108PP before 1.0.8.2, GS108Tv3 before 7.0.7.2, GS110TPv3 before 7.0.7.2, GS110TPP before 7.0.7.2, GS110TUP before 1.0.5.3, GS710TUP before 1.0.5.3, GS308T before 1.0.3.2, GS310TP before 1.0.3.2, GS710TUP before 1.0.5.3, GS716TP before 1.0.4.2, GS716TPP before 1.0.4.2, GS724TPP before 2.0.6.3, GS724TPv2 before 2.0.6.3, GS724TPP before 2.0.6.3, GS728TPPv2 before 6.0.8.2, GS728TPv2 before 6.0.8.2, GS752TPv2 before 6.0.8.2, GS752TPP before 6.0.8.2, GS750E before 1.0.1.10, MS510TXM before 1.0.4.2, and MS510TXUP before 1.0.4.2. 2021-12-26 not yet calculated CVE-2021-45557
MISC
netgear — genie_installer
 
All known versions of the Netgear Genie Installer for macOS contain a local privilege escalation vulnerability. The installer of the macOS version of Netgear Genie handles certain files in an insecure way. A malicious actor who has local access to the endpoint on which the software is going to be installed may overwrite certain files to obtain privilege escalation to root. 2021-12-30 not yet calculated CVE-2021-20172
MISC
netgear — gs108tv2_firmware Certain NETGEAR devices are affected by command injection by an authenticated user. This affects GS108Tv2 before 5.4.2.36, GS110TPP before 7.0.7.2, GS110TPv2 before 5.4.2.36., GS110TPv3 before 7.0.7.2, GS308T before 1.0.3.2, GS310TP before 1.0.3.2, GS724TPP before 2.0.6.3, GS724TPv2 before 2.0.6.3, GS728TPPv2 before 6.0.8.2, GS728TPv2 before 6.0.8.2, GS752TPP before 6.0.8.2, GS752TPv2 before 6.0.8.2, MS510TXM before 1.0.4.2, and MS510TXUP before 1.0.4.2. 2021-12-26 not yet calculated CVE-2021-45556
MISC
netgear — gs108tv2_firmware Certain NETGEAR devices are affected by stored XSS. This affects GS108Tv2 before 5.4.2.36 and GS110TPv2 before 5.4.2.36. 2021-12-26 not yet calculated CVE-2021-45677
MISC
netgear — lax20_firmware Certain NETGEAR devices are affected by command injection by an authenticated user. This affects LAX20 before 1.1.6.28, MK62 before 1.1.6.122, MR60 before 1.1.6.122, MS60 before 1.1.6.122, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.116, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.38, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RS400 before 1.5.1.80, and XR1000 before 1.0.0.58. 2021-12-26 not yet calculated CVE-2021-45549
MISC
netgear — lbr20_firmware Certain NETGEAR devices are affected by command injection by an authenticated user. This affects LBR20 before 2.6.3.50, RBS50Y before 2.7.3.22, RBR10 before 2.7.3.22, RBR20 before 2.7.3.22, RBR40 before 2.7.3.22, RBR50 before 2.7.3.22, RBS10 before 2.7.3.22, RBS20 before 2.7.3.22, RBS40 before 2.7.3.22, RBS50 before 2.7.3.22, RBK12 before 2.7.3.22, RBK20 before 2.7.3.22, RBK40 before 2.7.3.22, and RBK50 before 2.7.3.22. 2021-12-26 not yet calculated CVE-2021-45595
MISC
netgear — mediatek
 
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. 2021-12-26 not yet calculated CVE-2021-32469
MISC
netgear — mediatek
 
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. 2021-12-26 not yet calculated CVE-2021-32468
MISC
netgear — mediatek
 
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. 2021-12-26 not yet calculated CVE-2021-32467
MISC
netgear — mediatek_microchips MediaTek microchips, as used in NETGEAR devices through 2021-12-13 and other devices, mishandle attempts at Wi-Fi authentication flooding. 2021-12-26 not yet calculated CVE-2021-41788
MISC
netgear — multiple_devices MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. 2021-12-26 not yet calculated CVE-2021-37571
MISC
netgear — multiple_devices