Vulnerabilities (CVE)

Total 17151 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-27255 1 Realtek 4 Ecos Msdk, Ecos Msdk Firmware, Ecos Rsdk and 1 more 2022-09-30 7.5 HIGH 9.8 CRITICAL
In Realtek eCos RSDK 1.5.7p1 and MSDK 4.9.4p1, the SIP ALG function that rewrites SDP data has a stack-based buffer overflow. This allows an attacker to remotely execute code without authentication via a crafted SIP packet that contains malicious SDP data.
CVE-2021-45790 1 Metersphere 1 Metersphere 2022-09-30 N/A 9.8 CRITICAL
An arbitrary file upload vulnerability was found in Metersphere v1.15.4. Unauthenticated users can upload any file to arbitrary directory, where attackers can write a cron job to execute commands.
CVE-2022-37346 1 Ec-cube 1 Product Image Bulk Upload 2022-09-30 N/A 9.8 CRITICAL
EC-CUBE plugin 'Product Image Bulk Upload Plugin' 1.0.0 and 4.1.0 contains an insufficient verification vulnerability when uploading files. Exploiting this vulnerability allows a remote unauthenticated attacker to upload arbitrary files other than image files. If a user with an administrative privilege of EC-CUBE where the vulnerable plugin is installed is led to upload a specially crafted file, an arbitrary script may be executed on the system.
CVE-2022-3075 1 Google 1 Chrome 2022-09-30 N/A 9.6 CRITICAL
Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2022-38539 1 Archerydms 1 Archery 2022-09-30 N/A 9.8 CRITICAL
Archery v1.7.5 to v1.8.5 was discovered to contain a SQL injection vulnerability via the where parameter at /archive/apply.
CVE-2022-0790 1 Google 1 Chrome 2022-09-30 6.8 MEDIUM 9.6 CRITICAL
Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML page.
CVE-2022-32215 2 Llhttp, Nodejs 2 Llhttp, Node.js 2022-09-30 N/A 9.1 CRITICAL
The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS).
CVE-2022-32214 2 Llhttp, Nodejs 2 Llhttp, Node.js 2022-09-30 N/A 9.1 CRITICAL
The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS).
CVE-2022-32213 2 Llhttp, Nodejs 2 Llhttp, Node.js 2022-09-30 N/A 9.1 CRITICAL
The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling (HRS).
CVE-2022-30578 1 Tibco 1 Ebx Add-ons 2022-09-30 N/A 9.0 CRITICAL
The Web Server component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute Stored Cross Site Scripting (XSS) on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions 5.4.1 and below.
CVE-2022-23357 1 Mozilo 1 Mozilocms 2022-09-30 6.4 MEDIUM 9.1 CRITICAL
mozilo2.0 was discovered to be vulnerable to directory traversal attacks via the parameter curent_dir.
CVE-2021-4045 1 Tp-link 2 Tapo C200, Tapo C200 Firmware 2022-09-30 10.0 HIGH 9.8 CRITICAL
TP-Link Tapo C200 IP camera, on its 1.1.15 firmware version and below, is affected by an unauthenticated RCE vulnerability, present in the uhttpd binary running by default as root. The exploitation of this vulnerability allows an attacker to take full control of the camera.
CVE-2022-30935 1 B2evolution 1 B2evolution 2022-09-30 N/A 9.1 CRITICAL
An authorization bypass in b2evolution allows remote, unauthenticated attackers to predict password reset tokens for any user through the use of a bad randomness function. This allows the attacker to get valid sessions for arbitrary users, and optionally reset their password. Tested and confirmed in a default installation of version 7.2.3. Earlier versions are affected, possibly earlier major versions as well.
CVE-2021-40010 1 Huawei 3 Emui, Harmonyos, Magic Ui 2022-09-30 7.5 HIGH 9.8 CRITICAL
The bone voice ID TA has a heap overflow vulnerability.Successful exploitation of this vulnerability may result in malicious code execution.
CVE-2022-22532 1 Sap 1 Netweaver Application Server Java 2022-09-30 7.5 HIGH 9.8 CRITICAL
In SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an unauthenticated attacker could submit a crafted HTTP server request which triggers improper shared memory buffer handling. This could allow the malicious payload to be executed and hence execute functions that could be impersonating the victim or even steal the victim's logon session.
CVE-2021-21872 1 Lantronix 2 Premierwave 2050, Premierwave 2050 Firmware 2022-09-30 9.0 HIGH 9.9 CRITICAL
An OS command injection vulnerability exists in the Web Manager Diagnostics: Traceroute functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
CVE-2021-21873 1 Lantronix 2 Premierwave 2050, Premierwave 2050 Firmware 2022-09-30 9.0 HIGH 9.1 CRITICAL
A specially-crafted HTTP request can lead to arbitrary command execution in RSA keypasswd parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability.
CVE-2022-22258 1 Huawei 3 Emui, Harmonyos, Magic Ui 2022-09-30 7.5 HIGH 9.8 CRITICAL
The Wi-Fi module has an event notification vulnerability.Successful exploitation of this vulnerability may allow third-party applications to intercept event notifications and add information and result in elevation-of-privilege.
CVE-2022-29411 1 Hermit Project 1 Hermit 2022-09-30 7.5 HIGH 9.8 CRITICAL
SQL Injection (SQLi) vulnerability in Mufeng's Hermit ????? plugin <= 3.1.6 on WordPress allows attackers to execute SQLi attack via (&id).
CVE-2022-29264 1 Coreboot 1 Coreboot 2022-09-30 7.5 HIGH 9.8 CRITICAL
An issue was discovered in coreboot 4.13 through 4.16. On APs, arbitrary code execution in SMM may occur.