Vulnerabilities (CVE)

Total 16610 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-44228 11 Apache, Bentley, Cisco and 8 more 156 Log4j, Synchro, Synchro 4d and 153 more 2022-08-17 9.3 HIGH 10.0 CRITICAL
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.
CVE-2022-36272 1 Mingsoft 1 Mcms 2022-08-17 N/A 9.8 CRITICAL
Mingsoft MCMS 5.2.8 was discovered to contain a SQL injection vulnerability in /mdiy/page/verify URI via fieldName parameter.
CVE-2022-38193 1 Esri 1 Portal For Arcgis 2022-08-17 N/A 9.6 CRITICAL
There is a code injection vulnerability in Esri Portal for ArcGIS versions 10.8.1 and below that may allow a remote, unauthenticated attacker to pass strings which could potentially cause arbitrary code execution in a victims browser.
CVE-2022-36273 1 Tenda 2 Ac9, Ac9 Firmware 2022-08-17 N/A 9.8 CRITICAL
Tenda AC9 V15.03.2.21_cn is vulnerable to command injection via goform/SetSysTimeCfg.
CVE-2022-2847 1 Guest Management System Project 1 Guest Management System 2022-08-17 N/A 9.8 CRITICAL
A vulnerability, which was classified as critical, has been found in SourceCodester Guest Management System. This issue affects some unknown processing of the file /guestmanagement/front.php. The manipulation of the argument rid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206489 was assigned to this vulnerability.
CVE-2021-39085 5 Hp, Ibm, Linux and 2 more 6 Hp-ux, Aix, Sterling B2b Integrator and 3 more 2022-08-17 N/A 9.8 CRITICAL
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 215888.
CVE-2022-38221 3 Linux, Microsoft, The Isle Evrima Project 3 Linux Kernel, Windows, The Isle Evrima 2022-08-17 N/A 9.8 CRITICAL
A buffer overflow in the FTcpListener thread in The Isle Evrima (the dedicated server on Windows and Linux) 0.9.88.07 before 2022-08-12 allows a remote attacker to crash any server with an accessible RCON port, or possibly execute arbitrary code.
CVE-2022-35978 1 Minetest 1 Minetest 2022-08-17 N/A 10.0 CRITICAL
Minetest is a free open-source voxel game engine with easy modding and game creation. In **single player**, a mod can set a global setting that controls the Lua script loaded to display the main menu. The script is then loaded as soon as the game session is exited. The Lua environment the menu runs in is not sandboxed and can directly interfere with the user's system. There are currently no known workarounds.
CVE-2022-36308 1 Airspan 2 Airvelocity 1500, Airvelocity 1500 Firmware 2022-08-17 N/A 9.1 CRITICAL
Airspan AirVelocity 1500 web management UI displays SNMP credentials in plaintext on software versions older than 15.18.00.2511, and stores SNMPv3 credentials unhashed on the filesystem, enabling anyone with web access to use these credentials to manipulate the eNodeB over SNMP. This issue may affect other AirVelocity and AirSpeed models.
CVE-2022-36242 1 Clinic\'s Patient Management System Project 1 Clinic\'s Patient Management System 2022-08-17 N/A 9.8 CRITICAL
Clinic's Patient Management System v1.0 is vulnerable to SQL Injection via /pms/update_medicine.php?id=.
CVE-2022-36599 1 Mingsoft 1 Mcms 2022-08-17 N/A 9.8 CRITICAL
Mingsoft MCMS 5.2.8 was discovered to contain a SQL injection vulnerability in /mdiy/model/delete URI via models Lists.
CVE-2022-1996 2 Fedoraproject, Go-restful Project 2 Fedora, Go-restful 2022-08-17 6.4 MEDIUM 9.1 CRITICAL
Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.
CVE-2022-34253 2022-08-16 N/A 9.1 CRITICAL
Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an XML Injection vulnerability in the Widgets Module. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution. Exploitation of this issue does not require user interaction.
CVE-2022-36262 1 Taogogo 1 Taocms 2022-08-16 N/A 9.8 CRITICAL
An issue was discovered in taocms 3.0.2. in the website settings that allows arbitrary php code to be injected by modifying config.php.
CVE-2022-33171 1 Typeorm 1 Typeorm 2022-08-16 7.5 HIGH 9.8 CRITICAL
** DISPUTED ** The findOne function in TypeORM before 0.3.0 can either be supplied with a string or a FindOneOptions object. When input to the function is a user-controlled parsed JSON object, supplying a crafted FindOneOptions instead of an id string leads to SQL injection. NOTE: the vendor's position is that the user's application is responsible for input validation.
CVE-2022-2180 1 Greyd 1 Greyd.suite 2022-08-16 N/A 9.8 CRITICAL
The GREYD.SUITE WordPress theme does not properly validate uploaded custom font packages, and does not perform any authorization or csrf checks, allowing an unauthenticated attacker to upload arbitrary files including php source files, leading to possible remote code execution (RCE).
CVE-2022-2779 1 Gas Agency Management System Project 1 Gas Agency Management System 2022-08-16 N/A 9.8 CRITICAL
A vulnerability classified as critical was found in SourceCodester Gas Agency Management System. Affected by this vulnerability is an unknown functionality of the file /gasmark/assets/myimages/oneWord.php. The manipulation of the argument shell leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206173 was assigned to this vulnerability.
CVE-2022-36010 1 React Editable Json Tree Project 1 React Editable Json Tree 2022-08-16 N/A 9.8 CRITICAL
This library allows strings to be parsed as functions and stored as a specialized component, [`JsonFunctionValue`](https://github.com/oxyno-zeta/react-editable-json-tree/blob/09a0ca97835b0834ad054563e2fddc6f22bc5d8c/src/components/JsonFunctionValue.js). To do this, Javascript's [`eval`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/eval) function is used to execute strings that begin with "function" as Javascript. This unfortunately could allow arbitrary code to be executed if it exists as a value within the JSON structure being displayed. Given that this component may often be used to display data from arbitrary, untrusted sources, this is extremely dangerous. One important note is that users who have defined a custom [`onSubmitValueParser`](https://github.com/oxyno-zeta/react-editable-json-tree/tree/09a0ca97835b0834ad054563e2fddc6f22bc5d8c#onsubmitvalueparser) callback prop on the [`JsonTree`](https://github.com/oxyno-zeta/react-editable-json-tree/blob/09a0ca97835b0834ad054563e2fddc6f22bc5d8c/src/JsonTree.js) component should be ***unaffected***. This vulnerability exists in the default `onSubmitValueParser` prop which calls [`parse`](https://github.com/oxyno-zeta/react-editable-json-tree/blob/master/src/utils/parse.js#L30). Prop is added to `JsonTree` called `allowFunctionEvaluation`. This prop will be set to `true` in v2.2.2, which allows upgrade without losing backwards-compatibility. In v2.2.2, we switched from using `eval` to using [`Function`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Function) to construct anonymous functions. This is better than `eval` for the following reasons: - Arbitrary code should not be able to execute immediately, since the `Function` constructor explicitly *only creates* anonymous functions - Functions are created without local closures, so they only have access to the global scope If you use: - **Version `<2.2.2`**, you must upgrade as soon as possible. - **Version `^2.2.2`**, you must explicitly set `JsonTree`'s `allowFunctionEvaluation` prop to `false` to fully mitigate this vulnerability. - **Version `>=3.0.0`**, `allowFunctionEvaluation` is already set to `false` by default, so no further steps are necessary.
CVE-2022-2314 1 Vr Calendar Project 1 Vr Calendar 2022-08-16 N/A 9.8 CRITICAL
The VR Calendar WordPress plugin through 2.2.2 lets any user execute arbitrary PHP functions on the site.
CVE-2020-21642 1 Zohocorp 1 Manageengine Analytics Plus 2022-08-16 N/A 9.8 CRITICAL
Directory Traversal vulnerability ZDBQAREFSUBDIR parameter in /zropusermgmt API in Zoho ManageEngine Analytics Plus before 4350 allows remote attackers to run arbitrary code.