Vulnerabilities (CVE)

Total 13957 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-39990 1 Huawei 1 Harmonyos 2022-01-14 7.5 HIGH 9.8 CRITICAL
The screen lock module has a Stack-based Buffer Overflow vulnerability.Successful exploitation of this vulnerability may affect user experience.
CVE-2021-45003 1 Laundry Booking Management System Project 1 Laundry Booking Management System 2022-01-14 7.5 HIGH 9.8 CRITICAL
Laundry Booking Management System 1.0 (Latest) and previous versions are affected by a remote code execution (RCE) vulnerability in profile.php through the "image" parameter that can execute a webshell payload.
CVE-2018-1000613 4 Bouncycastle, Netapp, Opensuse and 1 more 24 Legion-of-the-bouncy-castle-java-crytography-api, Oncommand Workflow Automation, Leap and 21 more 2022-01-14 7.5 HIGH 9.8 CRITICAL
Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in XMSS/XMSS^MT private key deserialization that can result in Deserializing an XMSS/XMSS^MT private key can result in the execution of unexpected code. This attack appear to be exploitable via A handcrafted private key can include references to unexpected classes which will be picked up from the class path for the executing application. This vulnerability appears to have been fixed in 1.60 and later.
CVE-2021-44548 2 Apache, Microsoft 2 Solr, Windows 2022-01-14 6.8 MEDIUM 9.8 CRITICAL
An Improper Input Validation vulnerability in DataImportHandler of Apache Solr allows an attacker to provide a Windows UNC path resulting in an SMB network call being made from the Solr host to another host on the network. If the attacker has wider access to the network, this may lead to SMB attacks, which may result in: * The exfiltration of sensitive data such as OS user hashes (NTLM/LM hashes), * In case of misconfigured systems, SMB Relay Attacks which can lead to user impersonation on SMB Shares or, in a worse-case scenario, Remote Code Execution This issue affects all Apache Solr versions prior to 8.11.1. This issue only affects Windows.
CVE-2021-43832 1 Linuxfoundation 1 Spinnaker 2022-01-14 7.5 HIGH 9.8 CRITICAL
Spinnaker is an open source, multi-cloud continuous delivery platform. Spinnaker has improper permissions allowing pipeline creation & execution. This lets an arbitrary user with access to the gate endpoint to create a pipeline and execute it without authentication. If users haven't setup Role-based access control (RBAC) with-in spinnaker, this enables remote execution and access to deploy almost any resources on any account. Patches are available on the latest releases of the supported branches and users are advised to upgrade as soon as possible. Users unable to upgrade should enable RBAC on ALL accounts and applications. This mitigates the ability of a pipeline to affect any accounts. Block application access unless permission are enabled. Users should make sure ALL application creation is restricted via appropriate wildcards.
CVE-2021-35247 1 Solarwinds 1 Serv-u 2022-01-14 7.5 HIGH 9.8 CRITICAL
Serv-U web login screen was allowing characters that were not sanitized by the authentication mechanism. SolarWinds has updated the authentication mechanism to remedy this issue and prevent unauthorized parameters to be used in the Serv-U login screen With the Log4j issue in the wild, input fields across the internet have been tested for vulnerability. Although Serv-U was not affected by the log4j issue, It was discovered that better input validation could be implemented.
CVE-2021-45334 1 Online Thesis Archiving System Project 1 Online Thesis Archiving System 2022-01-13 7.5 HIGH 9.8 CRITICAL
Sourcecodester Online Thesis Archiving System 1.0 is vulnerable to SQL Injection. An attacker can bypass admin authentication and gain access to admin panel using SQL Injection
CVE-2021-32998 1 Fanuc 18 R-30ia, R-30ia Firmware, R-30ia Mate and 15 more 2022-01-13 10.0 HIGH 9.8 CRITICAL
The FANUC R-30iA and R-30iB series controllers are vulnerable to an out-of-bounds write, which may allow an attacker to remotely execute arbitrary code. INIT START/restore from backup required.
CVE-2021-23568 1 Eggjs 1 Extend2 2022-01-13 7.5 HIGH 9.8 CRITICAL
The package extend2 before 1.0.1 are vulnerable to Prototype Pollution via the extend function due to unsafe recursive merge.
CVE-2021-45970 1 Insyde 1 Insydeh2o 2022-01-13 7.5 HIGH 9.8 CRITICAL
An issue was discovered in IdeBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer (the status code saved at the CommBuffer+4 location).
CVE-2021-39982 1 Huawei 1 Harmonyos 2022-01-13 6.4 MEDIUM 9.1 CRITICAL
Phone Manager application has a Improper Privilege Management vulnerability.Successful exploitation of this vulnerability may read and write arbitrary files by tampering with Phone Manager notifications.
CVE-2021-45969 1 Insyde 1 Insydeh2o 2022-01-13 7.5 HIGH 9.8 CRITICAL
An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer (the CommBuffer+8 location).
CVE-2022-22704 1 Alpinelinux 1 Alpine Linux 2022-01-13 10.0 HIGH 9.8 CRITICAL
The zabbix-agent2 package before 5.4.9-r1 for Alpine Linux sometimes allows privilege escalation to root because the design incorrectly expected that systemd would (in effect) determine part of the configuration.
CVE-2021-23594 1 Agoric 1 Realms-shim 2022-01-13 7.5 HIGH 10.0 CRITICAL
All versions of package realms-shim are vulnerable to Sandbox Bypass via a Prototype Pollution attack vector.
CVE-2021-45456 1 Apache 1 Kylin 2022-01-13 7.5 HIGH 9.8 CRITICAL
Apache kylin checks the legitimacy of the project before executing some commands with the project name passed in by the user. There is a mismatch between what is being checked and what is being used as the shell command argument in DiagnosisService. This may cause an illegal project name to pass the check and perform the following steps, resulting in a command injection vulnerability. This issue affects Apache Kylin 4.0.0.
CVE-2021-23543 1 Agoric 1 Realms-shim 2022-01-13 7.5 HIGH 9.8 CRITICAL
All versions of package realms-shim are vulnerable to Sandbox Bypass via a Prototype Pollution attack vector.
CVE-2021-41842 1 Insyde 1 Insydeh2o 2022-01-13 7.5 HIGH 9.8 CRITICAL
An issue was discovered in AtaLegacySmm in the kernel 5.0 before 05.08.46, 5.1 before 05.16.46, 5.2 before 05.26.46, 5.3 before 05.35.46, 5.4 before 05.43.46, and 5.5 before 05.51.45 in Insyde InsydeH2O. Code execution can occur because the SMI handler lacks a CommBuffer check.
CVE-2021-45971 1 Insyde 1 Insydeh2o 2022-01-13 7.5 HIGH 9.8 CRITICAL
An issue was discovered in SdHostDriver in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer (CommBufferData).
CVE-2022-21647 1 Codeigniter 1 Codeigniter 2022-01-13 7.5 HIGH 9.8 CRITICAL
CodeIgniter is an open source PHP full-stack web framework. Deserialization of Untrusted Data was found in the `old()` function in CodeIgniter4. Remote attackers may inject auto-loadable arbitrary objects with this vulnerability, and possibly execute existing PHP code on the server. We are aware of a working exploit, which can lead to SQL injection. Users are advised to upgrade to v4.1.6 or later. Users unable to upgrade as advised to not use the `old()` function and form_helper nor `RedirectResponse::withInput()` and `redirect()->withInput()`.
CVE-2022-22122 2022-01-13 N/A 9.8 CRITICAL
In Mattermost Focalboard, versions prior to v0.7.5, v0.8.4, v0.9.5, v0.10.1 and v0.11.0-rc1; as used respectively in Mattermost, versions prior to v5.37.6, v5.39.3, v6.0.4, v6.1.1 and v6.2.0, are vulnerable to Insufficient Session Expiration. When a user initiates a logout, their session is not invalidated properly. In addition, user sessions are stored in the browser’s local storage, which by default does not have an expiration time. This makes it possible for an attacker to steal and reuse the cookies using techniques such as XSS attacks, to completely take over a victim account.