Vulnerabilities (CVE)

Filtered by CWE-20
Total 9244 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-27255 1 Realtek 4 Ecos Msdk, Ecos Msdk Firmware, Ecos Rsdk and 1 more 2022-09-30 7.5 HIGH 9.8 CRITICAL
In Realtek eCos RSDK 1.5.7p1 and MSDK 4.9.4p1, the SIP ALG function that rewrites SDP data has a stack-based buffer overflow. This allows an attacker to remotely execute code without authentication via a crafted SIP packet that contains malicious SDP data.
CVE-2022-3075 1 Google 1 Chrome 2022-09-30 N/A 9.6 CRITICAL
Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2022-1271 3 Debian, Gnu, Redhat 3 Debian Linux, Gzip, Jboss Data Grid 2022-09-30 N/A 8.8 HIGH
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.
CVE-2022-3201 1 Google 2 Chrome, Chrome Os 2022-09-30 N/A 5.4 MEDIUM
Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page.
CVE-2021-22826 1 Schneider-electric 1 Ecostruxure Power Monitoring Expert 2022-09-30 6.8 MEDIUM 8.8 HIGH
A CWE-20: Improper Input Validation vulnerability exists that could cause arbitrary code execution when the user visits a page containing the injected payload. This CVE is unique from CVE-2021-22827. Affected Product: EcoStruxure? Power Monitoring Expert 9.0 and prior versions
CVE-2021-22827 1 Schneider-electric 1 Ecostruxure Power Monitoring Expert 2022-09-30 6.8 MEDIUM 8.8 HIGH
A CWE-20: Improper Input Validation vulnerability exists that could cause arbitrary code execution when the user visits a page containing the injected payload. This CVE is unique from CVE-2021-22826. Affected Product: EcoStruxure? Power Monitoring Expert 9.0 and prior versions
CVE-2022-22525 1 Gavazziautomation 3 Cpy Car Park Server, Uwp 3.0 Monitoring Gateway And Controller, Uwp 3.0 Monitoring Gateway And Controller Firmware 2022-09-30 N/A 7.2 HIGH
In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 an remote attacker with admin rights could execute arbitrary commands due to missing input sanitization in the backup restore function
CVE-2022-39232 2022-09-29 N/A N/A
Discourse is an open source discussion platform. Starting with version 2.9.0.beta5 and prior to version 2.9.0.beta10, an incomplete quote can generate a JavaScript error which will crash the current page in the browser in some cases. Version 2.9.0.beta10 added a fix and tests to ensure incomplete quotes won't break the app. As a workaround, the quote can be fixed via the rails console.
CVE-2022-39226 2022-09-29 N/A N/A
Discourse is an open source discussion platform. In versions prior to 2.8.9 on the `stable` branch and prior to 2.9.0.beta10 on the `beta` and `tests-passed` branches, a malicious actor can add large payloads of text into the Location and Website fields of a user profile, which causes issues for other users when loading that profile. A fix to limit the length of user input for these fields is included in version 2.8.9 on the `stable` branch and version 2.9.0.beta10 on the `beta` and `tests-passed` branches. There are no known workarounds.
CVE-2022-39266 2022-09-29 N/A N/A
isolated-vm is a library for nodejs which gives the user access to v8's Isolate interface. In versions 4.3.6 and prior, if the untrusted v8 cached data is passed to the API through CachedDataOptions, attackers can bypass the sandbox and run arbitrary code in the nodejs process. As of time of publication, there are no known fixed versions or workarounds.
CVE-2021-21705 3 Netapp, Oracle, Php 3 Clustered Data Ontap, Sd-wan Aware, Php 2022-09-29 5.0 MEDIUM 5.3 MEDIUM
In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using URL validation functionality via filter_var() function with FILTER_VALIDATE_URL parameter, an URL with invalid password field can be accepted as valid. This can lead to the code incorrectly parsing the URL and potentially leading to other security implications - like contacting a wrong server or making a wrong access decision.
CVE-2022-2856 1 Google 2 Android, Chrome 2022-09-28 N/A 6.5 MEDIUM
Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker to arbitrarily browse to a malicious website via a crafted HTML page.
CVE-2021-4059 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2022-09-27 4.3 MEDIUM 6.5 MEDIUM
Insufficient data validation in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2021-4068 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2022-09-27 4.3 MEDIUM 6.5 MEDIUM
Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2022-32229 1 Rocket.chat 1 Rocket.chat 2022-09-27 N/A 4.3 MEDIUM
A information disclosure vulnerability exists in Rockert.Chat <v5 due to /api/v1/chat.getThreadsList lack of sanitization of user inputs and can therefore leak private thread messages to unauthorized users via Mongo DB injection.
CVE-2022-22423 2 Ibm, Linux 5 Aix, Common Cryptographic Architecture, I and 2 more 2022-09-27 N/A 5.5 MEDIUM
IBM Common Cryptographic Architecture (CCA 5.x MTM for 4767 and CCA 7.x MTM for 4769) could allow a local user to cause a denial of service due to improper input validation. IBM X-Force ID: 223596.
CVE-2022-32228 1 Rocket.chat 1 Rocket.chat 2022-09-27 N/A 4.3 MEDIUM
An information disclosure vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 since the getReadReceipts Meteor server method does not properly filter user inputs that are passed to MongoDB queries, allowing $regex queries to enumerate arbitrary Message IDs.
CVE-2022-29243 1 Nextcloud 1 Nextcloud Server 2022-09-27 4.0 MEDIUM 4.3 MEDIUM
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Prior to versions 22.2.7 and 23.0.4, missing input-size validation of new session names allows users to create app passwords with long names. These long names are then loaded into memory on usage, resulting in impacted performance. Versions 22.2.7 and 23.0.4 contain a fix for this issue. There are currently no known workarounds available.
CVE-2017-0888 1 Nextcloud 2 Nextcloud, Nextcloud Server 2022-09-27 4.3 MEDIUM 4.3 MEDIUM
Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Content-Spoofing vulnerability in the "files" app. The top navigation bar displayed in the files list contained partially user-controllable input leading to a potential misrepresentation of information.
CVE-2017-0887 1 Nextcloud 2 Nextcloud, Nextcloud Server 2022-09-27 4.0 MEDIUM 4.3 MEDIUM
Nextcloud Server before 9.0.55 and 10.0.2 suffers from a bypass in the quota limitation. Due to not properly sanitizing values provided by the `OC-Total-Length` HTTP header an authenticated adversary may be able to exceed their configured user quota. Thus using more space than allowed by the administrator.