Vulnerabilities (CVE)

Total 200554 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-4044 1 Mattermost 1 Mattermost 2022-11-26 N/A 6.5 MEDIUM
A denial-of-service vulnerability in Mattermost allows an authenticated user to crash the server via multiple large autoresponder messages.
CVE-2022-4019 1 Mattermost 1 Mattermost 2022-11-26 N/A 6.5 MEDIUM
A denial-of-service vulnerability in the Mattermost Playbooks plugin allows an authenticated user to crash the server via multiple large requests to one of the Playbooks API endpoints.
CVE-2022-45472 1 Caehealthcare 1 Learningspace Enterprise 2022-11-26 N/A 5.4 MEDIUM
CAE LearningSpace Enterprise (with Intuity License) image 267r patch 639 allows DOM XSS, related to ontouchmove and onpointerup.
CVE-2022-41919 1 Fastify 1 Fastify 2022-11-26 N/A 8.8 HIGH
Fastify is a web framework with minimal overhead and plugin architecture. The attacker can use the incorrect `Content-Type` to bypass the `Pre-Flight` checking of `fetch`. `fetch()` requests with Content-Type’s essence as "application/x-www-form-urlencoded", "multipart/form-data", or "text/plain", could potentially be used to invoke routes that only accepts `application/json` content type, thus bypassing any CORS protection, and therefore they could lead to a Cross-Site Request Forgery attack. This issue has been patched in version 4.10.2 and 3.29.4. As a workaround, implement Cross-Site Request Forgery protection using `@fastify/csrf'.
CVE-2022-37773 1 Maarch 1 Maarch Rm 2022-11-26 N/A 6.5 MEDIUM
An authenticated SQL Injection vulnerability in the statistics page (/statistics/retrieve) of Maarch RM 2.8, via the filter parameter, allows the complete disclosure of all databases.
CVE-2022-40870 1 Parallels 1 Remote Application Server 2022-11-26 N/A 8.1 HIGH
The Web Client of Parallels Remote Application Server v18.0 is vulnerable to Host Header Injection attacks. This vulnerability allows attackers to execute arbitrary commands via a crafted payload injected into the Host header.
CVE-2022-37774 1 Maarch 1 Maarch Rm 2022-11-26 N/A 5.3 MEDIUM
There is a broken access control vulnerability in the Maarch RM 2.8.3 solution. When accessing some specific document (pdf, email) from an archive, a preview is proposed by the application. This preview generates a URL including an md5 hash of the file accessed. The document's URL (https://{url}/tmp/{MD5 hash of the document}) is then accessible without authentication.
CVE-2022-39199 1 Codenotary 1 Immudb 2022-11-26 N/A 5.9 MEDIUM
immudb is a database with built-in cryptographic proof and verification. immudb client SDKs use server's UUID to distinguish between different server instance so that the client can connect to different immudb instances and keep the state for multiple servers. SDK does not validate this uuid and can accept any value reported by the server. A malicious server can change the reported UUID tricking the client to treat it as a different server thus accepting a state completely irrelevant to the one previously retrieved from the server. This issue has been patched in version 1.4.1. As a workaround, when initializing an immudb client object a custom state handler can be used to store the state. Providing custom implementation that ignores the server UUID can be used to ensure that even if the server changes the UUID, client will still consider it to be the same server.
CVE-2022-2791 1 Emerson 1 Proficy 2022-11-26 N/A 7.8 HIGH
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-434 Unrestricted Upload of File with Dangerous Type, and will upload any file written into the PLC logic folder to the connected PLC.
CVE-2022-4116 1 Redhat 1 Build Of Quarkus 2022-11-26 N/A 9.8 CRITICAL
A vulnerability was found in quarkus. This security flaw happens in Dev UI Config Editor which is vulnerable to drive-by localhost attacks leading to remote code execution.
CVE-2022-41943 1 Sourcegraph 1 Sourcegraph 2022-11-26 N/A 7.2 HIGH
sourcegraph is a code intelligence platform. As a site admin it was possible to execute arbitrary commands on Gitserver when the experimental `customGitFetch` feature was enabled. This experimental feature has now been disabled by default. This issue has been patched in version 4.1.0.
CVE-2022-41942 1 Sourcegraph 1 Sourcegraph 2022-11-26 N/A 7.8 HIGH
Sourcegraph is a code intelligence platform. In versions prior to 4.1.0 a command Injection vulnerability existed in the gitserver service, present in all Sourcegraph deployments. This vulnerability was caused by a lack of input validation on the host parameter of the `/list-gitolite` endpoint. It was possible to send a crafted request to gitserver that would execute commands inside the container. Successful exploitation requires the ability to send local requests to gitserver. The issue is patched in version 4.1.0.
CVE-2022-40228 1 Ibm 1 Datapower Gateway 2022-11-26 N/A 5.4 MEDIUM
IBM DataPower Gateway 10.0.3.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.9, 2018.4.1.0 through 2018.4.1.22, and 10.5.0.0 through 10.5.0.2 does not invalidate session after a password change which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 235527.
CVE-2022-41950 3 Apple, Linux, Super Xray Project 3 Macos, Linux Kernel, Super Xray 2022-11-26 N/A 7.8 HIGH
super-xray is the GUI alternative for vulnerability scanning tool xray. In 0.2-beta, a privilege escalation vulnerability was discovered. This caused inaccurate default xray permissions. Note: this vulnerability only affects Linux and Mac OS systems. Users should upgrade to super-xray 0.3-beta.
CVE-2022-41952 1 Matrix 1 Synapse 2022-11-26 N/A 5.3 MEDIUM
Synapse before 1.52.0 with URL preview functionality enabled will attempt to generate URL previews for media stream URLs without properly limiting connection time. Connections will only be terminated after `max_spider_size` (default: 10M) bytes have been downloaded, which can in some cases lead to long-lived connections towards the streaming media server (for instance, Icecast). This can cause excessive traffic and connections toward such servers if their stream URL is, for example, posted to a large room with many Synapse instances with URL preview enabled. Version 1.52.0 implements a timeout mechanism which will terminate URL preview connections after 30 seconds. Since generating URL previews for media streams is not supported and always fails, 1.53.0 additionally implements an allow list for content types for which Synapse will even attempt to generate a URL preview. Upgrade to 1.53.0 to fully resolve the issue. As a workaround, turn off URL preview functionality by setting `url_preview_enabled: false` in the Synapse configuration file.
CVE-2022-4111 1 Tooljet 1 Tooljet 2022-11-26 N/A 6.5 MEDIUM
Unrestricted file size limit can lead to DoS in tooljet/tooljet <1.27 by allowing a logged in attacker to upload profile pictures over 2MB.
CVE-2022-40602 1 Zyxel 2 Lte3301-m209, Lte3301-m209 Firmware 2022-11-26 N/A 9.8 CRITICAL
A flaw in the Zyxel LTE3301-M209 firmware verisons prior to V1.00(ABLG.6)C0 could allow a remote attacker to access the device using an improper pre-configured password if the remote administration feature has been enabled by an authenticated administrator.
CVE-2022-41940 1 Socket 1 Engine.io 2022-11-26 N/A 6.5 MEDIUM
Engine.IO is the implementation of transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. A specially crafted HTTP request can trigger an uncaught exception on the Engine.IO server, thus killing the Node.js process. This impacts all the users of the engine.io package, including those who uses depending packages like socket.io. There is no known workaround except upgrading to a safe version. There are patches for this issue released in versions 3.6.1 and 6.2.1.
CVE-2022-41326 1 Mitel 1 Micollab 2022-11-26 N/A 9.8 CRITICAL
The web conferencing component of Mitel MiCollab through 9.6.0.13 could allow an unauthenticated attacker to upload arbitrary scripts due to improper authorization controls. A successful exploit could allow remote code execution within the context of the application.
CVE-2022-41223 1 Mitel 1 Mivoice Connect 2022-11-26 N/A 6.8 MEDIUM
The Director database component of MiVoice Connect through 19.3 (22.22.6100.0) could allow an authenticated attacker to conduct a code-injection attack via crafted data due to insufficient restrictions on the database data type.