CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2022-23304 2022-01-17 2022-01-17
0.0
None ??? ??? ??? ??? ??? ???
The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495.
2 CVE-2022-23303 2022-01-17 2022-01-17
0.0
None ??? ??? ??? ??? ??? ???
The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9494.
3 CVE-2022-23227 Exec Code 2022-01-14 2022-01-14
0.0
None ??? ??? ??? ??? ??? ???
NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users because of the lack of handle_import_user.php authentication. When combined with another flaw (CVE-2011-5325), it is possible to overwrite arbitrary files under the web root and achieve code execution as root.
4 CVE-2022-23222 +Priv 2022-01-14 2022-01-14
0.0
None ??? ??? ??? ??? ??? ???
kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types.
5 CVE-2022-23219 DoS Exec Code Overflow 2022-01-14 2022-01-14
0.0
None ??? ??? ??? ??? ??? ???
The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.
6 CVE-2022-23218 DoS Exec Code Overflow 2022-01-14 2022-01-14
0.0
None ??? ??? ??? ??? ??? ???
The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.
7 CVE-2022-23178 2022-01-15 2022-01-15
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web interface of the HDMI switcher is accessed unauthenticated, user credentials are disclosed that are valid to authenticate to the web interface. Specifically, aj.html sends a JSON document with uname and upassword fields.
8 CVE-2022-23134 2022-01-13 2022-01-13
0.0
None ??? ??? ??? ??? ??? ???
After the initial setup process, some steps of setup.php file are reachable not only by super-administrators, but by unauthenticated users as well. Malicious actor can pass step checks and potentially change the configuration of Zabbix Frontend.
9 CVE-2022-23133 XSS 2022-01-13 2022-01-13
0.0
None ??? ??? ??? ??? ??? ???
An authenticated user can create a hosts group from the configuration with XSS payload, which will be available for other users. When XSS is stored by an authenticated malicious actor and other users try to search for groups during new host creation, the XSS payload will fire and the actor can steal session cookies and perform session hijacking to impersonate users or take over their accounts.
10 CVE-2022-23132 Bypass 2022-01-13 2022-01-13
0.0
None ??? ??? ??? ??? ??? ???
During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix] folder. In this case, Zabbix Proxy or Server processes can bypass file read, write and execute permissions check on the file system level
11 CVE-2022-23131 +Priv 2022-01-13 2022-01-13
0.0
None ??? ??? ??? ??? ??? ???
In the case of instances where the SAML SSO authentication is enabled (non-default), session data can be modified by a malicious actor, because a user login stored in the session was not verified. Malicious unauthenticated actor may exploit this issue to escalate privileges and gain admin access to Zabbix Frontend. To perform the attack, SAML authentication is required to be enabled and the actor has to know the username of Zabbix user (or use the guest account, which is disabled by default).
12 CVE-2022-23118 2022-01-12 2022-01-13
0.0
None ??? ??? ??? ??? ??? ???
Jenkins Debian Package Builder Plugin 1.6.11 and earlier implements functionality that allows agents to invoke command-line `git` at an attacker-specified path on the controller, allowing attackers able to control agent processes to invoke arbitrary OS commands on the controller.
13 CVE-2022-23117 2022-01-12 2022-01-13
0.0
None ??? ??? ??? ??? ??? ???
Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able to control agent processes to retrieve all username/password credentials stored on the Jenkins controller.
14 CVE-2022-23116 2022-01-12 2022-01-13
0.0
None ??? ??? ??? ??? ??? ???
Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able to control agent processes to decrypt secrets stored in Jenkins obtained through another method.
15 CVE-2022-23115 CSRF 2022-01-12 2022-01-13
0.0
None ??? ??? ??? ??? ??? ???
Cross-site request forgery (CSRF) vulnerabilities in Jenkins batch task Plugin 1.19 and earlier allows attackers with Overall/Read access to retrieve logs, build or delete a batch task.
16 CVE-2022-23114 2022-01-12 2022-01-13
0.0
None ??? ??? ??? ??? ??? ???
Jenkins Publish Over SSH Plugin 1.22 and earlier stores password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.
17 CVE-2022-23113 2022-01-12 2022-01-13
0.0
None ??? ??? ??? ??? ??? ???
Jenkins Publish Over SSH Plugin 1.22 and earlier performs a validation of the file name specifying whether it is present or not, resulting in a path traversal vulnerability allowing attackers with Item/Configure permission to discover the name of the Jenkins controller files.
18 CVE-2022-23112 2022-01-12 2022-01-13
0.0
None ??? ??? ??? ??? ??? ???
A missing permission check in Jenkins Publish Over SSH Plugin 1.22 and earlier allows attackers with Overall/Read access to connect to an attacker-specified SSH server using attacker-specified credentials.
19 CVE-2022-23111 CSRF 2022-01-12 2022-01-13
0.0
None ??? ??? ??? ??? ??? ???
A cross-site request forgery (CSRF) vulnerability in Jenkins Publish Over SSH Plugin 1.22 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials.
20 CVE-2022-23110 XSS 2022-01-12 2022-01-13
0.0
None ??? ??? ??? ??? ??? ???
Jenkins Publish Over SSH Plugin 1.22 and earlier does not escape the SSH server name, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Overall/Administer permission.
21 CVE-2022-23109 2022-01-12 2022-01-13
0.0
None ??? ??? ??? ??? ??? ???
Jenkins HashiCorp Vault Plugin 3.7.0 and earlier does not mask Vault credentials in Pipeline build logs or in Pipeline step descriptions when Pipeline: Groovy Plugin 2.85 or later is installed.
22 CVE-2022-23108 XSS 2022-01-12 2022-01-13
0.0
None ??? ??? ??? ??? ??? ???
Jenkins Badge Plugin 1.9 and earlier does not escape the description and does not check for allowed protocols when creating a badge, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
23 CVE-2022-23107 2022-01-12 2022-01-13
0.0
None ??? ??? ??? ??? ??? ???
Jenkins Warnings Next Generation Plugin 9.10.2 and earlier does not restrict the name of a file when configuring custom ID, allowing attackers with Item/Configure permission to write and read specific files with a hard-coded suffix on the Jenkins controller file system.
24 CVE-2022-23106 2022-01-12 2022-01-13
0.0
None ??? ??? ??? ??? ??? ???
Jenkins Configuration as Code Plugin 1.55 and earlier used a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a valid authentication token.
25 CVE-2022-23105 2022-01-12 2022-01-13
0.0
None ??? ??? ??? ??? ??? ???
Jenkins Active Directory Plugin 2.25 and earlier does not encrypt the transmission of data between the Jenkins controller and Active Directory servers in most configurations.
26 CVE-2022-23095 Exec Code Mem. Corr. 2022-01-15 2022-01-15
0.0
None ??? ??? ??? ??? ??? ???
Open Design Alliance Drawings SDK before 2022.12.1 mishandles the loading of JPG files. Unchecked input data from a crafted JPG file leads to memory corruption. An attacker can leverage this vulnerability to execute code in the context of the current process.
27 CVE-2022-23094 DoS 2022-01-15 2022-01-16
0.0
None ??? ??? ??? ??? ??? ???
Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state object exists. This is fixed in 4.6.
28 CVE-2022-22991 2022-01-13 2022-01-17
0.0
None ??? ??? ??? ??? ??? ???
A malicious user on the same LAN could use DNS spoofing followed by a command injection attack to trick a NAS device into loading through an unsecured HTTP call. Addressed this vulnerability by disabling checks for internet connectivity using HTTP.
29 CVE-2022-22990 Exec Code Bypass 2022-01-13 2022-01-17
0.0
None ??? ??? ??? ??? ??? ???
A limited authentication bypass vulnerability was discovered that could allow an attacker to achieve remote code execution and escalate privileges on the My Cloud devices. Addressed this vulnerability by changing access token validation logic and rewriting rule logic on PHP scripts.
30 CVE-2022-22989 Overflow 2022-01-13 2022-01-14
0.0
None ??? ??? ??? ??? ??? ???
My Cloud OS 5 was vulnerable to a pre-authenticated stack overflow vulnerability on the FTP service. Addressed the vulnerability by adding defenses against stack overflow issues.
31 CVE-2022-22988 2022-01-13 2022-01-14
0.0
None ??? ??? ??? ??? ??? ???
File and directory permissions have been corrected to prevent unintended users from modifying or accessing resources.
32 CVE-2022-22847 File Inclusion 2022-01-10 2022-01-10
0.0
None ??? ??? ??? ??? ??? ???
Formpipe Lasernet before 9.13.3 allows file inclusion in Client Web Services (either by an authenticated attacker, or in a configuration that does not require authentication).
33 CVE-2022-22846 2022-01-10 2022-01-10
0.0
None ??? ??? ??? ??? ??? ???
The dnslib package through 0.9.16 for Python does not verify that the ID value in a DNS reply matches an ID value in a query.
34 CVE-2022-22845 2022-01-10 2022-01-10
0.0
None ??? ??? ??? ??? ??? ???
QXIP SIPCAPTURE homer-app before 1.4.28 for HOMER 7.x has the same 167f0db2-f83e-4baa-9736-d56064a5b415 JWT secret key across different customers' installations.
35 CVE-2022-22844 2022-01-10 2022-01-10
0.0
None ??? ??? ??? ??? ??? ???
LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field.
36 CVE-2022-22836 Dir. Trav. 2022-01-10 2022-01-10
0.0
None ??? ??? ??? ??? ??? ???
CoreFTP Server before 727 allows directory traversal (for file creation) by an authenticated attacker via ../ in an HTTP PUT request.
37 CVE-2022-22821 Dir. Trav. 2022-01-10 2022-01-10
0.0
None ??? ??? ??? ??? ??? ???
NVIDIA NeMo before 1.6.0 contains a vulnerability in ASR WebApp, in which ../ Path Traversal may lead to deletion of any directory when admin privileges are available.
38 CVE-2022-22817 2022-01-10 2022-01-10
0.0
None ??? ??? ??? ??? ??? ???
PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method.
39 CVE-2022-22816 2022-01-10 2022-01-10
0.0
None ??? ??? ??? ??? ??? ???
path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path.
40 CVE-2022-22815 2022-01-10 2022-01-10
0.0
None ??? ??? ??? ??? ??? ???
path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path.
41 CVE-2022-22703 2022-01-17 2022-01-17
0.0
None ??? ??? ??? ??? ??? ???
In Stormshield SSO Agent 2.x before 2.1.1 and 3.x before 3.0.2, the cleartext user password and PSK are contained in the log file of the .exe installer.
42 CVE-2022-22702 2022-01-10 2022-01-10
0.0
None ??? ??? ??? ??? ??? ???
PartKeepr versions up to v1.4.0, in the functionality to upload attachments using a URL when creating a part does not validate that requests can be made to local ports, allowing an authenticated user to carry out SSRF attacks and port enumeration.
43 CVE-2022-22701 2022-01-10 2022-01-10
0.0
None ??? ??? ??? ??? ??? ???
PartKeepr versions up to v1.4.0, loads attachments using a URL while creating a part and allows the use of the 'file://' URI scheme, allowing an authenticated user to read local files.
44 CVE-2022-22531 2022-01-14 2022-01-14
0.0
None ??? ??? ??? ??? ??? ???
The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to run arbitrary script code, resulting in sensitive information being disclosed or modified.
45 CVE-2022-22530 2022-01-14 2022-01-14
0.0
None ??? ??? ??? ??? ??? ???
The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to inject dangerous content or malicious code which could result in critical information being modified or completely compromise the availability of the application.
46 CVE-2022-22529 Exec Code XSS 2022-01-14 2022-01-14
0.0
None ??? ??? ??? ??? ??? ???
SAP Enterprise Threat Detection (ETD) - version 2.0, does not sufficiently encode user-controlled inputs which may lead to an unauthorized attacker possibly exploit XSS vulnerability. The UIs in ETD are using SAP UI5 standard controls, the UI5 framework provides automated output encoding for its standard controls. This output encoding prevents stored malicious user input from being executed when it is reflected in the UI.
47 CVE-2022-22290 2022-01-14 2022-01-14
0.0
None ??? ??? ??? ??? ??? ???
Incorrect download source UI in Downloads in Samsung Internet prior to 16.0.6.23 allows attackers to perform domain spoofing via a crafted HTML page.
48 CVE-2022-22289 2022-01-10 2022-01-10
0.0
None ??? ??? ??? ??? ??? ???
Improper access control vulnerability in S Assistant prior to version 7.5 allows attacker to remotely get senstive information.
49 CVE-2022-22288 2022-01-10 2022-01-10
0.0
None ??? ??? ??? ??? ??? ???
Improper authorization vulnerability in Galaxy Store prior to 4.5.36.5 allows remote app installation of the allowlist.
50 CVE-2022-22287 2022-01-10 2022-01-10
0.0
None ??? ??? ??? ??? ??? ???
Abitrary file access vulnerability in Samsung Email prior to 6.1.60.16 allows attacker to read isolated data in sandbox.
Total number of vulnerabilities : 1589   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.