| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2022-26315 |
22 |
|
Dir. Trav. |
2022-02-28 |
2022-03-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
qrcp through 0.8.4, in receive mode, allows ../ Directory Traversal via the file name specified by the uploader. |
|
2 |
CVE-2022-26181 |
787 |
|
Overflow |
2022-02-28 |
2022-03-09 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Dropbox Lepton v1.2.1-185-g2a08b77 was discovered to contain a heap-buffer-overflow in the function aligned_dealloc():src/lepton/bitops.cc:108. |
|
3 |
CVE-2022-26159 |
668 |
|
|
2022-02-28 |
2022-03-07 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The auto-completion plugin in Ametys CMS before 4.5.0 allows a remote unauthenticated attacker to read documents such as plugins/web/service/search/auto-completion/<domain>/en.xml (and similar pathnames for other languages), which contain all characters typed by all users, including the content of private pages. For example, a private page may contain usernames, e-mail addresses, and possibly passwords. |
|
4 |
CVE-2022-26158 |
601 |
|
|
2022-02-28 |
2022-03-08 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
An issue was discovered in the web application in Cherwell Service Management (CSM) 10.2.3. It accepts and reflects arbitrary domains supplied via a client-controlled Host header. Injection of a malicious URL in the Host: header of the HTTP Request results in a 302 redirect to an attacker-controlled page. |
|
5 |
CVE-2022-26157 |
732 |
|
|
2022-02-28 |
2022-03-08 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in the web application in Cherwell Service Management (CSM) 10.2.3. The ASP.NET_Sessionid cookie is not protected by the Secure flag. This makes it prone to interception by an attacker if traffic is sent over unencrypted channels. |
|
6 |
CVE-2022-26156 |
601 |
|
|
2022-02-28 |
2022-03-08 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
An issue was discovered in the web application in Cherwell Service Management (CSM) 10.2.3. Injection of a malicious payload within the RelayState= parameter of the HTTP request body results in the hijacking of the form action. Form-action hijacking vulnerabilities arise when an application places user-supplied input into the action URL of an HTML form. An attacker can use this vulnerability to construct a URL that, if visited by another application user, will modify the action URL of a form to point to the attacker's server. |
|
7 |
CVE-2022-26155 |
79 |
|
XSS |
2022-02-28 |
2022-03-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in the web application in Cherwell Service Management (CSM) 10.2.3. XSS can occur via a payload in the SAMLResponse parameter of the HTTP request body. |
|
8 |
CVE-2022-26149 |
434 |
|
Exec Code |
2022-02-26 |
2023-03-27 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
MODX Revolution through 2.8.3-pl allows remote authenticated administrators to execute arbitrary code by uploading an executable file, because the Uploadable File Types setting can be changed by an administrator. |
|
9 |
CVE-2022-26146 |
79 |
|
XSS |
2022-02-26 |
2022-03-07 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Tricentis qTest before 10.4 allows stored XSS by an authenticated attacker. |
|
10 |
CVE-2022-25838 |
294 |
|
|
2022-02-24 |
2022-03-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Laravel Fortify before 1.11.1 allows reuse within a short time window, thus calling into question the "OT" part of the "TOTP" concept. |
|
11 |
CVE-2022-25809 |
77 |
|
Exec Code |
2022-02-24 |
2022-03-09 |
9.0 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Complete |
|
Improper Neutralization of audio output from 3rd and 4th Generation Amazon Echo Dot devices allows arbitrary voice command execution on these devices via a malicious skill (in the case of remote attackers) or by pairing a malicious Bluetooth device (in the case of physically proximate attackers), aka an "Alexa versus Alexa (AvA)" attack. |
|
12 |
CVE-2022-25643 |
269 |
|
|
2022-02-24 |
2022-03-04 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
seatd-launch in seatd 0.6.x before 0.6.4 allows removing files with escalated privileges when installed setuid root. The attack vector is a user-supplied socket pathname. |
|
13 |
CVE-2022-25642 |
79 |
|
Exec Code XSS |
2022-02-28 |
2022-03-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Obyte (formerly Byteball) Wallet before 3.4.1 allows XSS. A crafted chat message can lead to remote code execution. |
|
14 |
CVE-2022-25640 |
287 |
|
|
2022-02-24 |
2022-03-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
In wolfSSL before 5.2.0, a TLS 1.3 server cannot properly enforce a requirement for mutual authentication. A client can simply omit the certificate_verify message from the handshake, and never present a certificate. |
|
15 |
CVE-2022-25638 |
295 |
|
Bypass |
2022-02-24 |
2022-03-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
In wolfSSL before 5.2.0, certificate validation may be bypassed during attempted authentication by a TLS 1.3 client to a TLS 1.3 server. This occurs when the sig_algo field differs between the certificate_verify message and the certificate message. |
|
16 |
CVE-2022-25636 |
269 |
|
+Priv |
2022-02-24 |
2023-02-24 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload. |
|
17 |
CVE-2022-25599 |
352 |
|
CSRF |
2022-02-21 |
2022-03-01 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-Site Request Forgery (CSRF) vulnerability leading to event deletion was discovered in Spiffy Calendar WordPress plugin (versions <= 4.9.0). |
|
18 |
CVE-2022-25418 |
787 |
|
Overflow |
2022-02-24 |
2022-03-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the function openSchedWifi. |
|
19 |
CVE-2022-25417 |
787 |
|
Overflow |
2022-02-24 |
2022-03-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the function saveparentcontrolinfo. |
|
20 |
CVE-2022-25414 |
787 |
|
Overflow |
2022-02-24 |
2022-03-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the parameter NPTR. |
|
21 |
CVE-2022-25413 |
79 |
|
XSS |
2022-02-28 |
2022-03-08 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Maxsite CMS v108 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the parameter f_tags at /admin/page_edit/3. |
|
22 |
CVE-2022-25412 |
22 |
|
Dir. Trav. |
2022-02-28 |
2022-03-08 |
5.5 |
None |
Remote |
Low |
??? |
None |
Partial |
Partial |
|
Maxsite CMS v180 was discovered to contain multiple arbitrary file deletion vulnerabilities in /admin_page/all-files-update-ajax.php via the dir and deletefile parameters. |
|
23 |
CVE-2022-25411 |
434 |
|
Exec Code |
2022-02-28 |
2022-03-08 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A Remote Code Execution (RCE) vulnerability at /admin/options in Maxsite CMS v180 allows attackers to execute arbitrary code via a crafted PHP file. |
|
24 |
CVE-2022-25410 |
79 |
|
XSS |
2022-02-28 |
2022-03-08 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Maxsite CMS v180 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the parameter f_file_description at /admin/files. |
|
25 |
CVE-2022-25409 |
79 |
|
XSS |
2022-02-28 |
2022-03-08 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Hospital Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the demail parameter at /admin-panel1.php. |
|
26 |
CVE-2022-25408 |
79 |
|
XSS |
2022-02-28 |
2022-03-08 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Hospital Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the dpassword parameter at /admin-panel1.php. |
|
27 |
CVE-2022-25407 |
79 |
|
XSS |
2022-02-28 |
2022-03-08 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Hospital Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Doctor parameter at /admin-panel1.php. |
|
28 |
CVE-2022-25406 |
89 |
|
Sql |
2022-02-24 |
2022-03-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in delete_query.php via the DELETE_STR parameter. |
|
29 |
CVE-2022-25405 |
89 |
|
Sql |
2022-02-24 |
2022-03-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in change_box.php via the DELETE_STR parameter. |
|
30 |
CVE-2022-25404 |
89 |
|
Sql |
2022-02-24 |
2022-03-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in delete.php via the DELETE_STR parameter. |
|
31 |
CVE-2022-25403 |
89 |
|
Sql |
2022-02-24 |
2022-03-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
HMS v1.0 was discovered to contain a SQL injection vulnerability via the component admin.php. |
|
32 |
CVE-2022-25402 |
863 |
|
|
2022-02-24 |
2022-03-03 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
An incorrect access control issue in HMS v1.0 allows unauthenticated attackers to read and modify all PHP files. |
|
33 |
CVE-2022-25401 |
|
|
|
2022-02-24 |
2022-03-03 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The copy function of the file manager in Cuppa CMS v1.0 allows any file to be copied to the current directory, granting attackers read access to arbitrary files. |
|
34 |
CVE-2022-25375 |
668 |
|
+Info |
2022-02-20 |
2022-05-11 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10. The RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command. Attackers can obtain sensitive information from kernel memory. |
|
35 |
CVE-2022-25374 |
532 |
|
|
2022-02-25 |
2022-08-11 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
HashiCorp Terraform Enterprise v202112-1, v202112-2, v202201-1, and v202201-2 were configured to log inbound HTTP requests in a manner that may capture sensitive data. Fixed in v202202-1. |
|
36 |
CVE-2022-25372 |
269 |
|
|
2022-02-20 |
2022-04-27 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Pritunl Client through 1.2.3019.52 on Windows allows local privilege escalation, related to an ACL entry for CREATOR OWNER in platform_windows.go. |
|
37 |
CVE-2022-25366 |
74 |
|
|
2022-02-19 |
2022-03-07 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Cryptomator through 1.6.5 allows DYLIB injection because, although it has the flag 0x1000 for Hardened Runtime, it has the com.apple.security.cs.disable-library-validation and com.apple.security.cs.allow-dyld-environment-variables entitlements. An attacker can exploit this by creating a malicious .dylib file that can be executed via the DYLD_INSERT_LIBRARIES environment variable. |
|
38 |
CVE-2022-25365 |
|
|
|
2022-02-19 |
2022-06-03 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Docker Desktop before 4.5.1 on Windows allows attackers to move arbitrary files. NOTE: this issue exists because of an incomplete fix for CVE-2022-23774. |
|
39 |
CVE-2022-25363 |
732 |
|
|
2022-02-24 |
2022-03-04 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to modify privileged management user credentials. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2. |
|
40 |
CVE-2022-25360 |
434 |
|
|
2022-02-24 |
2022-03-04 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to upload files to arbitrary locations. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2. |
|
41 |
CVE-2022-25359 |
287 |
|
|
2022-02-26 |
2022-03-08 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
|
On ICL ScadaFlex II SCADA Controller SC-1 and SC-2 1.03.07 devices, unauthenticated remote attackers can overwrite, delete, or create files. |
|
42 |
CVE-2022-25358 |
22 |
|
Dir. Trav. |
2022-02-18 |
2022-03-01 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A ..%2F path traversal vulnerability exists in the path handler of awful-salmonella-tar before 0.0.4. Attackers can only list directories (not read files). This occurs because the safe-path? Scheme predicate is not used for directories. |
|
43 |
CVE-2022-25355 |
862 |
|
|
2022-02-24 |
2022-03-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
EC-CUBE 3.0.0 to 3.0.18-p3 and EC-CUBE 4.0.0 to 4.1.1 improperly handle HTTP Host header values, which may lead a remote unauthenticated attacker to direct the vulnerable version of EC-CUBE to send an Email with some forged reissue-password URL to EC-CUBE users. |
|
44 |
CVE-2022-25337 |
74 |
|
|
2022-02-18 |
2022-03-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Ibexa DXP ezsystems/ezpublish-kernel 7.5.x before 7.5.26 and 1.3.x before 1.3.12 allows injection attacks via image filenames. |
|
45 |
CVE-2022-25336 |
668 |
|
|
2022-02-18 |
2022-03-03 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Ibexa DXP ezsystems/ezpublish-kernel 7.5.x before 7.5.26 and 1.3.x before 1.3.12 allows Insecure Direct Object Reference (IDOR) attacks against image files because the image path and filename can be correctly deduced. |
|
46 |
CVE-2022-25335 |
732 |
|
|
2022-02-18 |
2022-03-01 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
RigoBlock Dragos through 2022-02-17 lacks the onlyOwner modifier for setMultipleAllowances. This enables token manipulation, as exploited in the wild in February 2022. NOTE: although 2022-02-17 is the vendor's vulnerability announcement date, the vulnerability will not be remediated until a major protocol upgrade occurs. |
|
47 |
CVE-2022-25331 |
|
|
|
2022-02-24 |
2022-03-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Uncaught exceptions that can be generated in Trend Micro ServerProtection 6.0/5.8 Information Server could allow a remote attacker to crash the process. |
|
48 |
CVE-2022-25330 |
190 |
|
Exec Code Overflow |
2022-02-24 |
2022-03-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server could allow a remote attacker to crash the process or achieve remote code execution. |
|
49 |
CVE-2022-25329 |
798 |
|
|
2022-02-24 |
2022-03-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console. An unauthenticated remote attacker with access to the Information Server could exploit this to register to the server and perform authenticated actions. |
|
50 |
CVE-2022-25328 |
78 |
|
|
2022-02-25 |
2022-03-07 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The bash_completion script for fscrypt allows injection of commands via crafted mountpoint paths, allowing privilege escalation under a specific set of circumstances. A local user who has control over mountpoint paths could potentially escalate their privileges if they create a malicious mountpoint path and if the system administrator happens to be using the fscrypt bash completion script to complete mountpoint paths. We recommend upgrading to version 0.3.3 or above |
