| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2022-29967 |
22 |
|
Dir. Trav. |
2022-04-29 |
2022-05-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
static_compressed_inmemory_website_callback.c in Glewlwyd through 2.6.2 allows directory traversal. |
|
2 |
CVE-2022-29947 |
79 |
|
XSS |
2022-04-29 |
2022-05-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Woodpecker before 0.15.1 allows XSS via build logs because web/src/components/repo/build/BuildLog.vue lacks escaping. |
|
3 |
CVE-2022-29945 |
311 |
|
|
2022-04-29 |
2022-05-13 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
DJI drone devices sold in 2017 through 2022 broadcast unencrypted information about the drone operator's physical location via the AeroScope protocol. |
|
4 |
CVE-2022-29937 |
78 |
|
|
2022-04-29 |
2022-05-11 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
USU Oracle Optimization before 5.17.5 allows authenticated DataCollection users to achieve agent root access because some common OS commands are blocked but (for example) an OS command for base64 decoding is not blocked. NOTE: this is not an Oracle Corporation product. |
|
5 |
CVE-2022-29936 |
502 |
|
Exec Code |
2022-04-29 |
2022-05-11 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
USU Oracle Optimization before 5.17 allows authenticated quantum users to achieve remote code execution because of /v2/quantum/save-data-upload-big-file Java deserialization. NOTE: this is not an Oracle Corporation product. |
|
6 |
CVE-2022-29935 |
863 |
|
|
2022-04-29 |
2022-05-11 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
USU Oracle Optimization before 5.17.5 allows attackers to discover the quantum credentials via an agent-installer download. NOTE: this is not an Oracle Corporation product. |
|
7 |
CVE-2022-29934 |
287 |
|
|
2022-04-29 |
2022-05-11 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
USU Oracle Optimization before 5.17.5 lacks Polkit authentication, which allows smartcollector users to achieve root access via pkexec. NOTE: this is not an Oracle Corporation product. |
|
8 |
CVE-2022-29907 |
79 |
|
XSS |
2022-04-29 |
2022-05-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The Nimbus skin for MediaWiki through 1.37.2 (before 6f9c8fb868345701d9544a54d9752515aace39df) allows XSS in Advertise link messages. |
|
9 |
CVE-2022-29906 |
863 |
|
|
2022-04-29 |
2022-05-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The admin API module in the QuizGame extension for MediaWiki through 1.37.2 (before 665e33a68f6fa1167df99c0aa18ed0157cdf9f66) omits a check for the quizadmin user. |
|
10 |
CVE-2022-29905 |
352 |
|
CSRF |
2022-04-29 |
2022-05-10 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The FanBoxes extension for MediaWiki through 1.37.2 (before 027ffb0b9d6fe0d823810cf03f5b562a212162d4) allows Special:UserBoxes CSRF. |
|
11 |
CVE-2022-29904 |
89 |
|
Sql |
2022-04-29 |
2022-05-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The SemanticDrilldown extension for MediaWiki through 1.37.2 (before e688bdba6434591b5dff689a45e4d53459954773) allows SQL injection with certain '-' and '_' constraints. |
|
12 |
CVE-2022-29903 |
352 |
|
CSRF |
2022-04-29 |
2022-05-10 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The Private Domains extension for MediaWiki through 1.37.2 (before 1ad65d4c1c199b375ea80988d99ab51ae068f766) allows CSRF for editing pages that store the extension's configuration. The attacker must trigger a POST request to Special:PrivateDomains. |
|
13 |
CVE-2022-29869 |
668 |
|
+Info |
2022-04-28 |
2022-10-05 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is not a valid credentials file. |
|
14 |
CVE-2022-29859 |
|
|
|
2022-04-27 |
2022-12-13 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
component/common/network/dhcp/dhcps.c in ambiot amb1_sdk (aka SDK for Ameba1) before 2022-03-11 mishandles data structures for DHCP packet data. |
|
15 |
CVE-2022-29856 |
798 |
|
|
2022-04-29 |
2022-05-11 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A hardcoded cryptographic key in Automation360 22 allows an attacker to decrypt exported RPA packages. |
|
16 |
CVE-2022-29821 |
94 |
|
Exec Code |
2022-04-28 |
2022-05-05 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In JetBrains Rider before 2022.1 local code execution via links in ReSharper Quick Documentation was possible |
|
17 |
CVE-2022-29820 |
668 |
|
|
2022-04-28 |
2022-05-05 |
3.3 |
None |
Local Network |
Low |
Not required |
Partial |
None |
None |
|
In JetBrains PyCharm before 2022.1 exposure of the debugger port to the internal network was possible |
|
18 |
CVE-2022-29819 |
94 |
|
Exec Code |
2022-04-28 |
2022-05-05 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In JetBrains IntelliJ IDEA before 2022.1 local code execution via links in Quick Documentation was possible |
|
19 |
CVE-2022-29818 |
346 |
|
|
2022-04-28 |
2022-05-05 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
None |
|
In JetBrains IntelliJ IDEA before 2022.1 origin checks in the internal web server were flawed |
|
20 |
CVE-2022-29817 |
79 |
|
XSS |
2022-04-28 |
2022-05-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
In JetBrains IntelliJ IDEA before 2022.1 reflected XSS via error messages in internal web server was possible |
|
21 |
CVE-2022-29816 |
74 |
|
|
2022-04-28 |
2022-05-05 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
In JetBrains IntelliJ IDEA before 2022.1 HTML injection into IDE messages was possible |
|
22 |
CVE-2022-29815 |
94 |
|
Exec Code |
2022-04-28 |
2022-05-05 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In JetBrains IntelliJ IDEA before 2022.1 local code execution via workspace settings was possible |
|
23 |
CVE-2022-29814 |
94 |
|
Exec Code |
2022-04-28 |
2022-05-05 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In JetBrains IntelliJ IDEA before 2022.1 local code execution via HTML descriptions in custom JSON schemas was possible |
|
24 |
CVE-2022-29813 |
94 |
|
Exec Code |
2022-04-28 |
2022-05-05 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In JetBrains IntelliJ IDEA before 2022.1 local code execution via custom Pandoc path was possible |
|
25 |
CVE-2022-29812 |
|
|
|
2022-04-28 |
2022-05-05 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
In JetBrains IntelliJ IDEA before 2022.1 notification mechanisms about using Unicode directionality formatting characters were insufficient |
|
26 |
CVE-2022-29811 |
79 |
|
XSS |
2022-04-28 |
2022-05-05 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
In JetBrains Hub before 2022.1.14638 stored XSS via project icon was possible. |
|
27 |
CVE-2022-29810 |
532 |
|
|
2022-04-27 |
2022-10-06 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
The Hashicorp go-getter library before 1.5.11 does not redact an SSH key from a URL query parameter. |
|
28 |
CVE-2022-29806 |
22 |
|
Exec Code Dir. Trav. |
2022-04-26 |
2022-05-06 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
ZoneMinder before 1.36.13 allows remote code execution via an invalid language. Ability to create a debug log file at an arbitrary pathname contributes to exploitability. |
|
29 |
CVE-2022-29701 |
770 |
|
DoS |
2022-04-27 |
2022-05-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A lack of rate limiting in the 'forgot password' feature of Zammad v5.1.0 allows attackers to send an excessive amount of reset requests for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of generated e-mail messages. |
|
30 |
CVE-2022-29700 |
521 |
|
DoS |
2022-04-27 |
2022-05-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A lack of password length restriction in Zammad v5.1.0 allows for the creation of extremely long passwords which can cause a Denial of Service (DoS) during password verification. |
|
31 |
CVE-2022-29603 |
89 |
|
Sql |
2022-04-25 |
2022-05-04 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
None |
|
A SQL Injection vulnerability exists in UniverSIS UniverSIS-API through 1.2.1 via the $select parameter to multiple API endpoints. A remote authenticated attacker could send crafted SQL statements to a vulnerable endpoint (such as /api/students/me/messages/) to, for example, retrieve personal information or change grades. |
|
32 |
CVE-2022-29589 |
79 |
|
XSS |
2022-04-22 |
2022-04-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Crypt Server before 3.3.0 allows XSS in the index view. This is related to serial, computername, and username. |
|
33 |
CVE-2022-29585 |
276 |
|
|
2022-04-28 |
2022-05-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0, a site using Isolated Institutions is vulnerable if more than ten groups are used. They are all shown from page 2 of the group results list (rather than only being shown for the institution that the viewer is a member of). |
|
34 |
CVE-2022-29584 |
79 |
|
XSS |
2022-04-28 |
2022-05-06 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0 allows stored XSS when a particular Cascading Style Sheets (CSS) class for embedly is used, and JavaScript code is constructed to perform an action. |
|
35 |
CVE-2022-29583 |
426 |
|
|
2022-04-22 |
2022-05-03 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
service_windows.go in the kardianos service package for Go omits quoting that is sometimes needed for execution of a Windows service executable from the intended directory. |
|
36 |
CVE-2022-29582 |
416 |
|
|
2022-04-22 |
2022-10-26 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free due to a race condition in io_uring timeouts. This can be triggered by a local user who has no access to any user namespace; however, the race condition perhaps can only be exploited infrequently. |
|
37 |
CVE-2022-29577 |
79 |
|
XSS |
2022-04-21 |
2023-02-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
OWASP AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets (CSS) content. NOTE: this issue exists because of an incomplete fix for CVE-2022-28367. |
|
38 |
CVE-2022-29566 |
327 |
|
|
2022-04-21 |
2022-05-11 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The Bulletproofs 2017/1066 paper mishandles Fiat-Shamir generation because the hash computation fails to include all of the public values from the Zero Knowledge proof statement as well as all of the public values computed in the proof, aka the Frozen Heart issue. |
|
39 |
CVE-2022-29556 |
918 |
|
|
2022-04-28 |
2022-05-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The iot-manager microservice 1.0.0 in Northern.tech Mender Enterprise before 3.2.2 allows SSRF because the Azure IoT Hub integration provides several SSRF primitives that can execute cross-tenant actions via internal API endpoints. |
|
40 |
CVE-2022-29555 |
352 |
|
|
2022-04-28 |
2022-05-10 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The Deviceconnect microservice through 1.3.0 in Northern.tech Mender Enterprise before 3.2.2. allows Cross-Origin Websocket Hijacking. |
|
41 |
CVE-2022-29548 |
79 |
|
XSS |
2022-04-21 |
2022-12-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A reflected XSS issue exists in the Management Console of several WSO2 products. This affects API Manager 2.2.0, 2.5.0, 2.6.0, 3.0.0, 3.1.0, 3.2.0, and 4.0.0; API Manager Analytics 2.2.0, 2.5.0, and 2.6.0; API Microgateway 2.2.0; Data Analytics Server 3.2.0; Enterprise Integrator 6.2.0, 6.3.0, 6.4.0, 6.5.0, and 6.6.0; IS as Key Manager 5.5.0, 5.6.0, 5.7.0, 5.9.0, and 5.10.0; Identity Server 5.5.0, 5.6.0, 5.7.0, 5.9.0, 5.10.0, and 5.11.0; Identity Server Analytics 5.5.0 and 5.6.0; and WSO2 Micro Integrator 1.0.0. |
|
42 |
CVE-2022-29547 |
276 |
|
|
2022-04-21 |
2022-05-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
The CreateRedirect extension before 2022-04-14 for MediaWiki does not properly check whether the user has permissions to edit the target page. This could lead to an unauthorised (or blocked) user being able to edit a page. |
|
43 |
CVE-2022-29546 |
|
|
DoS |
2022-04-25 |
2022-05-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
HtmlUnit NekoHtml Parser before 2.61.0 suffers from a denial of service vulnerability. Crafted input associated with the parsing of Processing Instruction (PI) data leads to heap memory consumption. This is similar to CVE-2022-28366 but affects a much later version of the product. |
|
44 |
CVE-2022-29537 |
125 |
|
|
2022-04-20 |
2022-05-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
gp_rtp_builder_do_hevc in ietf/rtp_pck_mpeg4.c in GPAC 2.0.0 has a heap-based buffer over-read, as demonstrated by MP4Box. |
|
45 |
CVE-2022-29536 |
787 |
|
Overflow |
2022-04-20 |
2022-10-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered. |
|
46 |
CVE-2022-29534 |
287 |
|
Bypass |
2022-04-20 |
2022-04-27 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
An issue was discovered in MISP before 2.4.158. In UsersController.php, password confirmation can be bypassed via vectors involving an "Accept: application/json" header. |
|
47 |
CVE-2022-29533 |
79 |
|
XSS |
2022-04-20 |
2022-04-27 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in MISP before 2.4.158. There is XSS in app/Controller/OrganisationsController.php in a situation with a "weird single checkbox page." |
|
48 |
CVE-2022-29532 |
79 |
|
XSS |
2022-04-20 |
2022-04-27 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
An issue was discovered in MISP before 2.4.158. There is XSS in the cerebrate view if one administrator puts a javascript: URL in the URL field, and another administrator clicks on it. |
|
49 |
CVE-2022-29531 |
79 |
|
XSS |
2022-04-20 |
2022-04-27 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
An issue was discovered in MISP before 2.4.158. There is stored XSS in the event graph via a tag name. |
|
50 |
CVE-2022-29530 |
79 |
|
XSS |
2022-04-20 |
2022-04-27 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
An issue was discovered in MISP before 2.4.158. There is stored XSS in the galaxy clusters. |
