| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2022-31651 |
617 |
|
|
2022-05-25 |
2023-02-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In SoX 14.4.2, there is an assertion failure in rate_init in rate.c in libsox.a. |
|
2 |
CVE-2022-31650 |
697 |
|
|
2022-05-25 |
2023-02-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In SoX 14.4.2, there is a floating-point exception in lsx_aiffstartwrite in aiff.c in libsox.a. |
|
3 |
CVE-2022-31648 |
79 |
|
XSS |
2022-05-26 |
2022-06-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Talend Administration Center is vulnerable to a reflected Cross-Site Scripting (XSS) issue in the SSO login endpoint. The issue is fixed for versions 8.0.x in TPS-5233, for versions 7.3.x in TPS-5324, and for versions 7.2.x in TPS-5235. Earlier versions of Talend Administration Center may also be impacted; users are encouraged to update to a supported version. |
|
4 |
CVE-2022-31624 |
404 |
|
DoS |
2022-05-25 |
2022-11-05 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
MariaDB Server before 10.7 is vulnerable to Denial of Service. While executing the plugin/server_audit/server_audit.c method log_statement_ex, the held lock lock_bigbuffer is not released correctly, which allows local users to trigger a denial of service due to the deadlock. |
|
5 |
CVE-2022-31623 |
667 |
|
DoS |
2022-05-25 |
2022-11-05 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (i.e., going to the err label) while executing the method create_worker_threads, the held lock thd->ctrl_mutex is not released correctly, which allows local users to trigger a denial of service due to the deadlock. |
|
6 |
CVE-2022-31622 |
404 |
|
DoS |
2022-05-25 |
2022-11-05 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (pthread_create returns a nonzero value) while executing the method create_worker_threads, the held lock is not released correctly, which allows local users to trigger a denial of service due to the deadlock. |
|
7 |
CVE-2022-31621 |
667 |
|
DoS |
2022-05-25 |
2022-11-05 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_xbstream.cc, when an error occurs (stream_ctxt->dest_file == NULL) while executing the method xbstream_open, the held lock is not released correctly, which allows local users to trigger a denial of service due to the deadlock. |
|
8 |
CVE-2022-31620 |
119 |
|
DoS Overflow |
2022-05-25 |
2022-07-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In libjpeg before 1.64, BitStream<false>::Get in bitstream.hpp has an assertion failure that may cause denial of service. This is related to out-of-bounds array access during arithmetically coded lossless scan or arithmetically coded sequential scan. |
|
9 |
CVE-2022-31489 |
89 |
|
Sql |
2022-05-23 |
2022-05-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Inout Blockchain AltExchanger 1.2.1 allows index.php/home/about inoutio_language cookie SQL injection. |
|
10 |
CVE-2022-31488 |
89 |
|
Sql |
2022-05-23 |
2022-05-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Inout Blockchain AltExchanger 1.2.1 allows index.php/coins/update_marketboxslider marketcurrency SQL injection. |
|
11 |
CVE-2022-31487 |
89 |
|
Sql |
2022-05-23 |
2022-05-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Inout Blockchain AltExchanger 1.2.1 and Inout Blockchain FiatExchanger 2.2.1 allow Chart/TradingView/chart_content/master.php symbol SQL injection. |
|
12 |
CVE-2022-31467 |
427 |
|
Exec Code |
2022-05-23 |
2022-06-02 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A DLL hijacking vulnerability in the installed for Quick Heal Total Security prior to 12.1.1.27 allows a local attacker to achieve privilege escalation, leading to execution of arbitrary code, via the installer not restricting the search path for required DLLs and then not verifying the signature of the DLLs it tries to load. |
|
13 |
CVE-2022-31466 |
367 |
|
|
2022-05-23 |
2022-06-02 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Time of Check - Time of Use (TOCTOU) vulnerability in Quick Heal Total Security prior to 12.1.1.27 allows a local attacker to achieve privilege escalation, potentially leading to deletion of system files. This is achieved through exploiting the time between detecting a file as malicious and when the action of quarantining or cleaning is performed, and using the time to replace the malicious file by a symlink. |
|
14 |
CVE-2022-31268 |
22 |
|
Dir. Trav. |
2022-05-21 |
2022-06-02 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A Path Traversal vulnerability in Gitblit 1.9.3 can lead to reading website files via /resources//../ (e.g., followed by a WEB-INF or META-INF pathname). |
|
15 |
CVE-2022-31267 |
269 |
|
|
2022-05-21 |
2022-06-07 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Gitblit 1.9.2 allows privilege escalation via the Config User Service: a control character can be placed in a profile data field, such as an emailAddress%3Atext '[email protected]\n\trole = "#admin"' value. |
|
16 |
CVE-2022-31265 |
294 |
|
Exec Code |
2022-05-26 |
2022-06-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The replay feature in the client in Wargaming World of Warships 0.11.4 allows remote attackers to execute code when a user launches a replay from an untrusted source. |
|
17 |
CVE-2022-31264 |
190 |
|
Overflow |
2022-05-21 |
2023-04-26 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Solana solana_rbpf before 0.2.29 has an addition integer overflow via invalid ELF program headers. elf.rs has a panic via a malformed eBPF program. |
|
18 |
CVE-2022-31263 |
|
|
Bypass |
2022-05-24 |
2022-06-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
app/models/user.rb in Mastodon before 3.5.0 allows a bypass of e-mail restrictions. |
|
19 |
CVE-2022-31261 |
611 |
|
|
2022-05-24 |
2022-06-08 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
An XXE issue was discovered in Morpheus through 5.2.16 and 5.4.x through 5.4.4. A successful attack requires a SAML identity provider to be configured. In order to exploit the vulnerability, the attacker must know the unique SAML callback ID of the configured identity source. A remote attacker can send a request crafted with an XXE payload to invoke a malicious DTD hosted on a system that they control. This results in reading local files that the application has access to. |
|
20 |
CVE-2022-31259 |
|
|
Bypass |
2022-05-21 |
2023-02-17 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The route lookup process in beego before 1.12.9 and 2.x before 2.0.3 allows attackers to bypass access control. When a /p1/p2/:name route is configured, attackers can access it by appending .xml in various places (e.g., p1.xml instead of p1). |
|
21 |
CVE-2022-31258 |
59 |
|
|
2022-05-20 |
2022-06-07 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In Checkmk before 1.6.0p29, 2.x before 2.0.0p25, and 2.1.x before 2.1.0b10, a site user can escalate to root by editing an OMD hook symlink. |
|
22 |
CVE-2022-31245 |
78 |
|
|
2022-05-20 |
2022-06-02 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
mailcow before 2022-05d allows a remote authenticated user to inject OS commands and escalate privileges to domain admin via the --debug option in conjunction with the ---PIPEMESS option in Sync Jobs. |
|
23 |
CVE-2022-31215 |
|
|
Bypass |
2022-05-20 |
2022-06-01 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
In certain Goverlan products, the Windows Firewall is temporarily turned off upon a Goverlan agent update operation. This allows remote attackers to bypass firewall blocking rules for a time period of up to 30 seconds. This affects Goverlan Reach Console before 10.5.1, Reach Server before 3.70.1, and Reach Client Agents before 10.1.11. |
|
24 |
CVE-2022-31015 |
362 |
|
|
2022-05-31 |
2022-06-14 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Waitress is a Web Server Gateway Interface server for Python 2 and 3. Waitress versions 2.1.0 and 2.1.1 may terminate early due to a thread closing a socket while the main thread is about to call select(). This will lead to the main thread raising an exception that is not handled and then causing the entire application to be killed. This issue has been fixed in Waitress 2.1.2 by no longer allowing the WSGI thread to close the socket. Instead, that is always delegated to the main thread. There is no work-around for this issue. However, users using waitress behind a reverse proxy server are less likely to have issues if the reverse proxy always reads the full response. |
|
25 |
CVE-2022-31013 |
20 |
|
Bypass |
2022-05-31 |
2022-06-14 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Chat Server is the chat server for Vartalap, an open-source messaging application. Versions 2.3.2 until 2.6.0 suffer from a bug in validating the access token, resulting in authentication bypass. The function `this.authProvider.verifyAccessKey` is an async function, as the code is not using `await` to wait for the verification result. Every time the function responds back with success, along with an unhandled exception if the token is invalid. A patch is available in version 2.6.0. |
|
26 |
CVE-2022-31011 |
287 |
|
Bypass |
2022-05-31 |
2022-06-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
TiDB is an open-source NewSQL database that supports Hybrid Transactional and Analytical Processing (HTAP) workloads. Under certain conditions, an attacker can construct malicious authentication requests to bypass the authentication process, resulting in privilege escalation or unauthorized access. Only users using TiDB 5.3.0 are affected by this vulnerability. TiDB version 5.3.1 contains a patch for this issue. Other mitigation strategies include turning off Security Enhanced Mode (SEM), disabling local login for non-root accounts, and ensuring that the same IP cannot be logged in as root and normal user at the same time. |
|
27 |
CVE-2022-31007 |
|
|
+Priv |
2022-05-31 |
2022-06-10 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
eLabFTW is an electronic lab notebook manager for research teams. Prior to version 4.3.0, a vulnerability allows an authenticated user with an administrator role in a team to assign itself system administrator privileges within the application, or create a new system administrator account. The issue has been corrected in eLabFTW version 4.3.0. In the context of eLabFTW, an administrator is a user account with certain privileges to manage users and content in their assigned team/teams. A system administrator account can manage all accounts, teams and edit system-wide settings within the application. The impact is not deemed as high, as it requires the attacker to have access to an administrator account. Regular user accounts cannot exploit this to gain admin rights. A workaround for one if the issues is removing the ability of administrators to create accounts. |
|
28 |
CVE-2022-31005 |
190 |
|
Overflow |
2022-05-31 |
2022-06-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Vapor is an HTTP web framework for Swift. Users of Vapor prior to version 4.60.3 with FileMiddleware enabled are vulnerable to an integer overflow vulnerability that can crash the application. Version 4.60.3 contains a patch for this issue. As a workaround, disable FileMiddleware and serve via a Content Delivery Network. |
|
29 |
CVE-2022-31003 |
787 |
|
Exec Code |
2022-05-31 |
2023-05-24 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, when parsing each line of a sdp message, `rest = record + 2` will access the memory behind `\0` and cause an out-of-bounds write. An attacker can send a message with evil sdp to FreeSWITCH, causing a crash or more serious consequence, such as remote code execution. Version 1.13.8 contains a patch for this issue. |
|
30 |
CVE-2022-31002 |
125 |
|
|
2022-05-31 |
2023-05-24 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause a crash. This type of crash may be caused by a URL ending with `%`. Version 1.13.8 contains a patch for this issue. |
|
31 |
CVE-2022-31001 |
125 |
|
|
2022-05-31 |
2023-05-24 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause crash. This type of crash may be caused by `#define MATCH(s, m) (strncmp(s, m, n = sizeof(m) - 1) == 0)`, which will make `n` bigger and trigger out-of-bound access when `IS_NON_WS(s[n])`. Version 1.13.8 contains a patch for this issue. |
|
32 |
CVE-2022-30994 |
319 |
|
|
2022-05-18 |
2022-06-01 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Cleartext transmission of sensitive information. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 29240 |
|
33 |
CVE-2022-30993 |
319 |
|
|
2022-05-18 |
2022-06-01 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Cleartext transmission of sensitive information. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240 |
|
34 |
CVE-2022-30992 |
601 |
|
|
2022-05-18 |
2022-06-01 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
Open redirect via user-controlled query parameter. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240 |
|
35 |
CVE-2022-30991 |
74 |
|
|
2022-05-18 |
2022-06-01 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
HTML injection via report name. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240 |
|
36 |
CVE-2022-30990 |
200 |
|
+Info |
2022-05-18 |
2022-06-01 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 15 (Linux) before build 29240, Acronis Agent (Linux) before build 28037 |
|
37 |
CVE-2022-30976 |
125 |
|
|
2022-05-18 |
2022-05-26 |
4.0 |
None |
Remote |
High |
Not required |
Partial |
None |
Partial |
|
GPAC 2.0.0 misuses a certain Unicode utf8_wcslen (renamed gf_utf8_wcslen) function in utils/utf.c, resulting in a heap-based buffer over-read, as demonstrated by MP4Box. |
|
38 |
CVE-2022-30975 |
476 |
|
|
2022-05-18 |
2023-02-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Artifex MuJS through 1.2.0, jsP_dumpsyntax in jsdump.c has a NULL pointer dereference, as demonstrated by mujs-pp. |
|
39 |
CVE-2022-30974 |
674 |
|
|
2022-05-18 |
2023-02-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
compile in regexp.c in Artifex MuJS through 1.2.0 results in stack consumption because of unlimited recursion, a different issue than CVE-2019-11413. |
|
40 |
CVE-2022-30973 |
|
|
DoS |
2022-05-31 |
2022-10-27 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
We failed to apply the fix for CVE-2022-30126 to the 1.x branch in the 1.28.2 release. In Apache Tika, a regular expression in the StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only affects users who are running the StandardsExtractingContentHandler, which is a non-standard handler. This is fixed in 1.28.3. |
|
41 |
CVE-2022-30972 |
352 |
|
CSRF |
2022-05-17 |
2022-05-25 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A cross-site request forgery (CSRF) vulnerability in Jenkins Storable Configs Plugin 1.0 and earlier allows attackers to have Jenkins parse a local XML file (e.g., archived artifacts) that uses external entities for extraction of secrets from the Jenkins controller or server-side request forgery. |
|
42 |
CVE-2022-30971 |
611 |
|
|
2022-05-17 |
2022-05-25 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Jenkins Storable Configs Plugin 1.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. |
|
43 |
CVE-2022-30970 |
79 |
|
XSS |
2022-05-17 |
2022-05-25 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Jenkins Autocomplete Parameter Plugin 1.1 and earlier references Dropdown Autocomplete parameter and Auto Complete String parameter names in an unsafe manner from Javascript embedded in view definitions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. |
|
44 |
CVE-2022-30969 |
352 |
|
Exec Code CSRF |
2022-05-17 |
2022-05-25 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A cross-site request forgery (CSRF) vulnerability in Jenkins Autocomplete Parameter Plugin 1.1 and earlier allows attackers to execute arbitrary code without sandbox protection if the victim is an administrator. |
|
45 |
CVE-2022-30968 |
79 |
|
XSS |
2022-05-17 |
2022-05-25 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Jenkins vboxwrapper Plugin 1.3 and earlier does not escape the name and description of VBox node parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. |
|
46 |
CVE-2022-30967 |
79 |
|
XSS |
2022-05-17 |
2022-05-25 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Jenkins Selection tasks Plugin 1.0 and earlier does not escape the name and description of Script Selection task variable parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. |
|
47 |
CVE-2022-30966 |
79 |
|
XSS |
2022-05-17 |
2022-05-25 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Jenkins Random String Parameter Plugin 1.0 and earlier does not escape the name and description of Random String parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. |
|
48 |
CVE-2022-30965 |
79 |
|
XSS |
2022-05-17 |
2022-05-25 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Jenkins Promoted Builds (Simple) Plugin 1.9 and earlier does not escape the name and description of Promotion Level parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. |
|
49 |
CVE-2022-30964 |
79 |
|
XSS |
2022-05-17 |
2022-05-25 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Jenkins Multiselect parameter Plugin 1.3 and earlier does not escape the name and description of Multiselect parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. |
|
50 |
CVE-2022-30963 |
79 |
|
XSS |
2022-05-17 |
2022-05-25 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Jenkins JDK Parameter Plugin 1.0 and earlier does not escape the name and description of JDK parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. |
