‼ CVE-2022-2187 ‼
📖 Read
via "National Vulnerability Database".
The Contact Form 7 Captcha WordPress plugin before 0.1.2 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2099 ‼
📖 Read
via "National Vulnerability Database".
The WooCommerce WordPress plugin before 6.6.0 is vulnerable to stored HTML injection due to lack of escaping and sanitizing in the payment gateway titles📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2133 ‼
📖 Read
via "National Vulnerability Database".
The OAuth Single Sign On WordPress plugin before 6.22.6 doesn't validate that OAuth access token requests are legitimate, which allows attackers to log onto the site with the only knowledge of a user's email address.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2100 ‼
📖 Read
via "National Vulnerability Database".
The Page Generator WordPress plugin before 1.6.5 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2169 ‼
📖 Read
via "National Vulnerability Database".
The Loading Page with Loading Screen WordPress plugin before 1.0.83 does not escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2222 ‼
📖 Read
via "National Vulnerability Database".
The Download Monitor WordPress plugin before 4.5.91 does not ensure that files to be downloaded are inside the blog folders, and not sensitive, allowing high privilege users such as admin to download the wp-config.php or /etc/passwd even in an hardened environment or multisite setup.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-35861 ‼
📖 Read
via "National Vulnerability Database".
pyenv 1.2.24 through 2.3.2 allows local users to gain privileges via a .python-version file in the current working directory. An attacker can craft a Python version string in .python-version to execute shims under their control. (Shims are executables that pass a command along to a specific version of pyenv. The version string is used to construct the path to the command, and there is no validation of whether the version specified is a valid version. Thus, relative path traversal can occur.)📖 Read
via "National Vulnerability Database".
👍1
‼ CVE-2022-32320 ‼
📖 Read
via "National Vulnerability Database".
A Cross-Site Request Forgery (CSRF) in Ferdi through 5.8.1 and Ferdium through 6.0.0-nightly.98 allows attackers to read files via an uploaded file such as a settings/preferences file.📖 Read
via "National Vulnerability Database".
👍1
‼ CVE-2021-46784 ‼
📖 Read
via "National Vulnerability Database".
In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-33903 ‼
📖 Read
via "National Vulnerability Database".
Tor 0.4.7.x before 0.4.7.8 allows a denial of service via the wedging of RTT estimation.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-32985 ‼
📖 Read
via "National Vulnerability Database".
libnx_apl.so on Nexans FTTO GigaSwitch before 6.02N and 7.x before 7.02 implements a Backdoor Account for SSH logins on port 50200 or 50201.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-40149 ‼
📖 Read
via "National Vulnerability Database".
The web server of the E1 Zoom camera through 3.0.0.716 discloses its SSL private key via the root web server directory. In this way an attacker can download the entire key via the /self.key URI.📖 Read
via "National Vulnerability Database".
👏1
‼ CVE-2022-32263 ‼
📖 Read
via "National Vulnerability Database".
Pexip Infinity before 28.1 allows remote attackers to trigger a software abort via G.719.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-31202 ‼
📖 Read
via "National Vulnerability Database".
The export function in SoftGuard Web (SGW) before 5.1.5 allows directory traversal to read an arbitrary local file via export or man.tcl.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-31201 ‼
📖 Read
via "National Vulnerability Database".
SoftGuard Web (SGW) before 5.1.5 allows HTML injection.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-31209 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The firmware contains a potential buffer overflow by calling strcpy() without checking the string length beforehand.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-28807 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Open Design Alliance Drawings SDK before 2023.2. An Out-of-Bounds Read vulnerability exists when rendering a .dwg file after it's opened in the recovery mode. An attacker can leverage this vulnerability to execute code in the context of the current process.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-26482 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Poly EagleEye Director II before 2.2.2.1. os.system command injection can be achieved by an admin.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-28808 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Open Design Alliance Drawings SDK before 2023.3. An Out-of-Bounds Read vulnerability exists when reading DWG files in a recovery mode. An attacker can leverage this vulnerability to execute code in the context of the current process.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-31211 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Infiray IRAY-A8Z3 1.0.957. There is a blank root password for TELNET by default.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-40150 ‼
📖 Read
via "National Vulnerability Database".
The web server of the E1 Zoom camera through 3.0.0.716 discloses its configuration via the /conf/ directory that is mapped to a publicly accessible path. In this way an attacker can download the entire NGINX/FastCGI configurations by querying the /conf/nginx.conf or /conf/fastcgi.conf URI.📖 Read
via "National Vulnerability Database".