βΌ CVE-2022-35656 βΌ
π Read
via "National Vulnerability Database".
Pega Platform from 8.3 to 8.7.3 vulnerability may allow authenticated security administrators to alter CSRF settings directly.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34775 βΌ
π Read
via "National Vulnerability Database".
Tabit - Excessive data exposure. Another endpoint mapped by the tiny url, was one for reservation cancellation, containing the MongoDB ID of the reservation, and organization. This can be used to query the http://tgm-api.tabit.cloud/rsv/management/{reservationId}?organization={orgId} API which returns a lot of data regarding the reservation (OWASP: API3): Name, mail, phone number, the number of visits of the user to this specific restaurant, the money he spent there, the money he spent on alcohol, whether he left a deposit etc. This information can easily be used for a phishing attack.π Read
via "National Vulnerability Database".
βΌ CVE-2022-35655 βΌ
π Read
via "National Vulnerability Database".
Pega Platform from 7.3 to 8.7.3 is affected by an XSS issue due to a misconfiguration of a datapage setting.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34773 βΌ
π Read
via "National Vulnerability Database".
Tabit - HTTP Method manipulation. https://bridge.tabit.cloud/configuration/addresses-query - can be POST-ed to add addresses to the DB. This is an example of OWASP:API8 Γ’β¬β Injection.π Read
via "National Vulnerability Database".
βΌ CVE-2022-37133 βΌ
π Read
via "National Vulnerability Database".
D-link DIR-816 A2_v1.10CNB04.img reboots the router without authentication via /goform/doReboot. No authentication is required, and reboot is executed when the function returns at the end.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34857 βΌ
π Read
via "National Vulnerability Database".
Reflected Cross-Site Scripting (XSS) vulnerability in smartypants SP Project & Document Manager plugin <= 4.59 at WordPressπ Read
via "National Vulnerability Database".
βΌ CVE-2021-3659 βΌ
π Read
via "National Vulnerability Database".
A NULL pointer dereference flaw was found in the Linux kernelΓ’β¬β’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability.π Read
via "National Vulnerability Database".
βΌ CVE-2021-3590 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in Foreman project. A credential leak was identified which will expose Azure Compute Profile password through JSON of the API output. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34771 βΌ
π Read
via "National Vulnerability Database".
Tabit - arbitrary SMS send on Tabits behalf. The resend OTP API of tabit allows an adversary to send messages on tabits behalf to anyone registered on the system - the API receives the parameters: phone number, and CustomMessage, We can use that API to craft malicious messages to any user of the system. In addition, the API probably has some kind of template injection potential. When entering {{OTP}} in the custom message field it is formatted into an OTP.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34149 βΌ
π Read
via "National Vulnerability Database".
Authentication Bypass vulnerability in miniOrange WP OAuth Server plugin <= 3.0.4 at WordPress.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34347 βΌ
π Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) vulnerability in W3 Eden Download Manager plugin <= 3.2.48 at WordPress.π Read
via "National Vulnerability Database".
βΌ CVE-2021-24912 βΌ
π Read
via "National Vulnerability Database".
The Transposh WordPress Translation WordPress plugin before 1.0.8 does not have CSRF check in its tp_translation AJAX action, which could allow attackers to make authorised users add a translation. Given the lack of sanitisation in the tk0 parameter, this could lead to a Stored Cross-Site Scripting issue which will be executed in the context of a logged in adminπ Read
via "National Vulnerability Database".
βΌ CVE-2022-25812 βΌ
π Read
via "National Vulnerability Database".
The Transposh WordPress Translation WordPress plugin before 1.0.8 does not validate its debug settings, which could allow allowing high privilege users such as admin to perform RCEπ Read
via "National Vulnerability Database".
βΌ CVE-2021-3481 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in qt/qtbase/src/gui/painting/qdrawhelper_p.h in Qt/Qtbase. While rendering and displaying a crafted Scalable Vector Graphics (SVG) file this flaw may lead to an unauthorized memory access. The highest threat from this vulnerability is to data confidentiality and the application availability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-37134 βΌ
π Read
via "National Vulnerability Database".
D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Buffer Overflow via /goform/form2Wan.cgi. When wantype is 3, l2tp_usrname will be decrypted by base64, and the result will be stored in v94, which does not check the size of l2tp_usrname, resulting in stack overflow.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2544 βΌ
π Read
via "National Vulnerability Database".
The Ninja Job Board WordPress plugin before 1.3.3 does not protect the directory where it stores uploaded resumes, making it vulnerable to unauthenticated Directory Listing which allows the download of uploaded resumes.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36857 βΌ
π Read
via "National Vulnerability Database".
Authenticated (editor+) Stored Cross-Site Scripting (XSS) vulnerability in wpshopmart Testimonial Builder plugin <= 1.6.1 at WordPress.π Read
via "National Vulnerability Database".
βΌ CVE-2020-27836 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in cluster-ingress-operator. A change to how the router-default service allows only certain IP source ranges could allow an attacker to access resources that would otherwise be restricted to specified IP ranges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability..π Read
via "National Vulnerability Database".
βΌ CVE-2022-34774 βΌ
π Read
via "National Vulnerability Database".
Tabit - Arbitrary account modification. One of the endpoints mapped by the tiny URL, was a page where an adversary can modify personal details, such as email addresses and phone numbers of a specific user in a restaurant's loyalty program. Possibly allowing account takeover (the mail can be used to reset password).π Read
via "National Vulnerability Database".
βΌ CVE-2021-3521 βΌ
π Read
via "National Vulnerability Database".
There is a flaw in RPM's signature functionality. OpenPGP subkeys are associated with a primary key via a "binding signature." RPM does not check the binding signature of subkeys prior to importing them. If an attacker is able to add or socially engineer another party to add a malicious subkey to a legitimate public key, RPM could wrongly trust a malicious signature. The greatest impact of this flaw is to data integrity. To exploit this flaw, an attacker must either compromise an RPM repository or convince an administrator to install an untrusted RPM or public key. It is strongly recommended to only use RPMs and public keys from trusted sources.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34858 βΌ
π Read
via "National Vulnerability Database".
Authentication Bypass vulnerability in miniOrange OAuth 2.0 client for SSO plugin <= 1.11.3 at WordPress.π Read
via "National Vulnerability Database".