Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-345
Total 261 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-31800 1 Phoenixcontact 34 Axc 1050, Axc 1050 Firmware, Axc 1050 Xc and 31 more 2022-06-28 10.0 HIGH 9.8 CRITICAL
An unauthenticated, remote attacker could upload malicious logic to devices based on ProConOS/ProConOS eCLR in order to gain full control over the device.
CVE-2022-32252 1 Siemens 1 Sinema Remote Connect Server 2022-06-23 9.3 HIGH 7.8 HIGH
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The application does not perform the integrity check of the update packages. Without validation, an admin user might be tricked to install a malicious package, granting root privileges to an attacker.
CVE-2022-28385 1 Verbatim 4 Executive Fingerprint Secure Ssd, Executive Fingerprint Secure Ssd Firmware, Fingerprint Secure Portable Hard Drive and 1 more 2022-06-21 2.1 LOW 4.6 MEDIUM
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to missing integrity checks, an attacker can manipulate the content of the emulated CD-ROM drive (containing the Windows and macOS client software). The content of this emulated CD-ROM drive is stored as an ISO-9660 image in the hidden sectors of the USB drive, that can only be accessed using special IOCTL commands, or when installing the drive in an external disk enclosure. By manipulating this ISO-9660 image or replacing it with another one, an attacker is able to store malicious software on the emulated CD-ROM drive. This software may get executed by an unsuspecting victim when using the device. For example, an attacker with temporary physical access during the supply chain could program a modified ISO-9660 image on a device that always accepts an attacker-controlled password for unlocking the device. If the attacker later on gains access to the used USB drive, he can simply decrypt all contained user data. Storing arbitrary other malicious software is also possible. This affects Executive Fingerprint Secure SSD GDMSFE01-INI3637-C VER1.1 and Fingerprint Secure Portable Hard Drive Part Number #53650.
CVE-2022-29220 1 Fastify 1 Github Action Merge Dependabot 2022-06-15 4.0 MEDIUM 6.5 MEDIUM
github-action-merge-dependabot is an action that automatically approves and merges dependabot pull requests (PRs). Prior to version 3.2.0, github-action-merge-dependabot does not check if a commit created by dependabot is verified with the proper GPG key. There is just a check if the actor is set to `dependabot[bot]` to determine if the PR is a legit PR. Theoretically, an owner of a seemingly valid and legit action in the pipeline can check if the PR is created by dependabot and if their own action has enough permissions to modify the PR in the pipeline. If so, they can modify the PR by adding a second seemingly valid and legit commit to the PR, as they can set arbitrarily the username and email in for commits in git. Because the bot only checks if the actor is valid, it would pass the malicious changes through and merge the PR automatically, without getting noticed by project maintainers. It would probably not be possible to determine where the malicious commit came from, as it would only say `dependabot[bot]` and the corresponding email-address. Version 3.2.0 contains a patch for this issue.
CVE-2020-6081 1 Codesys 1 Runtime 2022-06-03 6.5 MEDIUM 8.8 HIGH
An exploitable code execution vulnerability exists in the PLC_Task functionality of 3S-Smart Software Solutions GmbH CODESYS Runtime 3.5.14.30. A specially crafted network request can cause remote code execution. An attacker can send a malicious packet to trigger this vulnerability.
CVE-2018-15801 1 Vmware 1 Spring Framework 2022-06-03 5.8 MEDIUM 7.4 HIGH
Spring Security versions 5.1.x prior to 5.1.2 contain an authorization bypass vulnerability during JWT issuer validation. In order to be impacted, the same private key for an honest issuer and a malicious user must be used when signing JWTs. In that case, a malicious user could fashion signed JWTs with the malicious issuer URL that may be granted for the honest issuer.
CVE-2021-26368 1 Amd 140 Ryzen 3 2200u, Ryzen 3 2200u Firmware, Ryzen 3 2300u and 137 more 2022-06-01 4.9 MEDIUM 4.4 MEDIUM
Insufficient check of the process type in Trusted OS (TOS) may allow an attacker with privileges to enable a lesser privileged process to unmap memory owned by a higher privileged process resulting in a denial of service.
CVE-2021-27759 1 Hcltech 1 Bigfix Inventory 2022-05-17 4.3 MEDIUM 6.5 MEDIUM
This vulnerability arises because the application allows the user to perform some sensitive action without verifying that the request was sent intentionally. An attacker can cause a victim's browser to emit an HTTP request to an arbitrary URL in the application.
CVE-2022-20795 1 Cisco 28 Adaptive Security Appliance, Asa 5505, Asa 5512-x and 25 more 2022-05-04 5.0 MEDIUM 7.5 HIGH
A vulnerability in the implementation of the Datagram TLS (DTLS) protocol in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause high CPU utilization, resulting in a denial of service (DoS) condition. This vulnerability is due to suboptimal processing that occurs when establishing a DTLS tunnel as part of an AnyConnect SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted DTLS traffic to an affected device. A successful exploit could allow the attacker to exhaust resources on the affected VPN headend device. This could cause existing DTLS tunnels to stop passing traffic and prevent new DTLS tunnels from establishing, resulting in a DoS condition. Note: When the attack traffic stops, the device recovers gracefully.
CVE-2020-14122 1 Mi 1 Miui 2022-05-03 2.1 LOW 5.5 MEDIUM
Some Xiaomi phones have information leakage vulnerabilities, and some of them may be able to forge a specific identity due to the lack of parameter verification, resulting in user information leakage.
CVE-2020-14116 1 Mi 1 Mi Browser 2022-05-02 5.0 MEDIUM 7.5 HIGH
An intent redirection vulnerability in the Mi Browser product. This vulnerability is caused by the Mi Browser does not verify the validity of the incoming data. Attackers can perform sensitive operations by exploiting this.
CVE-2022-26516 1 Redlion 2 Da50n, Da50n Firmware 2022-04-29 6.8 MEDIUM 7.8 HIGH
Authorized users may install a maliciously modified package file when updating the device via the web user interface. The user may inadvertently use a package file obtained from an unauthorized source or a file that was compromised between download and deployment.
CVE-2020-16250 1 Hashicorp 1 Vault 2022-04-28 7.5 HIGH 9.8 CRITICAL
HashiCorp Vault and Vault Enterprise versions 0.7.1 and newer, when configured with the AWS IAM auth method, may be vulnerable to authentication bypass. Fixed in 1.2.5, 1.3.8, 1.4.4, and 1.5.1..
CVE-2021-26625 2 Microsoft, Tobesoft 2 Windows, Nexacro 2022-04-27 6.8 MEDIUM 8.8 HIGH
Insufficient Verification of input Data leading to arbitrary file download and execute was discovered in Nexacro platform. This vulnerability is caused by an automatic update function that does not verify input data except version information. Remote attackers can use this incomplete validation logic to download and execute arbitrary malicious file.
CVE-2019-5587 1 Fortinet 1 Fortios 2022-04-22 4.0 MEDIUM 6.5 MEDIUM
Lack of root file system integrity checking in Fortinet FortiOS VM application images all versions below 6.0.5 may allow attacker to implant malicious programs into the installing image by reassembling the image through specific methods.
CVE-2020-7982 1 Openwrt 2 Lede, Openwrt 2022-04-18 6.8 MEDIUM 8.1 HIGH
An issue was discovered in OpenWrt 18.06.0 to 18.06.6 and 19.07.0, and LEDE 17.01.0 to 17.01.7. A bug in the fork of the opkg package manager before 2020-01-25 prevents correct parsing of embedded checksums in the signed repository index, allowing a man-in-the-middle attacker to inject arbitrary package payloads (which are installed without verification).
CVE-2021-24825 1 Custom Content Shortcode Project 1 Custom Content Shortcode 2022-04-12 4.0 MEDIUM 4.3 MEDIUM
The Custom Content Shortcode WordPress plugin before 4.0.2 does not validate the data passed to its load shortcode, which could allow Contributor+ (v < 4.0.1) or Admin+ (v < 4.0.2) users to display arbitrary files from the filesystem (such as logs, .htaccess etc), as well as perform Local File Inclusion attacks as PHP files will be executed. Please note that such attack is still possible by admin+ in single site blogs by default (but won't be when either the unfiltered_html or file_edit is disallowed)
CVE-2021-4031 1 Syltek 1 Syltek 2022-03-29 5.0 MEDIUM 7.5 HIGH
Syltek application before its 10.22.00 version, does not correctly check that a product ID has a valid payment associated to it. This could allow an attacker to forge a request and bypass the payment system by marking items as payed without any verification.
CVE-2022-22994 1 Westerndigital 11 My Cloud, My Cloud Dl2100, My Cloud Dl4100 and 8 more 2022-03-15 7.5 HIGH 9.8 CRITICAL
A remote code execution vulnerability was discovered on Western Digital My Cloud devices where an attacker could trick a NAS device into loading through an unsecured HTTP call. This was a result insufficient verification of calls to the device. The vulnerability was addressed by disabling checks for internet connectivity using HTTP.
CVE-2020-14115 1 Mi 2 Ax3600, Ax3600 Firmware 2022-03-11 10.0 HIGH 9.8 CRITICAL
A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of inspection for incoming data detection. Attackers can exploit this vulnerability to execute code.