Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-3754 | 1 Redhat | 2 Keycloak, Single Sign-on | 2022-09-01 | N/A | 5.3 MEDIUM |
| A flaw was found in keycloak where an attacker is able to register himself with the username same as the email ID of any existing user. This may cause trouble in getting password recovery email in case the user forgets the password. | |||||
| CVE-2021-3856 | 1 Redhat | 1 Keycloak | 2022-09-01 | N/A | 4.3 MEDIUM |
| ClassLoaderTheme and ClasspathThemeResourceProviderFactory allows reading any file available as a resource to the classloader. By sending requests for theme resources with a relative path from an external HTTP client, the client will receive the content of random files if available. | |||||
| CVE-2022-25625 | 1 Broadcom | 1 Symantec Privileged Access Management | 2022-09-01 | N/A | 8.8 HIGH |
| A malicious unauthorized PAM user can access the administration configuration data and change the values. | |||||
| CVE-2022-0084 | 1 Redhat | 4 Integration Camel K, Integration Camel Quarkus, Single Sign-on and 1 more | 2022-09-01 | N/A | 7.5 HIGH |
| A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk fill-up. | |||||
| CVE-2022-38557 | 1 Dlink | 2 Dir-845l, Dir-845l Firmware | 2022-09-01 | N/A | 9.8 CRITICAL |
| D-Link DIR845L v1.00-v1.03 contains a Static Default Credential vulnerability in /etc/init0.d/S80telnetd.sh. | |||||
| CVE-2022-23946 | 3 Debian, Fedoraproject, Kicad | 3 Debian Linux, Fedora, Kicad Eda | 2022-09-01 | 6.8 MEDIUM | 7.8 HIGH |
| A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon GCodeNumber parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2019-20807 | 6 Apple, Canonical, Debian and 3 more | 7 Mac Os X, Ubuntu Linux, Debian Linux and 4 more | 2022-09-01 | 4.6 MEDIUM | 5.3 MEDIUM |
| In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua). | |||||
| CVE-2022-36572 | 1 Sinsiu | 1 Enterprise Website System | 2022-09-01 | N/A | 9.8 CRITICAL |
| Sinsiu Sinsiu Enterprise Website System v1.1.1.0 was discovered to contain a remote code execution (RCE) vulnerability via the component /upload/admin.php?/deal/. | |||||
| CVE-2022-38555 | 1 Linksys | 2 E1200, E1200 Firmware | 2022-09-01 | N/A | 9.8 CRITICAL |
| Linksys E1200 v1.0.04 is vulnerable to Buffer Overflow via ej_get_web_page_name. | |||||
| CVE-2022-38562 | 1 Tenda | 2 M3, M3 Firmware | 2022-09-01 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service (DoS) via the lan parameter. | |||||
| CVE-2022-38565 | 1 Tenda | 2 M3, M3 Firmware | 2022-09-01 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formEmailTest. This vulnerability allows attackers to cause a Denial of Service (DoS) via the mailpwd parameter. | |||||
| CVE-2022-38564 | 1 Tenda | 2 M3, M3 Firmware | 2022-09-01 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a buffer overflow vulnerability in the function formSetPicListItem. This vulnerability allows attackers to cause a Denial of Service (DoS) via the adItemUID parameter. | |||||
| CVE-2022-38563 | 1 Tenda | 2 M3, M3 Firmware | 2022-09-01 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service (DoS) via the MACAddr parameter. | |||||
| CVE-2022-38568 | 1 Tenda | 2 M3, M3 Firmware | 2022-09-01 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service (DoS) via the hostname parameter. | |||||
| CVE-2022-38566 | 1 Tenda | 2 M3, M3 Firmware | 2022-09-01 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formEmailTest. This vulnerability allows attackers to cause a Denial of Service (DoS) via the mailname parameter. | |||||
| CVE-2022-38567 | 1 Tenda | 2 M3, M3 Firmware | 2022-09-01 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow vulnerability in the function formSetAdConfigInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the authIPs parameter. | |||||
| CVE-2022-38571 | 1 Tenda | 2 M3, M3 Firmware | 2022-09-01 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a buffer overflow in the function formSetGuideListItem. | |||||
| CVE-2022-38570 | 1 Tenda | 2 M3, M3 Firmware | 2022-09-01 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow in the function formDelPushedAd. This vulnerability allows attackers to cause a Denial of Service (DoS) via the adPushUID parameter. | |||||
| CVE-2022-38569 | 1 Tenda | 2 M3, M3 Firmware | 2022-09-01 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow in the function formDelAd. | |||||
| CVE-2022-36129 | 1 Hashicorp | 1 Vault | 2022-09-01 | N/A | 9.1 CRITICAL |
| HashiCorp Vault Enterprise 1.7.0 through 1.9.7, 1.10.4, and 1.11.0 clusters using Integrated Storage expose an unauthenticated API endpoint that could be abused to override the voter status of a node within a Vault HA cluster, introducing potential for future data loss or catastrophic failure. Fixed in Vault Enterprise 1.9.8, 1.10.5, and 1.11.1. | |||||