Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-21833 | 1 Accusoft | 1 Imagegear | 2022-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| An improper array index validation vulnerability exists in the TIF IP_planar_raster_unpack functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2021-21824 | 1 Accusoft | 1 Imagegear | 2022-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| An out-of-bounds write vulnerability exists in the JPG Handle_JPEG420 functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2021-21777 | 1 Opener Project | 1 Opener | 2022-08-24 | 9.4 HIGH | 10.0 CRITICAL |
| An information disclosure vulnerability exists in the Ethernet/IP UDP handler functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted network request can lead to an out-of-bounds read. | |||||
| CVE-2022-2796 | 1 Pimcore | 1 Pimcore | 2022-08-24 | N/A | 4.8 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.4. | |||||
| CVE-2022-36350 | 1 Pukiwiki | 1 Pukiwiki | 2022-08-24 | N/A | 5.4 MEDIUM |
| Stored cross-site scripting vulnerability in PukiWiki versions 1.3.1 to 1.5.3 allows a remote attacker to inject an arbitrary script via unspecified vectors. | |||||
| CVE-2022-34486 | 1 Pukiwiki | 1 Pukiwiki | 2022-08-24 | N/A | 7.2 HIGH |
| Path traversal vulnerability in PukiWiki versions 1.4.5 to 1.5.3 allows a remote authenticated attacker with an administrative privilege to execute a malicious script via unspecified vectors. | |||||
| CVE-2022-27637 | 1 Pukiwiki | 1 Pukiwiki | 2022-08-24 | N/A | 6.1 MEDIUM |
| Reflected cross-site scripting vulnerability in PukiWiki versions 1.5.1 to 1.5.3 allows a remote attacker to inject an arbitrary script via unspecified vectors. | |||||
| CVE-2022-35148 | 1 Maccms | 1 Maccms | 2022-08-24 | N/A | 6.5 MEDIUM |
| maccms10 v2021.1000.1081 to v2022.1000.3031 was discovered to contain a SQL injection vulnerability via the table parameter at database/columns.html. | |||||
| CVE-2021-21775 | 3 Debian, Fedoraproject, Webkitgtk | 3 Debian Linux, Fedora, Webkitgtk | 2022-08-24 | 6.0 MEDIUM | 8.0 HIGH |
| A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tricked into visiting a malicious webpage. | |||||
| CVE-2021-21809 | 1 Moodle | 1 Moodle | 2022-08-24 | 9.0 HIGH | 9.1 CRITICAL |
| A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted series of HTTP requests can lead to command execution. An attacker must have administrator privileges to exploit this vulnerabilities. | |||||
| CVE-2021-21807 | 1 Accusoft | 1 Imagegear | 2022-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| An integer overflow vulnerability exists in the DICOM parse_dicom_meta_info functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to a stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2021-21911 | 2 Advantech, Microsoft | 2 R-seenet, Windows | 2022-08-24 | 7.2 HIGH | 7.8 HIGH |
| A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2021-21821 | 1 Accusoft | 1 Imagegear | 2022-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| A stack-based buffer overflow vulnerability exists in the PDF process_fontname functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2020-27836 | 1 Redhat | 2 Enterprise Linux, Openshift Container Platform | 2022-08-24 | N/A | 9.8 CRITICAL |
| A flaw was found in cluster-ingress-operator. A change to how the router-default service allows only certain IP source ranges could allow an attacker to access resources that would otherwise be restricted to specified IP ranges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.. | |||||
| CVE-2020-16288 | 3 Artifex, Canonical, Debian | 3 Ghostscript, Ubuntu Linux, Debian Linux | 2022-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| A buffer overflow vulnerability in pj_common_print_page() in devices/gdevpjet.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | |||||
| CVE-2020-16287 | 3 Artifex, Canonical, Debian | 3 Ghostscript, Ubuntu Linux, Debian Linux | 2022-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gdevlprn.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | |||||
| CVE-2020-16292 | 3 Artifex, Canonical, Debian | 3 Ghostscript, Ubuntu Linux, Debian Linux | 2022-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| A buffer overflow vulnerability in mj_raster_cmd() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | |||||
| CVE-2020-16291 | 3 Artifex, Canonical, Debian | 3 Ghostscript, Ubuntu Linux, Debian Linux | 2022-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| A buffer overflow vulnerability in contrib/gdevdj9.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | |||||
| CVE-2020-16290 | 3 Artifex, Canonical, Debian | 3 Ghostscript, Ubuntu Linux, Debian Linux | 2022-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | |||||
| CVE-2020-16289 | 3 Artifex, Canonical, Debian | 3 Ghostscript, Ubuntu Linux, Debian Linux | 2022-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| A buffer overflow vulnerability in cif_print_page() in devices/gdevcif.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | |||||