Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-34987 | 1 Parallels | 1 Parallels Desktop | 2022-07-22 | N/A | 8.2 HIGH |
| This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.5.1 (49187). An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the HDAudio virtual device. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-14969. | |||||
| CVE-2021-21921 | 1 Advantech | 1 R-seenet | 2022-07-22 | 4.0 MEDIUM | 4.9 MEDIUM |
| A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘name_filter’ parameter with the administrative account or through cross-site request forgery. | |||||
| CVE-2021-40150 | 1 Reolink | 2 E1 Zoom, E1 Zoom Firmware | 2022-07-22 | N/A | 7.5 HIGH |
| The web server of the E1 Zoom camera through 3.0.0.716 discloses its configuration via the /conf/ directory that is mapped to a publicly accessible path. In this way an attacker can download the entire NGINX/FastCGI configurations by querying the /conf/nginx.conf or /conf/fastcgi.conf URI. | |||||
| CVE-2022-26479 | 1 Poly | 2 Eagleeye Director Ii, Eagleeye Director Ii Firmware | 2022-07-22 | N/A | 9.8 CRITICAL |
| An issue was discovered in Poly EagleEye Director II before 2.2.2.1. Existence of a certain file (which can be created via an rsync backdoor) causes all API calls to execute as admin without authentication. | |||||
| CVE-2021-21923 | 1 Advantech | 1 R-seenet | 2022-07-22 | 4.0 MEDIUM | 4.9 MEDIUM |
| A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘company_filter’ parameter with the administrative account or through cross-site request forgery. | |||||
| CVE-2021-21922 | 1 Advantech | 1 R-seenet | 2022-07-22 | 4.0 MEDIUM | 6.5 MEDIUM |
| A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘username_filter’ parameter with the administrative account or through cross-site request forgery. | |||||
| CVE-2021-21920 | 1 Advantech | 1 R-seenet | 2022-07-22 | 4.0 MEDIUM | 4.9 MEDIUM |
| A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘surname_filter’ parameter with the administrative account or through cross-site request forgery. | |||||
| CVE-2021-21919 | 1 Advantech | 1 R-seenet | 2022-07-22 | 4.0 MEDIUM | 4.9 MEDIUM |
| A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ord’ parameter. However, the high privilege super-administrator account needs to be used to achieve exploitation without cross-site request forgery attack. | |||||
| CVE-2021-21924 | 1 Advantech | 1 R-seenet | 2022-07-22 | 4.0 MEDIUM | 6.5 MEDIUM |
| A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these vulnerabilities. This can be done as any authenticated user or through cross-site request forgery at ‘desc_filter’ parameter. | |||||
| CVE-2021-21927 | 1 Advantech | 1 R-seenet | 2022-07-22 | 4.0 MEDIUM | 6.5 MEDIUM |
| A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these vulnerabilities. This can be done as any authenticated user or through cross-site request forgery at ‘loc_filter’ parameter. | |||||
| CVE-2021-21925 | 1 Advantech | 1 R-seenet | 2022-07-22 | 4.0 MEDIUM | 6.5 MEDIUM |
| A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these vulnerabilities. This can be done as any authenticated user or through cross-site request forgery at ‘firm_filter’ parameter. | |||||
| CVE-2021-21926 | 1 Advantech | 1 R-seenet | 2022-07-22 | 4.0 MEDIUM | 6.5 MEDIUM |
| A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these vulnerabilities. This can be done as any authenticated user or through cross-site request forgery at ‘health_filter’ parameter. | |||||
| CVE-2020-24994 | 1 Libass Project | 1 Libass | 2022-07-22 | 6.8 MEDIUM | 8.8 HIGH |
| Stack overflow in the parse_tag function in libass/ass_parse.c in libass before 0.15.0 allows remote attackers to cause a denial of service or remote code execution via a crafted file. | |||||
| CVE-2020-15260 | 1 Teluu | 1 Pjsip | 2022-07-22 | 4.3 MEDIUM | 6.8 MEDIUM |
| PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In version 2.10 and earlier, PJSIP transport can be reused if they have the same IP address + port + protocol. However, this is insufficient for secure transport since it lacks remote hostname authentication. Suppose we have created a TLS connection to `sip.foo.com`, which has an IP address `100.1.1.1`. If we want to create a TLS connection to another hostname, say `sip.bar.com`, which has the same IP address, then it will reuse that existing connection, even though `100.1.1.1` does not have certificate to authenticate as `sip.bar.com`. The vulnerability allows for an insecure interaction without user awareness. It affects users who need access to connections to different destinations that translate to the same address, and allows man-in-the-middle attack if attacker can route a connection to another destination such as in the case of DNS spoofing. | |||||
| CVE-2020-29238 | 1 Expressvpn | 1 Expressvpn | 2022-07-22 | 5.0 MEDIUM | 7.5 HIGH |
| An integer buffer overflow in the Nginx webserver of ExpressVPN Router version 1 allows remote attackers to obtain sensitive information when the server running as reverse proxy via specially crafted request. | |||||
| CVE-2020-14372 | 4 Fedoraproject, Gnu, Netapp and 1 more | 9 Fedora, Grub2, Cloud Backup and 6 more | 2022-07-22 | 6.2 MEDIUM | 7.5 HIGH |
| A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) containing code to overwrite the Linux kernel lockdown variable content directly into memory. The table is further loaded and executed by the kernel, defeating its Secure Boot lockdown and allowing the attacker to load unsigned code. The highest threat from this vulnerability is to data confidentiality and integrity, as well as system availability. | |||||
| CVE-2021-22203 | 1 Gitlab | 1 Gitlab | 2022-07-22 | 7.5 HIGH | 9.8 CRITICAL |
| An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7.9 before 13.8.7, all versions starting from 13.9 before 13.9.5, and all versions starting from 13.10 before 13.10.1. A specially crafted Wiki page allowed attackers to read arbitrary files on the server. | |||||
| CVE-2019-5317 | 2 Arubanetworks, Siemens | 3 Instant, Scalance W1750d, Scalance W1750d Firmware | 2022-07-22 | 4.6 MEDIUM | 6.8 MEDIUM |
| A local authentication bypass vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x: 6.5.4.15 and below; Aruba Instant 8.3.x: 8.3.0.11 and below; Aruba Instant 8.4.x: 8.4.0.5 and below; Aruba Instant 8.5.x: 8.5.0.6 and below; Aruba Instant 8.6.x: 8.6.0.2 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. | |||||
| CVE-2022-31161 | 1 Roxy-wi | 1 Roxy-wi | 2022-07-22 | N/A | 9.8 CRITICAL |
| Roxy-WI is a Web interface for managing HAProxy, Nginx and Keepalived servers. Prior to version 6.1.1.0, the system command can be run remotely via the subprocess_execute function without processing the inputs received from the user in the /app/options.py file. Version 6.1.1.0 contains a patch for this issue. | |||||
| CVE-2021-22234 | 1 Gitlab | 1 Gitlab | 2022-07-22 | 3.5 LOW | 6.4 MEDIUM |
| An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.11 before 13.11.7, all versions starting from 13.12 before 13.12.8, and all versions starting from 14.0 before 14.0.4. A specially crafted design image allowed attackers to read arbitrary files on the server. | |||||