Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-22309 | 1 Ibm | 2 Power System S922, Power System S922 Firmware | 2022-06-21 | 4.6 MEDIUM | 6.8 MEDIUM |
| The POWER systems FSP is vulnerable to unauthenticated logins through the serial port/TTY interface. This vulnerability can be more critical if the serial port is connected to a serial-over-lan device. IBM X-Force ID: 217095. | |||||
| CVE-2022-2067 | 1 Rosariosis | 1 Rosariosis | 2022-06-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| SQL Injection in GitHub repository francoisjacquet/rosariosis prior to 9.0. | |||||
| CVE-2019-5100 | 1 Leadtools | 1 Leadtools | 2022-06-21 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow vulnerability exists in the BMP header parsing functionality of LEADTOOLS 20. A specially crafted BMP image file can cause an integer overflow, potentially resulting in code execution. An attacker can specially craft a BMP image to trigger this vulnerability. | |||||
| CVE-2019-5099 | 1 Leadtools | 1 Leadtools | 2022-06-21 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer underflow vulnerability exists in the CMP-parsing functionality of LEADTOOLS 20. A specially crafted CMP image file can cause an integer underflow, potentially resulting in code execution. An attacker can specially craft a CMP image to trigger this vulnerability. | |||||
| CVE-2019-5084 | 1 Leadtools | 1 Leadtools | 2022-06-21 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable heap out-of-bounds write vulnerability exists in the TIF-parsing functionality of LEADTOOLS 20. A specially crafted TIF image can cause an offset beyond the bounds of a heap allocation to be written, potentially resulting in code execution. An attacker can specially craft a TIF image to trigger this vulnerability. | |||||
| CVE-2019-5068 | 4 Canonical, Debian, Mesa3d and 1 more | 4 Ubuntu Linux, Debian Linux, Mesa and 1 more | 2022-06-21 | 3.6 LOW | 4.4 MEDIUM |
| An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability. | |||||
| CVE-2019-5086 | 2 Debian, Xcftools Project | 2 Debian Linux, Xcftools | 2022-06-21 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools, version 1.0.7. An integer overflow can occur while walking through tiles that could be exploited to corrupt memory and execute arbitrary code. In order to trigger this vulnerability, a victim would need to open a specially crafted XCF file. | |||||
| CVE-2019-5102 | 1 Openwrt | 1 Openwrt | 2022-06-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and 15.05.1. When connecting to a remote server, the server's SSL certificate is checked but no action is taken when the certificate is invalid. An attacker could exploit this behavior by performing a man-in-the-middle attack, providing any certificate, leading to the theft of all the data sent by the client during the first request. | |||||
| CVE-2019-5101 | 1 Openwrt | 1 Openwrt | 2022-06-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and 15.05.1. When connecting to a remote server, the server's SSL certificate is checked but no action is taken when the certificate is invalid. An attacker could exploit this behavior by performing a man-in-the-middle attack, providing any certificate, leading to the theft of all the data sent by the client during the first request. After an SSL connection is initialized via _ustream_ssl_init, and after any data (e.g. the client's HTTP request) is written to the stream using ustream_printf, the code eventually enters the function __ustream_ssl_poll, which is used to dispatch the read/write events | |||||
| CVE-2019-5125 | 1 Leadtools | 1 Leadtools | 2022-06-21 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable heap overflow vulnerability exists in the JPEG2000 parsing functionality of LEADTOOLS 20. A specially crafted J2K image file can cause an out of bounds write of a heap buffer, potentially resulting in code execution. An attack can specially craft a J2K image to trigger this vulnerability. | |||||
| CVE-2019-5087 | 2 Debian, Xcftools Project | 2 Debian Linux, Xcftools | 2022-06-21 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools 1.0.7. An integer overflow can occur while calculating the row's allocation size, that could be exploited to corrupt memory and eventually execute arbitrary code. In order to trigger this vulnerability, a victim would need to open a specially crafted XCF file. | |||||
| CVE-2022-32335 | 1 Fast Food Ordering System Project | 1 Fast Food Ordering System | 2022-06-21 | 6.5 MEDIUM | 7.2 HIGH |
| Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/menus/manage_menu.php?id=. | |||||
| CVE-2022-32334 | 1 Fast Food Ordering System Project | 1 Fast Food Ordering System | 2022-06-21 | 6.5 MEDIUM | 7.2 HIGH |
| Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/categories/manage_category.php?id=. | |||||
| CVE-2022-32333 | 1 Fast Food Ordering System Project | 1 Fast Food Ordering System | 2022-06-21 | 6.5 MEDIUM | 7.2 HIGH |
| Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/sales/receipt.php?id=. | |||||
| CVE-2022-32332 | 1 Fast Food Ordering System Project | 1 Fast Food Ordering System | 2022-06-21 | 6.5 MEDIUM | 7.2 HIGH |
| Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/classes/Master.php?f=delete_category. | |||||
| CVE-2022-32331 | 1 Fast Food Ordering System Project | 1 Fast Food Ordering System | 2022-06-21 | 6.5 MEDIUM | 7.2 HIGH |
| Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/categories/view_category.php?id=. | |||||
| CVE-2022-32330 | 1 Fast Food Ordering System Project | 1 Fast Food Ordering System | 2022-06-21 | 6.5 MEDIUM | 7.2 HIGH |
| Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/classes/Master.php?f=delete_menu. | |||||
| CVE-2022-32344 | 1 Hospital\'s Patient Records Management System Project | 1 Hospital\'s Patient Records Management System | 2022-06-21 | 6.5 MEDIUM | 7.2 HIGH |
| Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_patient. | |||||
| CVE-2022-32343 | 1 Hospital\'s Patient Records Management System Project | 1 Hospital\'s Patient Records Management System | 2022-06-21 | 6.5 MEDIUM | 7.2 HIGH |
| Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via hprms/admin/room_types/manage_room_type.php?id=. | |||||
| CVE-2022-32342 | 1 Hospital\'s Patient Records Management System Project | 1 Hospital\'s Patient Records Management System | 2022-06-21 | 6.5 MEDIUM | 7.2 HIGH |
| Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/room_types/view_room_type.php?id=. | |||||