Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Total 210374 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-26348 1 Amd 46 Epyc 72f3, Epyc 72f3 Firmware, Epyc 7313 and 43 more 2022-05-19 2.1 LOW 5.5 MEDIUM
Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity.
CVE-2021-42651 1 Pentest Collaboration Framework Project 1 Pentest Collaboration Framework 2022-05-19 6.5 MEDIUM 8.8 HIGH
A Server Side Template Injection (SSTI) vulnerability in Pentest-Collaboration-Framework v1.0.8 allows an authenticated remote attacker to execute arbitrary code through /project/PROJECTNAME/reports/.
CVE-2022-29978 1 Libsixel Project 1 Libsixel 2022-05-19 4.3 MEDIUM 6.5 MEDIUM
There is a floating point exception error in sixel_encoder_do_resize, encoder.c:633 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file.
CVE-2022-29977 1 Libsixel Project 1 Libsixel 2022-05-19 4.3 MEDIUM 6.5 MEDIUM
There is an assertion failure error in stbi__jpeg_huff_decode, stb_image.h:1894 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file.
CVE-2022-29610 1 Sap 1 Netweaver Application Server Abap 2022-05-18 3.5 LOW 5.4 MEDIUM
SAP NetWeaver Application Server ABAP allows an authenticated attacker to upload malicious files and delete (theme) data, which could result in Stored Cross-Site Scripting (XSS) attack.
CVE-2022-28214 1 Sap 2 Businessobjects, Businessobjects Business Intelligence 2022-05-18 4.6 MEDIUM 7.8 HIGH
During an update of SAP BusinessObjects Enterprise, Central Management Server (CMS) - versions 420, 430, authentication credentials are being exposed in Sysmon event logs. This Information Disclosure could cause a high impact on systems’ Confidentiality, Integrity, and Availability.
CVE-2021-44167 1 Fortinet 1 Forticlient 2022-05-18 5.0 MEDIUM 7.5 HIGH
An incorrect permission assignment for critical resource vulnerability [CWE-732] in FortiClient for Linux version 6.0.8 and below, 6.2.9 and below, 6.4.7 and below, 7.0.2 and below may allow an unauthenticated attacker to access sensitive information in log files and directories via symbolic links.
CVE-2022-29932 1 Primeur 1 Spazio 2022-05-18 5.0 MEDIUM 7.5 HIGH
The HTTP Server in PRIMEUR SPAZIO 2.5.1.954 (File Transfer) allows an unauthenticated attacker to obtain sensitive data (related to the content of transferred files) via a crafted HTTP request.
CVE-2021-43081 1 Fortinet 2 Fortios, Fortiproxy 2022-05-18 4.3 MEDIUM 6.1 MEDIUM
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. and in FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0 web filter override form may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests.
CVE-2022-29751 1 Simple Client Management System Project 1 Simple Client Management System 2022-05-18 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_client.
CVE-2022-29750 1 Simple Client Management System Project 1 Simple Client Management System 2022-05-18 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_service.
CVE-2022-29749 1 Simple Client Management System Project 1 Simple Client Management System 2022-05-18 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_invoice.
CVE-2022-29748 1 Simple Client Management System Project 1 Simple Client Management System 2022-05-18 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via \cms\admin?page=client/manage_client&id=.
CVE-2022-29747 1 Simple Client Management System Project 1 Simple Client Management System 2022-05-18 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=invoice/manage_invoice&id= // Leak place ---> id.
CVE-2022-29986 1 Online Sports Complex Booking System Project 1 Online Sports Complex Booking System 2022-05-18 7.5 HIGH 9.8 CRITICAL
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete_facility.
CVE-2022-29985 1 Online Sports Complex Booking System Project 1 Online Sports Complex Booking System 2022-05-18 7.5 HIGH 9.8 CRITICAL
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete_category.
CVE-2022-29984 1 Simple Client Management System Project 1 Simple Client Management System 2022-05-18 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=client/view_client&id=.
CVE-2022-29982 1 Simple Client Management System Project 1 Simple Client Management System 2022-05-18 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/maintenance/manage_service.php?id=.
CVE-2022-29981 1 Simple Client Management System Project 1 Simple Client Management System 2022-05-18 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Users.php?f=delete.
CVE-2022-29979 1 Simple Client Management System Project 1 Simple Client Management System 2022-05-18 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_designation.