Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-36628 | 2022-04-25 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-40680. Reason: This candidate is a reservation duplicate of CVE-2021-40680. Notes: All CVE users should reference CVE-2021-40680 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-2021-33626 | 2 Insyde, Siemens | 33 Insydeh2o, Ruggedcom Apr1808, Ruggedcom Apr1808 Firmware and 30 more | 2022-04-23 | 4.6 MEDIUM | 7.8 HIGH |
| A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer(QWORD values for CommBuffer). This can be used by an attacker to corrupt data in SMRAM memory and even lead to arbitrary code execution. | |||||
| CVE-2020-35730 | 3 Debian, Fedoraproject, Roundcube | 3 Debian Linux, Fedora, Webmail | 2022-04-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkref_addindex in rcube_string_replacer.php. | |||||
| CVE-2018-11689 | 2 Hanwha-security, Samsung | 19 Hrd-1641, Hrd-1641 Firmware, Hrd-1642 and 16 more | 2022-04-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| Web Viewer for Hanwha DVR 2.17 and Smart Viewer in Samsung Web Viewer for Samsung DVR are vulnerable to XSS via the /cgi-bin/webviewer_login_page data3 parameter. (The same Web Viewer codebase was transitioned from Samsung to Hanwha.) | |||||
| CVE-2022-28020 | 1 Attendance And Payroll System Project | 1 Attendance And Payroll System | 2022-04-22 | 6.5 MEDIUM | 8.8 HIGH |
| Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\position_edit.php. | |||||
| CVE-2022-28019 | 1 Attendance And Payroll System Project | 1 Attendance And Payroll System | 2022-04-22 | 6.5 MEDIUM | 8.8 HIGH |
| Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\employee_edit.php. | |||||
| CVE-2022-28018 | 1 Attendance And Payroll System Project | 1 Attendance And Payroll System | 2022-04-22 | 6.5 MEDIUM | 8.8 HIGH |
| Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\schedule_edit.php. | |||||
| CVE-2022-28017 | 1 Attendance And Payroll System Project | 1 Attendance And Payroll System | 2022-04-22 | 6.5 MEDIUM | 8.8 HIGH |
| Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\overtime_edit.php. | |||||
| CVE-2022-28016 | 1 Attendance And Payroll System Project | 1 Attendance And Payroll System | 2022-04-22 | 6.5 MEDIUM | 8.8 HIGH |
| Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\deduction_edit.php. | |||||
| CVE-2022-28015 | 1 Attendance And Payroll System Project | 1 Attendance And Payroll System | 2022-04-22 | 6.5 MEDIUM | 8.8 HIGH |
| Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\cashadvance_edit.php. | |||||
| CVE-2022-28014 | 1 Attendance And Payroll System Project | 1 Attendance And Payroll System | 2022-04-22 | 6.5 MEDIUM | 8.8 HIGH |
| Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\attendance_edit.php. | |||||
| CVE-2022-28013 | 1 Attendance And Payroll System Project | 1 Attendance And Payroll System | 2022-04-22 | 6.5 MEDIUM | 8.8 HIGH |
| Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\schedule_employee_edit.php. | |||||
| CVE-2022-28012 | 1 Attendance And Payroll System Project | 1 Attendance And Payroll System | 2022-04-22 | 6.5 MEDIUM | 8.8 HIGH |
| Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\position_delete.php. | |||||
| CVE-2022-28011 | 1 Attendance And Payroll System Project | 1 Attendance And Payroll System | 2022-04-22 | 6.5 MEDIUM | 8.8 HIGH |
| Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\schedule_delete.php. | |||||
| CVE-2022-28010 | 1 Attendance And Payroll System Project | 1 Attendance And Payroll System | 2022-04-22 | 6.5 MEDIUM | 8.8 HIGH |
| Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\overtime_delete.php. | |||||
| CVE-2022-28009 | 1 Attendance And Payroll System Project | 1 Attendance And Payroll System | 2022-04-22 | 6.5 MEDIUM | 8.8 HIGH |
| Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\attendance_delete.php. | |||||
| CVE-2022-28008 | 1 Attendance And Payroll System Project | 1 Attendance And Payroll System | 2022-04-22 | 6.5 MEDIUM | 8.8 HIGH |
| Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\attendance_delete.php. | |||||
| CVE-2022-28007 | 1 Attendance And Payroll System Project | 1 Attendance And Payroll System | 2022-04-22 | 6.5 MEDIUM | 8.8 HIGH |
| Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\cashadvance_delete.php. | |||||
| CVE-2022-28006 | 1 Attendance And Payroll System Project | 1 Attendance And Payroll System | 2022-04-22 | 6.5 MEDIUM | 8.8 HIGH |
| Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\employee_delete.php. | |||||
| CVE-2022-22391 | 1 Ibm | 2 Aspera High-speed Transfer Endpoint, Aspera High-speed Transfer Server | 2022-04-22 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Aspera High-Speed Transfer 4.3.1 and earlier could allow an authenticated user to obtain information from non sensitive operating system files that they should not have access to. IBM X-Force ID: 222059. | |||||