Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-41715 | 1 Libsixel Project | 1 Libsixel | 2022-04-14 | 6.8 MEDIUM | 8.8 HIGH |
| libsixel 1.10.0 is vulnerable to Use after free in libsixel/src/dither.c:379. | |||||
| CVE-2022-25596 | 1 Asus | 2 Rt-ac86u, Rt-ac86u Firmware | 2022-04-14 | 5.8 MEDIUM | 8.8 HIGH |
| ASUS RT-AC56U’s configuration function has a heap-based buffer overflow vulnerability due to insufficient validation for the decryption parameter length, which allows an unauthenticated LAN attacker to execute arbitrary code, perform arbitrary operations and disrupt service. | |||||
| CVE-2022-25597 | 1 Asus | 2 Rt-ac86u, Rt-ac86u Firmware | 2022-04-14 | 5.8 MEDIUM | 8.8 HIGH |
| ASUS RT-AC86U’s LPD service has insufficient filtering for special characters in the user request, which allows an unauthenticated LAN attacker to perform command injection attack, execute arbitrary commands and disrupt or terminate service. | |||||
| CVE-2022-25594 | 1 Program | 1 Parking Lot Management System | 2022-04-14 | 5.0 MEDIUM | 5.3 MEDIUM |
| Microprogram’s parking lot management system is vulnerable to sensitive information exposure. An unauthorized remote attacker can input specific URLs to acquire partial system configuration information. | |||||
| CVE-2022-0677 | 1 Bitdefender | 3 Endpoint Security Tools, Gravityzone, Update Server | 2022-04-14 | 5.0 MEDIUM | 7.5 HIGH |
| Improper Handling of Length Parameter Inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools (in relay role), GravityZone (in Update Server role) allows an attacker to cause a Denial-of-Service. This issue affects: Bitdefender Update Server versions prior to 3.4.0.276. Bitdefender GravityZone versions prior to 26.4-1. Bitdefender Endpoint Security Tools for Linux versions prior to 6.2.21.171. Bitdefender Endpoint Security Tools for Windows versions prior to 7.4.1.111. | |||||
| CVE-2022-27148 | 1 Gpac | 1 Gpac | 2022-04-14 | 4.3 MEDIUM | 5.5 MEDIUM |
| GPAC mp4box 1.1.0-DEV-rev1663-g881c6a94a-master is vulnerable to Integer Overflow. | |||||
| CVE-2022-26588 | 1 Icehrm | 1 Icehrm | 2022-04-14 | 4.3 MEDIUM | 6.5 MEDIUM |
| A Cross-Site Request Forgery (CSRF) in IceHrm 31.0.0.OS allows attackers to delete arbitrary users or achieve account takeover via the app/service.php URI. | |||||
| CVE-2022-27147 | 1 Gpac | 1 Gpac | 2022-04-14 | 4.3 MEDIUM | 5.5 MEDIUM |
| GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a use-after-free vulnerability in function gf_node_get_attribute_by_tag. | |||||
| CVE-2022-27146 | 1 Gpac | 1 Gpac | 2022-04-14 | 4.3 MEDIUM | 5.5 MEDIUM |
| GPAC mp4box 1.1.0-DEV-rev1759-geb2d1e6dd-has a heap-buffer-overflow vulnerability in function gf_isom_apple_enum_tag. | |||||
| CVE-2022-27145 | 1 Gpac | 1 Gpac | 2022-04-14 | 4.3 MEDIUM | 5.5 MEDIUM |
| GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a stack-overflow vulnerability in function gf_isom_get_sample_for_movie_time of mp4box. | |||||
| CVE-2022-27883 | 1 Trendmicro | 1 Antivirus For Mac | 2022-04-14 | 8.5 HIGH | 7.3 HIGH |
| A link following vulnerability in Trend Micro Antivirus for Mac 11.5 could allow an attacker to create a specially-crafted file as a symlink that can lead to privilege escalation. Please note that an attacker must at least have low-level privileges on the system to attempt to exploit this vulnerability. | |||||
| CVE-2022-26877 | 1 Asana | 1 Desktop | 2022-04-14 | 4.3 MEDIUM | 6.5 MEDIUM |
| Asana Desktop before 1.6.0 allows remote attackers to exfiltrate local files if they can trick the Asana desktop app into loading a malicious web page. | |||||
| CVE-2022-22563 | 1 Dell | 1 Emc Powerscale Onefs | 2022-04-14 | 2.1 LOW | 4.4 MEDIUM |
| Dell EMC Powerscale OneFS 8.2.x - 9.2.x omit security-relevant information in /etc/master.passwd. A high-privileged user can exploit this vulnerability to not record information identifying the source of account information changes. | |||||
| CVE-2022-26180 | 1 Qdpm | 1 Qdpm | 2022-04-14 | 6.8 MEDIUM | 8.8 HIGH |
| qdPM 9.2 allows Cross-Site Request Forgery (CSRF) via the index.php/myAccount/update URI. | |||||
| CVE-2022-26671 | 1 Secom | 2 Dr.id Access Control, Dr.id Attendance System | 2022-04-14 | 7.5 HIGH | 7.3 HIGH |
| Taiwan Secom Dr.ID Access Control system’s login page has a hard-coded credential in the source code. An unauthenticated remote attacker can use the hard-coded credential to acquire partial system information and modify system setting to cause partial disrupt of service. | |||||
| CVE-2021-36290 | 1 Dell | 10 Emc Unity Operating Environment, Vnx5200, Vnx5400 and 7 more | 2022-04-14 | 4.6 MEDIUM | 6.7 MEDIUM |
| Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability. A local malicious admin may potentially exploit vulnerability and gain privileges. | |||||
| CVE-2021-36287 | 1 Dell | 10 Emc Unity Operating Environment, Vnx5200, Vnx5400 and 7 more | 2022-04-14 | 10.0 HIGH | 9.8 CRITICAL |
| Dell VNX2 for file version 8.1.21.266 and earlier, contain an unauthenticated remote code execution vulnerability which may lead unauthenticated users to execute commands on the system. | |||||
| CVE-2021-36293 | 1 Dell | 10 Emc Unity Operating Environment, Vnx5200, Vnx5400 and 7 more | 2022-04-14 | 4.6 MEDIUM | 6.7 MEDIUM |
| Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability. A local malicious admin may potentially exploit vulnerability and gain elevated privileges. | |||||
| CVE-2022-24428 | 1 Dell | 1 Emc Powerscale Onefs | 2022-04-14 | 6.5 MEDIUM | 8.8 HIGH |
| Dell PowerScale OneFS, versions 8.2.x, 9.0.0.x, 9.1.0.x, 9.2.0.x, 9.2.1.x, and 9.3.0.x, contain an improper preservation of privileges. A remote filesystem user with a local account could potentially exploit this vulnerability, leading to an escalation of file privileges and information disclosure. | |||||
| CVE-2021-36288 | 1 Dell | 10 Emc Unity Operating Environment, Vnx5200, Vnx5400 and 7 more | 2022-04-14 | 6.4 MEDIUM | 9.1 CRITICAL |
| Dell VNX2 for File version 8.1.21.266 and earlier, contain a path traversal vulnerability which may lead unauthenticated users to read/write restricted files | |||||