Total
1758 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-31593 | 1 Sap | 1 Business One | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| SAP Business One client - version 10.0 allows an attacker with low privileges, to inject code that can be executed by the application. An attacker could thereby control the behavior of the application. | |||||
| CVE-2022-31179 | 2 Microsoft, Shescape Project | 2 Windows, Shescape | 2024-11-21 | N/A | 8.1 HIGH |
| Shescape is a simple shell escape package for JavaScript. Versions prior to 1.5.8 were found to be subject to code injection on windows. This impacts users that use Shescape (any API function) to escape arguments for cmd.exe on Windows An attacker can omit all arguments following their input by including a line feed character (`'\n'`) in the payload. This bug has been patched in [v1.5.8] which you can upgrade to now. No further changes are required. Alternatively, line feed characters (`'\n'`) can be stripped out manually or the user input can be made the last argument (this only limits the impact). | |||||
| CVE-2022-31126 | 1 Roxy-wi | 1 Roxy-wi | 2024-11-21 | 7.5 HIGH | 10.0 CRITICAL |
| Roxy-wi is an open source web interface for managing Haproxy, Nginx, Apache and Keepalived servers. A vulnerability in Roxy-wi allows a remote, unauthenticated attacker to code execution by sending a specially crafted HTTP request to /app/options.py file. This affects Roxy-wi versions before 6.1.1.0. Users are advised to upgrade. There are no known workarounds for this issue. | |||||
| CVE-2022-31088 | 2 Debian, Ldap-account-manager | 2 Debian Linux, Ldap Account Manager | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 the user name field at login could be used to enumerate LDAP data. This is only the case for LDAP search configuration. This issue has been fixed in version 8.0. | |||||
| CVE-2022-31014 | 1 Nextcloud | 1 Nextcloud Server | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Nextcloud server is an open source personal cloud server. Affected versions were found to be vulnerable to SMTP command injection. The impact varies based on which commands are supported by the backend SMTP server. However, the main risk here is that the attacker can then hijack an already-authenticated SMTP session and run arbitrary SMTP commands as the email user, such as sending emails to other users, changing the FROM user, and so on. As before, this depends on the configuration of the server itself, but newlines should be sanitized to mitigate such arbitrary SMTP command injection. It is recommended that the Nextcloud Server is upgraded to 22.2.8 , 23.0.5 or 24.0.1. There are no known workarounds for this issue. | |||||
| CVE-2022-2992 | 1 Gitlab | 1 Gitlab | 2024-11-21 | N/A | 9.9 CRITICAL |
| A vulnerability in GitLab CE/EE affecting all versions from 11.10 prior to 15.1.6, 15.2 to 15.2.4, 15.3 to 15.3.2 allows an authenticated user to achieve remote code execution via the Import from GitHub API endpoint. | |||||
| CVE-2022-29631 | 1 Jodd | 1 Jodd Http | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Jodd HTTP v6.0.9 was discovered to contain multiple CLRF injection vulnerabilities via the components jodd.http.HttpRequest#set and `jodd.http.HttpRequest#send. These vulnerabilities allow attackers to execute Server-Side Request Forgery (SSRF) via a crafted TCP payload. | |||||
| CVE-2022-29166 | 1 Matrix | 1 Matrix Irc Bridge | 2024-11-21 | 6.8 MEDIUM | 8.0 HIGH |
| matrix-appservice-irc is a Node.js IRC bridge for Matrix. The vulnerability in node-irc allows an attacker to manipulate a Matrix user into executing IRC commands by having them reply to a maliciously crafted message. The vulnerability has been patched in matrix-appservice-irc 0.33.2. Refrain from replying to messages from untrusted participants in IRC-bridged Matrix rooms. There are no known workarounds for this issue. | |||||
| CVE-2022-28345 | 1 Signal | 1 Signal | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The Signal app before 5.34 for iOS allows URI spoofing via RTLO injection. It incorrectly renders RTLO encoded URLs beginning with a non-breaking space, when there is a hash character in the URL. This technique allows a remote unauthenticated attacker to send legitimate looking links, appearing to be any website URL, by abusing the non-http/non-https automatic rendering of URLs. An attacker can spoof, for example, example.com, and masquerade any URL with a malicious destination. An attacker requires a subdomain such as gepj, txt, fdp, or xcod, which would appear backwards as jpeg, txt, pdf, and docx respectively. | |||||
| CVE-2022-26205 | 1 Marky Project | 1 Marky | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Marky commit 3686565726c65756e was discovered to contain a remote code execution (RCE) vulnerability via the Display text fields. This vulnerability allows attackers to execute arbitrary code via injection of a crafted payload. | |||||
| CVE-2022-25420 | 1 Nttr | 1 Goo Blog | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| NTT Resonant Incorporated goo blog App Web Application 1.0 is vulnerable to CLRF injection. This vulnerability allows attackers to execute arbitrary code via a crafted HTTP request. | |||||
| CVE-2022-25337 | 1 Ibexa | 1 Ez Platform Kernel | 2024-11-21 | 6.8 MEDIUM | 9.8 CRITICAL |
| Ibexa DXP ezsystems/ezpublish-kernel 7.5.x before 7.5.26 and 1.3.x before 1.3.12 allows injection attacks via image filenames. | |||||
| CVE-2022-24989 | 1 Terra-master | 30 F2-210, F2-221, F2-223 and 27 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| TerraMaster NAS through 4.2.30 allows remote WAN attackers to execute arbitrary code as root via the raidtype and diskstring parameters for PHP Object Instantiation to the api.php?mobile/createRaid URI. (Shell metacharacters can be placed in raidtype because popen is used without any sanitization.) The credentials from CVE-2022-24990 exploitation can be used. | |||||
| CVE-2022-24838 | 1 Nextcloud | 1 Calendar | 2024-11-21 | 7.5 HIGH | 5.3 MEDIUM |
| Nextcloud Calendar is a calendar application for the nextcloud framework. SMTP Command Injection in Appointment Emails via Newlines: as newlines and special characters are not sanitized in the email value in the JSON request, a malicious attacker can inject newlines to break out of the `RCPT TO:<BOOKING USER'S EMAIL> ` SMTP command and begin injecting arbitrary SMTP commands. It is recommended that Calendar is upgraded to 3.2.2. There are no workaround available. | |||||
| CVE-2022-24832 | 1 Thoughtworks | 1 Gocd | 2024-11-21 | 4.9 MEDIUM | 8.2 HIGH |
| GoCD is an open source a continuous delivery server. The bundled gocd-ldap-authentication-plugin included with the GoCD Server fails to correctly escape special characters when using the username to construct LDAP queries. While this does not directly allow arbitrary LDAP data exfiltration, it can allow an existing LDAP-authenticated GoCD user with malicious intent to construct and execute malicious queries, allowing them to deduce facts about other users or entries within the LDAP database (e.g alternate fields, usernames, hashed passwords etc) through brute force mechanisms. This only affects users who have a working LDAP authorization configuration enabled on their GoCD server, and only is exploitable by users authenticating using such an LDAP configuration. This issue has been fixed in GoCD 22.1.0, which is bundled with gocd-ldap-authentication-plugin v2.2.0-144. | |||||
| CVE-2022-23721 | 1 Pingidentity | 1 Pingid Integration For Windows Login | 2024-11-21 | N/A | 3.8 LOW |
| PingID integration for Windows login prior to 2.9 does not handle duplicate usernames, which can lead to a username collision when two people with the same username are provisioned onto the same machine at different times. | |||||
| CVE-2022-23701 | 1 Hpe | 2 Integrated Lights-out, Integrated Lights-out 4 | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| A potential remote host header injection security vulnerability has been identified in HPE Integrated Lights-Out 4 (iLO 4) firmware version(s): Prior to 2.60. This vulnerability could be remotely exploited to allow an attacker to supply invalid input to the iLO 4 webserver, causing it to respond with a redirect to an attacker-controlled domain. HPE has provided a firmware update to resolve this vulnerability in HPE Integrated Lights-Out 4 (iLO 4). | |||||
| CVE-2022-23616 | 1 Xwiki | 1 Xwiki | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible for an unprivileged user to perform a remote code execution by injecting a groovy script in her own profile and by calling the Reset password feature since the feature is performing a save of the user profile with programming rights in the impacted versions of XWiki. The issue has been patched in XWiki 13.1RC1. There are two different possible workarounds, each consisting of modifying the XWiki/ResetPassword page. 1. The Reset password feature can be entirely disabled by deleting the XWiki/ResetPassword page. 2. The script in XWiki/ResetPassword can also be modified or removed: an administrator can replace it with a simple email contact to ask an administrator to reset the password. | |||||
| CVE-2022-23064 | 1 Snipeitapp | 1 Snipe-it | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| In Snipe-IT, versions v3.0-alpha to v5.3.7 are vulnerable to Host Header Injection. By sending a specially crafted host header in the reset password request, it is possible to send password reset links to users which once clicked lead to an attacker controlled server and thus leading to password reset token leak. This leads to account take over. | |||||
| CVE-2022-22975 | 1 Vmware | 1 Pinniped | 2024-11-21 | 6.0 MEDIUM | 6.6 MEDIUM |
| An issue was discovered in the Pinniped Supervisor with either LADPIdentityProvider or ActiveDirectoryIdentityProvider resources. An attack would involve the malicious user changing the common name (CN) of their user entry on the LDAP or AD server to include special characters, which could be used to perform LDAP query injection on the Supervisor's LDAP query which determines their Kubernetes group membership. | |||||