Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2022-39428 Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vuln... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-28814 Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 was discovered to be vulnerable to a relative path traversal vulnerability which enables remote attackers to read arb... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-36361 A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA1) (All versions), LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) (All versions), LOGO! 230RCE (6ED1052-1FB08-0BA1) (All versions), LOGO! ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-25932 The firmware of InHand Networks InRouter302 V3.5.45 introduces fixes for TALOS-2022-1472 and TALOS-2022-1474. The fixes are incomplete. An attacker can still perform, respectively, a privilege escalat... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-28812 In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of hard-coded credentials to gain SuperUser access to the device... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-37617 Prototype pollution vulnerability in function resolveShims in resolve-shims.js in thlorenz browserify-shim 3.8.15 via the k variable in resolve-shims.js. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-34569 In WAGOΒ I/O-Check Service in multiple products an attacker can send a specially crafted packet containing OS commands to crash the diagnostic tool and write memory. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-45136 Apache Jena SDB 3.17.0 and earlier is vulnerable to a JDBC Deserialisation attack if the attacker is able to control the JDBC URL used or cause the underlying database server to return malicious data.... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-45378 In the default configuration of Apache SOAP, an RPCRouterServlet is available without authentication. This gives an attacker the possibility to invoke methods on the classpath that meet certain criter... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-37616 A prototype pollution vulnerability exists in the function copy in dom.js in the xmldom (published as @xmldom/xmldom) package before 0.8.3 for Node.js via the p variable. NOTE: the vendor states "we a... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-28811 In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could utilize an improper input validation on an API-submitted parameter to exe... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-41749 In the SEOmatic plugin up to 3.4.11 for Craft CMS 3, it is possible for unauthenticated attackers to perform a Server-Side Template Injection, allowing for remote code execution. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-41661 Church Management System version 1.0 is affected by a SQL anjection vulnerability through creating a user with a PHP file as an avatar image, which is accessible through the /uploads directory. This c... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-22526 In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a missing authentication allows for full access via API. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-40138 An integer conversion error in Hermes bytecode generation, prior to commit 6aa825e480d48127b480b08d13adf70033237097, could have been used to perform Out-Of-Bounds operations and subsequently execute a... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-37601 Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils via the name variable in parseQuery.js. This affects all versions prior to 1.4.1 and 2.0.3. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-40721 Arbitrary file upload vulnerability in php uploader | 9.8 | CRITICAL | β | 0 |
| CVE-2021-40036 The bone voice ID TA has a memory overwrite vulnerability. Successful exploitation of this vulnerability may result in malicious code execution. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-35289 A write-what-where condition in hermes caused by an integer overflow, prior to commit 5b6255ae049fa4641791e47fad994e8e8c4da374 allows attackers to potentially execute arbitrary code via crafted JavaSc... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-41662 The South Gate Inn Online Reservation System v1.0 contains an SQL injection vulnerability that can be chained with a malicious PHP file upload, which is caused by improper file handling in the editImg... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-32234 An out of bounds write in hermes, while handling large arrays, prior to commit 06eaec767e376bfdb883d912cb15e987ddf2bda1 allows attackers to potentially execute arbitrary code via crafted JavaScript. N... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-33174 Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 allows remote authorization bypass in the web interface. To exploit the vulnerability, an attacker must send an H... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-33175 Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 have an insecure permissions setting on the user.token field that is accessible to everyone through the /cgi/get_... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-39328 Grafana is an open-source platform for monitoring and observability. Versions starting with 9.2.0 and less than 9.2.4 contain a race condition in the authentication middlewares logic which may allow a... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-29797 There is a buffer overflow vulnerability in CV81-WDM FW 01.70.49.29.46. Successful exploitation of this vulnerability may lead to privilege escalation. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-42889 Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", where "prefix" is used to ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-31053 Biscuit is an authentication and authorization token for microservices architectures. The Biscuit specification version 1 contains a vulnerable algorithm that allows malicious actors to forge valid Ξ-... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-22522 In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of hard-coded credentials to gain full access to the device. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-3456 Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-29525 Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 uses a hard-coded credential which may allow a remote unauthenticated attacker to log in with the root privilege and perform an arbitrary operation. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-37888 There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Netw... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-39033 Smart eVisionβs file acquisition function has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. An unauthenticated remote attacker can exploit t... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-27510 Unauthorized access to Gateway user capabilities | 9.8 | CRITICAL | β | 0 |
| CVE-2022-31446 Tenda AC18 router V15.03.05.19 and V15.03.05.05 was discovered to contain a remote code execution (RCE) vulnerability via the Mac parameter at ip/goform/WriteFacMac. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-37598 Prototype pollution vulnerability in function DEFNODE in ast.js in mishoo UglifyJS 3.13.2 via the name variable in ast.js. NOTE: the vendor considers this an invalid report. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-25167 Apache Flume versions 1.4.0 through 1.9.0 are vulnerable to a remote code execution (RCE) attack when a configuration uses a JMS Source with a JNDI LDAP data source URI when an attacker has control of... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-3203 On ORing net IAP-420(+) with FW version 2.0m a telnet server is enabled by default and cannot permanently be disabled. You can connect to the device via LAN or WiFi with hardcoded credentials and get ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-3741 Impact varies for each individual vulnerability in the application. For generation of accounts, it may be possible, depending on the amount of system resources available, to create a DoS event in the ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-3362 Insufficient Session Expiration in GitHub repository ikus060/rdiffweb prior to 2.5.0. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-35712 Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-30311 In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-refresh-request" POST request doesnβt check for port syntax. This can result in unauthorized execution of s... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-32336 Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/menus/view_menu.php?id=. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-41518 TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain a command injection vulnerability via the UploadFirmwareFile function at /cgi-bin/cstecgi.cgi. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-14131 The Xiaomi Security Center expresses heartfelt thanks to ADLab of VenusTech ! At the same time, we also welcome more outstanding and professional security experts and security teams to join the Mi Sec... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-33882 Under certain conditions, an attacker could create an unintended sphere of control through a vulnerability present in file delete operation in Autodesk desktop app (ADA). An attacker could leverage th... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-38418 Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-3218 Due to a reliance on client-side authentication, the WiFi Mouse (Mouse Server) from Necta LLC's authentication mechanism is trivially bypassed, which can result in remote code execution. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-40812 The d8s-pdfs for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-41552 Server-Side Request Forgery (SSRF) vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Data Center Analytics, Analytics probe components), Hitachi Ops Center Analyzer on Linux (Hitachi... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-35674 BigProf Online Invoicing System before 2.9 suffers from an unauthenticated SQL Injection found in /membership_passwordReset.php (the endpoint that is responsible for issuing self-service password rese... | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.