CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2021-25947 Prototype pollution vulnerability in 'nestie' versions 0.0.0 through 1.0.0 allows an attacker to cause a denial of service and may lead to remote code execution. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-28018 Exim 4 before 4.94.2 allows Use After Free in smtp_reset in certain situations that may be common for builds with OpenSSL. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-26461 Apache Nuttx Versions prior to 10.1.0 are vulnerable to integer wrap-around in functions malloc, realloc and memalign. This improper memory assignment can lead to arbitrary memory allocation, resultin... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-29214 SQL injection vulnerability in SourceCodester Alumni Management System 1.0 allows the user to inject SQL payload to bypass the authentication via admin/login.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-22807 An issue was dicovered in vtiger crm 7.2. Union sql injection in the calendar exportdata feature. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-28017 Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow in receive_add_recipient via an e-mail message with fifty million recipients. NOTE: remote exploitation may be difficult because of reso... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-28834 Kramdown before 2.3.1 does not restrict Rouge formatters to the Rouge::Formatters namespace, and thus arbitrary classes can be instantiated. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-22859 The usersβ data querying function of EIC e-document system does not filter the special characters which resulted in remote attackers can inject SQL syntax and execute arbitrary commands without privil... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-27388 SINAMICS medium voltage routable products are affected by a vulnerability in the Sm@rtServer component for remote access that could allow an unauthenticated attacker to cause a denial-of-service condi... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-23306 There is a stack-overflow at ecma-regexp-object.c:535 in ecma_regexp_match in JerryScript 2.2.0. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-21984 VMware vRealize Business for Cloud 7.x prior to 7.6.0 contains a remote code execution vulnerability due to an unauthorised end point. A malicious actor with network access may exploit this issue caus... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-33622 Sylabs Singularity 3.5.x and 3.6.x, and SingularityPRO before 3.5-8, has an Incorrect Check of a Function's Return Value. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-34170 Bandai Namco FromSoftware Dark Souls III allows remote attackers to execute arbitrary code. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-24037 A use after free in hermes, while emitting certain error messages, prior to commit d86e185e485b6330216dee8e854455c694e3a36e allows attackers to potentially execute arbitrary code via crafted JavaScrip... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-22679 The affected product is vulnerable to an integer overflow while processing HTTP headers, which may allow an attacker to remotely execute code on the SimpleLink Wi-Fi (MSP432E4 SDK: v4.20.00.12 and pri... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-19114 SQL Injection vulnerability in Online Book Store v1.0 via the publisher parameter to edit_book.php, which could let a remote malicious user execute arbitrary code. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-22671 Multiple integer overflow issues exist while processing long domain names, which may allow an attacker to remotely execute code on the SimpleLink Wi-Fi (MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-35430 SQL Injection in com/inxedu/OS/edu/controller/letter/AdminMsgSystemController in Inxedu v2.0.6 via the ids parameter to admin/letter/delsystem. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-21452 An issue was discovered in uniview ISC2500-S. This is an upload vulnerability where an attacker can upload malicious code via /Interface/DevManage/EC.php?cmd=upload | 9.8 | CRITICAL | β | 0 |
| CVE-2021-24314 The Goto WordPress theme before 2.1 did not sanitise, validate of escape the keywords GET parameter from its listing page before using it in a SQL statement, leading to an Unauthenticated SQL injectio... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-34946 Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getexpproduct.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-34947 Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at editcategory.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-35525 WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameter led_switch, which leads to command injection in page /ledonoff.shtml. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-35620 D-LINK DIR-818LW A1:DIR818L_FW105b01 was discovered to contain a remote code execution (RCE) vulnerability via the function binary.soapcgi_main. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-35619 D-LINK DIR-818LW A1:DIR818L_FW105b01 was discovered to contain a remote code execution (RCE) vulnerability via the function ssdpcgi_main. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-32292 In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in received_data to execute code. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-34948 Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at editbrand.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-30285 In Quest KACE Systems Management Appliance (SMA) through 12.0, a hash collision is possible during authentication. This may allow authentication with invalid credentials. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-29807 A SQL injection vulnerability exists within Quest KACE Systems Management Appliance (SMA) through 12.0 that can allow for remote code execution via download_agent_installer.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-35223 EasyUse MailHunter Ultimateβs cookie deserialization function has an inadequate validation vulnerability. Deserializing a cookie containing malicious payload will trigger this insecure deserialization... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-34613 Mealie 1.0.0beta3 contains an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-34949 Pharmacy Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities via the email or password parameter at login.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-34950 Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at editproduct.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-28451 This affects the package image-tiler before 2.0.2. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-34945 Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getproductreport.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-35422 Web Based Quiz System v1.0 was discovered to contain a SQL injection vulnerability via the qid parameter at update.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-28423 This affects all versions of package monorepo-build. | 9.8 | CRITICAL | β | 0 |
| CVE-2017-20039 A vulnerability was found in SICUNET Access Controller 0.32-05z. It has been classified as very critical. This affects an unknown part. The manipulation leads to weak authentication. It is possible to... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-38394 Use of hard-coded credentials for the telnet server of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote unauthenticated attacker to execute an arbitrary OS command. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-36672 Novel-Plus v3.6.2 was discovered to contain a hard-coded JWT key located in the project config file. This vulnerability allows attackers to create a custom user session. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-37130 In D-Link DIR-816 A2_v1.10CNB04, DIR-878 DIR_878_FW1.30B08.img a command injection vulnerability occurs in /goform/Diagnosis, after the condition is met, setnum will be spliced into v10 by snprintf, a... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-37125 D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Command injection via /goform/NTPSyncWithHost. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-36202 Doctor's Appointment System1.0 is vulnerable to Incorrect Access Control via edoc/patient/settings.php. The settings.php is affected by Broken Access Control (IDOR) via id= parameter. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-36201 Doctorβs Appointment System v1.0 is vulnerable to Blind SQLi via settings.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-41749 In the SEOmatic plugin up to 3.4.11 for Craft CMS 3, it is possible for unauthenticated attackers to perform a Server-Side Template Injection, allowing for remote code execution. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-37128 In D-Link DIR-816 A2_v1.10CNB04.img the network can be initialized without authentication via /goform/wizard_end. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-36566 Rengine v1.3.0 was discovered to contain a command injection vulnerability via the scan engine function. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-30318 Honeywell ControlEdge through R151.1 uses Hard-coded Credentials. According to FSCT-2022-0056, there is a Honeywell ControlEdge hardcoded credentials issue. The affected components are characterized a... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-29525 Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 uses a hard-coded credential which may allow a remote unauthenticated attacker to log in with the root privilege and perform an arbitrary operation. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-2466 It was found that Quarkus 2.10.x does not terminate HTTP requests header context which may lead to unpredictable behavior. | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.