CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2021-40644 An SQL Injection vulnerability exists in oasys oa_system as of 9/7/2021 in resources/mappers/notice-mapper.xml. | 6.5 | MEDIUM | — | 0 |
| CVE-2022-24136 Hospital Management System v1.0 is affected by an unrestricted upload of dangerous file type vulerability in treatmentrecord.php. To exploit, an attacker can upload any PHP file, and then execute it. | 9.8 | CRITICAL | — | 0 |
| CVE-2021-40645 An SQL Injection vulnerability exists in glorylion JFinalOA as of 9/7/2021 in the defkey parameter getHaveDoneTaskDataList method of the FlowTaskController. | 6.5 | MEDIUM | — | 0 |
| CVE-2021-33208 The "Register an Ehcache Configuration File" admin feature in MashZone NextGen through 10.7 GA allows XXE attacks via a malicious XML configuration file. | 7.2 | HIGH | — | 0 |
| CVE-2021-33581 MashZone NextGen through 10.7 GA has an SSRF vulnerability that allows an attacker to interact with arbitrary TCP services, by abusing the feature to check the availability of a PPM connection. This o... | 7.2 | HIGH | — | 0 |
| CVE-2021-38362 In RSA Archer 6.x through 6.9 SP3 (6.9.3.0), an authenticated attacker can make a GET request to a REST API endpoint that is vulnerable to an Insecure Direct Object Reference (IDOR) issue and retrieve... | 6.5 | MEDIUM | — | 0 |
| CVE-2021-43142 An XML External Entity (XXE) vulnerability exists in wuta jox 1.16 in the readObject method in JOXSAXBeanInput. | 9.8 | CRITICAL | — | 0 |
| CVE-2021-45900 Vivoh Webinar Manager before 3.6.3.0 has improper API authentication. When a user logs in to the administration configuration web portlet, a VIVOH_AUTH cookie is assigned so that they can be uniquely ... | 6.5 | MEDIUM | — | 0 |
| CVE-2022-23158 Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A local authenticated user with standard privilege could potentially exploit this vulnerability and provid... | 6.0 | MEDIUM | — | 0 |
| CVE-2022-24790 Puma is a simple, fast, multi-threaded, parallel HTTP 1.1 server for Ruby/Rack applications. When using Puma behind a proxy that does not properly validate that the incoming HTTP request matches the R... | 9.1 | CRITICAL | — | 0 |
| CVE-2021-33523 MashZone NextGen through 10.7 GA allows a remote authenticated user, with access to the admin console, to upload a new JDBC driver that can execute arbitrary commands on the underlying host. This occu... | 7.2 | HIGH | — | 0 |
| CVE-2021-43664 totolink EX300_v2 V4.0.3c.140_B20210429 was discovered to contain a command injection vulnerability via the component process forceugpo. | 8.1 | HIGH | — | 0 |
| CVE-2021-46006 In Totolink A3100R V5.9c.4577, "test.asp" contains an API-like function, which is not authenticated. Using this function, an attacker can configure multiple settings without authentication. | 6.5 | MEDIUM | — | 0 |
| CVE-2021-46007 totolink a3100r V5.9c.4577 is vulnerable to os command injection. The backend of a page is executing the "ping" command, and the input field does not adequately filter special symbols. This can lead t... | 9.8 | CRITICAL | — | 0 |
| CVE-2021-46008 In totolink a3100r V5.9c.4577, the hard-coded telnet password can be discovered from official released firmware. An attacker, who has connected to the Wi-Fi, can easily telnet into the target with roo... | 8.8 | HIGH | — | 0 |
| CVE-2021-46009 In Totolink A3100R V5.9c.4577, multiple pages can be read by curl or Burp Suite without authentication. Additionally, admin configurations can be set without cookies. | 9.8 | CRITICAL | — | 0 |
| CVE-2021-46010 Totolink A3100R V5.9c.4577 suffers from Use of Insufficiently Random Values via the web configuration. The SESSION_ID is predictable. An attacker can hijack a valid session and conduct further malicio... | 8.8 | HIGH | — | 0 |
| CVE-2022-25008 totolink EX300_v2 V4.0.3c.140_B20210429 and EX1200T V4.1.2cu.5230_B20210706 does not contain an authentication mechanism. | 8.8 | HIGH | — | 0 |
| CVE-2021-43661 totolink EX300_v2 V4.0.3c.140_B20210429 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /home.asp. | 6.1 | MEDIUM | — | 0 |
| CVE-2021-43662 totolink EX300_v2, ver V4.0.3c.140_B20210429 and A720R ,ver V4.1.5cu.470_B20200911 have an issue which causes uncontrolled resource consumption. | 6.5 | MEDIUM | — | 0 |
| CVE-2021-43663 totolink EX300_v2 V4.0.3c.140_B20210429 was discovered to contain a command injection vulnerability via the component cloudupdate_check. | 7.5 | HIGH | — | 0 |
| CVE-2022-26908 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 8.3 | HIGH | — | 0 |
| CVE-2022-23441 A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiEDR versions 5.0.2, 5.0.1, 5.0.0, 4.0.0 may allow an unauthenticated attacker on the network to disguise as and forge messages fro... | 9.1 | CRITICAL | — | 0 |
| CVE-2022-23446 A improper control of a resource through its lifetime in Fortinet FortiEDR version 5.0.3 and earlier allows attacker to make the whole application unresponsive via changing its root directory access p... | 4.4 | MEDIUM | — | 0 |
| CVE-2021-24009 Multiple improper neutralization of special elements used in an OS command vulnerabilities (CWE-78) in the Web GUI of FortiWAN before 4.5.9 may allow an authenticated attacker to execute arbitrary com... | 7.2 | HIGH | — | 0 |
| CVE-2021-26112 Multiple stack-based buffer overflow vulnerabilities [CWE-121] both in network daemons and in the command line interpreter of FortiWAN before 4.5.9 may allow an unauthenticated attacker to potentially... | 8.1 | HIGH | — | 0 |
| CVE-2021-26114 Multiple improper neutralization of special elements used in an SQL command vulnerabilities in FortiWAN before 4.5.9 may allow an unauthenticated attacker to execute unauthorized code or commands via ... | 9.8 | CRITICAL | — | 0 |
| CVE-2021-32593 A use of a broken or risky cryptographic algorithm vulnerability [CWE-327] in the Dynamic Tunnel Protocol of FortiWAN before 4.5.9 may allow an unauthenticated remote attacker to decrypt and forge pro... | 6.5 | MEDIUM | — | 0 |
| CVE-2021-43205 An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClient for Linux version 7.0.2 and below, 6.4.7 and below and 6.2.9 and below may allow an unauthenticated... | 4.3 | MEDIUM | — | 0 |
| CVE-2021-44169 A improper initialization in Fortinet FortiClient (Windows) version 6.0.10 and below, version 6.2.9 and below, version 6.4.7 and below, version 7.0.3 and below allows attacker to gain administrative p... | 8.2 | HIGH | — | 0 |
| CVE-2022-1237 Improper Validation of Array Index in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overfl... | 7.8 | HIGH | — | 0 |
| CVE-2022-1238 Out-of-bounds Write in libr/bin/format/ne/ne.c in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap b... | 7.8 | HIGH | — | 0 |
| CVE-2022-23440 A use of hard-coded cryptographic key vulnerability [CWE-321] in the registration mechanism of FortiEDR collectors versions 5.0.2, 5.0.1, 5.0.0, 4.0.0 may allow a local attacker to disable and uninsta... | 7.8 | HIGH | — | 0 |
| CVE-2022-1240 Heap buffer overflow in libr/bin/format/mach0/mach0.c in GitHub repository radareorg/radare2 prior to 5.8.6. If address sanitizer is disabled during the compiling, the program should executes into the... | 7.8 | HIGH | — | 0 |
| CVE-2022-26591 FANTEC GmbH MWiD25-DS Firmware v2.000.030 allows unauthenticated attackers to access and download arbitrary files via a crafted GET request. | 7.5 | HIGH | — | 0 |
| CVE-2022-1253 Heap-based Buffer Overflow in GitHub repository strukturag/libde265 prior to and including 1.0.8. The fix is established in commit 8e89fe0e175d2870c39486fdd09250b230ec10b8 but does not yet belong to a... | 9.8 | CRITICAL | — | 0 |
| CVE-2022-24786 PJSIP is a free and open source multimedia communication library written in C. PJSIP versions 2.12 and prior do not parse incoming RTCP feedback RPSI (Reference Picture Selection Indication) packet, b... | 9.8 | CRITICAL | — | 0 |
| CVE-2022-27107 OrangeHRM 4.10 is vulnerable to Stored XSS in the "Share Video" section under "OrangeBuzz" via the GET/POST "createVideo[linkAddress]" parameter | 5.4 | MEDIUM | — | 0 |
| CVE-2022-27108 OrangeHRM 4.10 is vulnerable to Insecure Direct Object Reference (IDOR) via the end point symfony/web/index.php/time/createTimesheet`. Any user can create a timesheet in another user's account. | 4.3 | MEDIUM | — | 0 |
| CVE-2022-27109 OrangeHRM 4.10 suffers from a Referer header injection redirect vulnerability. | 5.4 | MEDIUM | — | 0 |
| CVE-2022-27110 OrangeHRM 4.10 is vulnerable to a Host header injection redirect via viewPersonalDetails endpoint. | 5.4 | MEDIUM | — | 0 |
| CVE-2021-22127 An improper input validation vulnerability in FortiClient for Linux 6.4.x before 6.4.3, FortiClient for Linux 6.2.x before 6.2.9 may allow an unauthenticated attacker to execute arbitrary code on the ... | 7.1 | HIGH | — | 0 |
| CVE-2022-26605 eZiosuite v2.0.7 contains an authenticated arbitrary file upload via the Avatar upload functionality. | 8.8 | HIGH | — | 0 |
| CVE-2021-26104 Multiple OS command injection (CWE-78) vulnerabilities in the command line interface of FortiManager 6.2.7 and below, 6.4.5 and below and all versions of 6.2.x, 6.0.x and 5.6.x, FortiAnalyzer 6.2.7 an... | 7.8 | HIGH | — | 0 |
| CVE-2021-26113 A use of a one-way hash with a predictable salt vulnerability [CWE-760] in FortiWAN before 4.5.9 may allow an attacker who has previously come in possession of the password file to potentially guess p... | 6.2 | MEDIUM | — | 0 |
| CVE-2021-26116 An improper neutralization of special elements used in an OS command vulnerability in the command line interpreter of FortiAuthenticator before 6.3.1 may allow an authenticated attacker to execute una... | 6.7 | MEDIUM | — | 0 |
| CVE-2021-32585 An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiWAN before 4.5.9 may allow an attacker to perform a stored cross-site scripting attack via specifically cr... | 7.2 | HIGH | — | 0 |
| CVE-2021-41026 A relative path traversal in FortiWeb versions 6.4.1, 6.4.0, and 6.3.0 through 6.3.15 may allow an authenticated attacker to retrieve arbitrary files from the underlying filesystem via specially craft... | 6.5 | MEDIUM | — | 0 |
| CVE-2022-22410 IBM Watson Query with Cloud Pak for Data as a Service could allow an authenticated user to obtain sensitive information that would allow them to examine or alter system configurations or data sources ... | 7.2 | HIGH | — | 0 |
| CVE-2022-26607 A remote code execution (RCE) vulnerability in baigo CMS v3.0-alpha-2 was discovered to allow attackers to execute arbitrary code via uploading a crafted PHP file. | 7.2 | HIGH | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.