security.didici.cc
CVE-2022-21700
6 hours agoMicronaut is a JVM-based, full stack Java framework designed for building JVM web applications with support for Java, Kotlin and the Groovy language. In affected versions sending an invalid Content Type header leads to memory leak in DefaultArgumentConver ...
CVE-2022-21690
6 hours agoOnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions The path parameter of the requested URL is not sanitized before being passed to the QT f ...
CVE-2022-21692
6 hours agoOnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions anyone with access to the chat environment can write messages disguised as another chat ...
CVE-2022-21694
6 hours agoOnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. The website mode of the onionshare allows to use a hardened CSP, which will block any scripts and external re ...
CVE-2022-21691
7 hours agoOnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions chat participants can spoof their channel leave message, tricking others into assuming t ...
CVE-2022-21693
7 hours agoOnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions an adversary with a primitive that allows for filesystem access from the context of the ...
CVE-2022-21695
7 hours agoOnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions authenticated users (or unauthenticated in public mode) can send messages without being ...
CVE-2022-21673
7 hours agoGrafana is an open-source platform for monitoring and observability. In affected versions when a data source has the Forward OAuth Identity feature enabled, sending a query to that datasource with an API token (and no other user credentials) will forward ...
CVE-2022-21688
7 hours agoOnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. Affected versions of the desktop application were found to be vulnerable to denial of service via an undisclo ...
CVE-2022-21689
7 hours agoOnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions the receive mode limits concurrent uploads to 100 per second and blocks other uploads in ...
CVE-2022-23408
8 hours agowolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations. This affects connections (without AEAD) using AES-CBC or DES3 with TLS 1.1 or 1.2 or DTLS 1.1 or 1.2. This occurs because of misplaced memory initialization in BuildMessage in inter ...
CVE-2021-44839
9 hours agoAn issue was discovered in Delta RM 1.2. It is possible to request a new password for any other account using the account ID. Using the /listes/DTsendmaildata/ad
m_utilisateur/send-mail.j
son endpoint, a user can send a JSON array with user IDs that will ha ...
CVE-2021-44838
9 hours agoAn issue was discovered in Delta RM 1.2. Using the /risque/risque/ajax-detai
ls endpoint, with a POST request indicating the risk to access with the id parameter, it is possible for users to access risks of other companies.
CVE-2022-21696
9 hours agoOnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions it is possible to change the username to that of another chat participant with an additi ...
CVE-2021-44836
9 hours agoAn issue was discovered in Delta RM 1.2. The /risque/risque/workflow/r
eset endpoint is lacking access controls, and it is possible for an unprivileged user to reopen a risk with a POST request, using the risqueID parameter to identify the risk to be re-op ...
CVE-2021-44840
10 hours agoAn issue was discovered in Delta RM 1.2. Using an privileged account, it is possible to edit, create, and delete risk labels, such as Criticality and Priority Indication labels. By using the /core/table/query endpoint, and by using a POST request and indi ...
CVE-2021-46005
11 hours agoSourcecodester Car Rental Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via vehicalorcview parameter.
CVE-2021-46012
11 hours ago** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA.
CVE-2021-34404
11 hours agoAndroid images for T210 provided by NVIDIA contain a vulnerability in BROM, where failure to limit access to AHB-DMA when BROM fails may allow an unprivileged attacker with physical access to cause denial of service or impact integrity and confidentiality ...
CVE-2022-21683
11 hours agoWagtail is a Django based content management system focused on flexibility and user experience. When notifications for new replies in comment threads are sent, they are sent to all users who have replied or commented anywhere on the site, rather than only ...
CVE-2021-34406
11 hours agoNVIDIA Tegra kernel driver contains a vulnerability in NVHost, where a specific race condition can lead to a null pointer dereference, which may lead to a system reboot.
CVE-2021-46013
11 hours agoAn unrestricted file upload vulnerability exists in Sourcecodester Free school management software 1.0. An attacker can leverage this vulnerability to enable remote code execution on the affected web server. Once a php webshell containing "" gets uploaded ...
CVE-2021-34405
11 hours agoNVIDIA Linux distributions contain a vulnerability in TrustZoneâ€â„
¢s TEE_Malloc function, where an unchecked return value causing a null pointer dereference may lead to denial of service.
CVE-2021-34401
11 hours agoNVIDIA Linux kernel distributions contain a vulnerability in nvmap NVGPU_IOCTL_CHANNEL_SET_E
RROR_NOTIFIER, where improper access control may lead to code execution, compromised integrity, or denial of service.
CVE-2021-34402
11 hours agoNVIDIA Tegra kernel driver contains a vulnerability in NVIDIA NVDEC, where a user with high privileges might be able to read from or write to a memory location that is outside the intended boundary of the buffer, which may lead to denial of service, Infor ...
CVE-2021-34403
11 hours agoNVIDIA Linux distributions contain a vulnerability in nvmap ioctl, which allows any user with a local account to exploit a use-after-free condition, leading to code privilege escalation, loss of confidentiality and integrity, or denial of service.
CVE-2022-0236
12 hours agoThe WP Import Export WordPress plugin (both free and premium versions) is vulnerable to unauthenticated sensitive data disclosure due to a missing capability check on the download function wpie_process_file_downloa
d found in the ~/includes/classes/class-
w ...
CVE-2022-0154
12 hours agoAn issue has been discovered in GitLab affecting all versions starting from 7.7 before 14.4.5, all versions starting from 14.5.0 before 14.5.3, all versions starting from 14.6.0 before 14.6.2. GitLab was vulnerable to a Cross-Site Request Forgery attack t ...
CVE-2022-0244
12 hours agoAn issue has been discovered in GitLab CE/EE affecting all versions starting with 14.5. Arbitrary file read was possible by importing a group was due to incorrect handling of file.
CVE-2022-0210
12 hours agoThe Random Banner WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the category parameter found in the ~/include/models/model.ph
p file which allowed attackers with administrative user access to inject arbitrar ...
CVE-2022-0172
12 hours agoAn issue has been discovered in GitLab CE/EE affecting all versions starting with 12.3. Under certain conditions it was possible to bypass the IP restriction for public projects through GraphQL allowing unauthorised users to read titles of issues, merge r ...
CVE-2022-0232
12 hours agoThe User Registration, Login & Landing Pages WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the loader_text parameter found in the ~/includes/templates/land
ing-page.php file which allows attackers with admin ...
CVE-2022-0215
12 hours agoThe Login/Signup Popup, Waitlist Woocommerce ( Back in stock notifier ), and Side Cart Woocommerce (Ajax) WordPress plugins by XootiX are vulnerable to Cross-Site Request Forgery via the save_settings function found in the ~/includes/xoo-framework/
admin/c ...
CVE-2022-0152
12 hours agoAn issue has been discovered in GitLab affecting all versions starting from 13.10 before 14.4.5, all versions starting from 14.5.0 before 14.5.3, all versions starting from 14.6.0 before 14.6.2. GitLab was vulnerable to unauthorized access to some particu ...
CVE-2022-0233
12 hours agoThe ProfileGrid – User Profiles, Memberships, Groups and Communities WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the pm_user_avatar and pm_cover_image parameters found in the ~/admin/class-profile- ...
CVE-2022-23083
12 hours agoNetMaster 12.2 Network Management for TCP/IP and NetMaster File Transfer Management contain a XSS (Cross-Site Scripting) vulnerability in ReportCenter UI due to insufficient input validation that could potentially allow an attacker to execute code on the ...
CVE-2022-22691
12 hours agoThe password reset component deployed within Umbraco uses the hostname supplied within the request host header when building a password reset URL. It may be possible to manipulate the URL sent to Umbraco users when so that it points to the attackers serve ...
CVE-2022-22690
12 hours agoWithin the Umbraco CMS, a configuration element named "UmbracoApplicationU
rl" (or just "ApplicationUrl"
;) is used whenever application code needs to build a URL pointing back to the site. For example, when a user resets their password and the application b ...
CVE-2021-41809
12 hours agoSSRF vulnerability in M-Files Server products with versions before 22.1.11017.1, in a preview function allowed making queries from the server with certain document types referencing external entities.
CVE-2021-43353
12 hours agoThe Crisp Live Chat WordPress plugin is vulnerable to Cross-Site Request Forgery due to missing nonce validation via the crisp_plugin_settings_pag
e function found in the ~/crisp.php file, which made it possible for attackers to inject arbitrary web script ...
CVE-2021-4074
12 hours agoThe WHMCS Bridge WordPress plugin is vulnerable to Stored Cross-Site Scripting via the cc_whmcs_bridge_url parameter found in the ~/whmcs-bridge/bridge_cp.
php file which allows attackers to inject arbitrary web scripts, in versions up to and including 6.1 ...
CVE-2021-4083
12 hours agoA read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to cr ...
CVE-2022-0090
12 hours agoAn issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, and between 14.6.0 and 14.6.1. GitLab is configured in a way that it doesn't ignore replacement references with git sub-commands, allowing a malicious user ...
CVE-2022-0093
12 hours agoAn issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, and between 14.6.0 and 14.6.1. GitLab allows a user with an expired password to access sensitive information through RSS feeds.
CVE-2022-0124
12 hours agoAn issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, and between 14.6.0 and 14.6.1. Gitlab's Slack integration is incorrectly validating user input and allows to craft malicious URLs that are sent to slack.
CVE-2022-0125
12 hours agoAn issue has been discovered in GitLab affecting all versions starting from 12.0 before 14.4.5, all versions starting from 14.5.0 before 14.5.3, all versions starting from 14.6.0 before 14.6.2. GitLab was not verifying that a maintainer of a project had t ...
CVE-2022-0151
12 hours agoAn issue has been discovered in GitLab affecting all versions starting from 12.10 before 14.4.5, all versions starting from 14.5.0 before 14.5.3, all versions starting from 14.6.0 before 14.6.2. GitLab was not correctly handling requests to delete existin ...
CVE-2021-39946
12 hours agoImproper neutralization of user input in GitLab CE/EE versions 14.3 to 14.3.6, 14.4 to 14.4.4, and 14.5 to 14.5.2 allowed an attacker to exploit XSS by abusing the generation of the HTML code related to emojis
CVE-2021-39942
12 hours agoA denial of service vulnerability in GitLab CE/EE affecting all versions starting from 12.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allows low-privileged users to bypass file size limits ...
CVE-2021-41808
12 hours agoIn M-Files Server product with versions before 21.11.10775.0, enabling logging of Federated authentication to event log wrote sensitive information to log. Mitigating factors are logging is disabled by default.
CVE-2021-41807
12 hours agoLack of rate limiting in M-Files Server and M-Files Web products with versions before 21.12.10873.0 in certain type of user accounts allows unlimited amount of attempts and therefore makes brute-forcing login accounts easier.
CVE-2021-29632
12 hours agoIn FreeBSD 13.0-STABLE before n247428-9352de39c3dc, 12.2-STABLE before r370674, 13.0-RELEASE before p6, and 12.2-RELEASE before p12, certain conditions involving use of the highlight buffer while text is scrolling on the console, console data may overwrit ...
CVE-2021-29872
12 hours agoIBM Cloud Pak for Automation 21.0.1 and 21.0.2 - Business Automation Studio Component is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. By sending a specially crafted HTTP request, a remote attacker could ...
CVE-2020-14110
12 hours agoAX3600 router sensitive information leaked.There is an unauthorized interface through luci to obtain sensitive information and log in to the web background.
CVE-2021-29215
12 hours agoA potential security vulnerability in HPE Ezmeral Data Fabric that may allow a remote access restriction bypass in the TEZ MapR ecosystem component was discovered in version(s): Prior to Tez-0.8: mapr-tez-0.8.201907081100
-1.noarch; prior to Tez-0.9: mapr- ...
CVE-2021-39927
12 hours agoServer side request forgery protections in GitLab CE/EE versions between 8.4 and 14.4.x, between 14.5.0 and 14.5.x, and between 14.6.0 and 14.6.x would fail to protect against attacks sending requests to localhost on port 80 or 443 if GitLab was configure ...
CVE-2021-37867
12 hours agoMattermost Boards plugin v0.10.0 and earlier fails to protect email addresses of all users via one of the Boards APIs, which allows authenticated and unauthorized users to access this information resulting in sensitive & private information disclosure.
CVE-2021-37866
12 hours agoMattermost Boards plugin v0.10.0 and earlier fails to invalidate a session on the server-side when a user logged out of Boards, which allows an attacker to reuse old session token for authorization.
CVE-2021-37865
12 hours agoMattermost 6.2 and earlier fails to sufficiently process a specifically crafted GIF file when it is uploaded while drafting a post, which allows authenticated users to cause resource exhaustion while processing the file, resulting in server-side Denial of ...
CVE-2021-37864
12 hours agoMattermost 6.1 and earlier fails to sufficiently validate permissions while viewing archived channels, which allows authenticated users to view contents of archived channels even when this is denied by system administrators by directly accessing the APIs.
CVE-2020-14107
12 hours agoA stack overflow in the HTTP server of Cast can be exploited to make the app crash in LAN.
CVE-2021-39892
12 hours agoIn all versions of GitLab CE/EE since version 12.0, a lower privileged user can import users from projects that they don't have a maintainer role on and disclose email addresses of those users.
CVE-2022-23305
13 hours agoBy design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipu ...
CVE-2022-23307
13 hours agoCVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists.
CVE-2022-0263
13 hours agoUnrestricted Upload of File with Dangerous Type in Packagist pimcore/pimcore prior to 10.2.7.
CVE-2022-23302
13 hours agoJMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a ...
CVE-2022-0262
13 hours agoCross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore prior to 10.2.7.
CVE-2022-0261
13 hours agoHeap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVE-2021-4146
13 hours agoBusiness Logic Errors in GitHub repository pimcore/pimcore prior to 10.2.6.
CVE-2021-38696
14 hours agoSoftVibe SARABAN for INFOMA 1.1 has Incorrect Access Control vulnerability, that allows attackers to access signature files on the application without any authentication.
CVE-2021-38697
14 hours agoSoftVibe SARABAN for INFOMA 1.1 allows Unauthenticated unrestricted File Upload, that allows attackers to upload files with any file extension which can lead to arbitrary code execution.
CVE-2021-41550
14 hours agoLeostream Connection Broker 9.0.40.17 allows administrator to upload and execute Perl code.
CVE-2022-0260
14 hours agoCross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.2.7.
CVE-2021-44217
14 hours agoIn Ericsson CodeChecker through 6.18.0, a Stored Cross-site scripting (XSS) vulnerability in the comments component of the reports viewer allows remote attackers to inject arbitrary web script or HTML via the POST JSON data of the /CodeCheckerService API.
CVE-2021-41551
14 hours agoLeostream Connection Broker 9.0.40.17 allows administrators to conduct directory traversal attacks by uploading z ZIP file that contains a symbolic link.
CVE-2021-38695
14 hours agoSoftVibe SARABAN for INFOMA 1.1 is vulnerable to stored cross-site scripting (XSS) that allows users to store scripts in certain fields (e.g. subject, description) of the document form.
CVE-2021-38785
15 hours agoThere is a NULL pointer deference in the Allwinner R818 SoC Android Q SDK V1.0 camera driver /dev/cedar_dev that could use the ioctl cmd IOCTL_GET_IOMMU_ADDR to cause a system crash.
CVE-2021-38694
15 hours agoSoftVibe SARABAN for INFOMA 1.1 allows SQL Injection.
CVE-2021-38784
15 hours agoThere is a NULL pointer dereference in the syscall open_exec function of Allwinner R818 SoC Android Q SDK V1.0 that could executable a malicious file to cause a system crash.
CVE-2021-22566
15 hours agoAn incorrect setting of UXN bits within mmu_flags_to_s1_pte_attr lead to privileged executable pages being mapped as executable from an unprivileged context. This can be leveraged by an attacker to bypass executability restrictions of kernel-mode pages fr ...
CVE-2021-33965
16 hours agoChina Mobile An Lianbao WF-1 V1.0.1 router provides a web interface /api/ZRMesh/set_ZRMesh which receives parameters by POST request, and the parameter mesh_enable and mesh_device have a command injection vulnerability. An attacker can use the vulnerabili ...
CVE-2021-38783
16 hours agoThere is a Out-of-Bound Write in the Allwinner R818 SoC Android Q SDK V1.0 camera driver "/dev/cedar_dev"
; through iotcl cmd IOCTL_SET_PROC_INFO and IOCTL_COPY_PROC_INFO, which could cause a system crash or EoP.
CVE-2021-45394
17 hours agoAn issue was discovered in Spipu HTML2PDF before 5.2.4. Attackers can trigger deserialization of arbitrary data via the injection of a malicious tag in the converted HTML document.
CVE-2021-33964
17 hours agoChina Mobile An Lianbao WF-1 V1.0.1 router provides a web interface /api/ZRRuleFilter/set_fir
ewall_level which receives parameters by POST request, and the parameter firewall_level has a command injection vulnerability. An attacker can use the vulnerabili ...
CVE-2021-44757
19 hours agoZoho ManageEngine Desktop Central before 10.1.2137.9 and Desktop Central MSP before 10.1.2137.9 allow attackers to bypass authentication, and read sensitive information or upload an arbitrary ZIP archive to the server.
CVE-2022-0245
23 hours agoCross-Site Request Forgery (CSRF) in GitHub repository livehelperchat/livehelper
chat prior to 2.0.
CVE-2022-22703
1 day agoIn Stormshield SSO Agent 2.x before 2.1.1 and 3.x before 3.0.2, the cleartext user password and PSK are contained in the log file of the .exe installer.
CVE-2021-42357
1 day agoWhen using Apache Knox SSO prior to 1.6.1, a request could be crafted to redirect a user to a malicious page due to improper URL parsing. A request that included a specially crafted request parameter could be used to redirect the user to a page controlled ...
CVE-2022-0242
1 day agoUnrestricted Upload of File with Dangerous Type in GitHub repository crater-invoice/crater prior to 6.0.
CVE-2021-38965
1 day agoIBM FileNet Content Manager 5.5.4, 5.5.6, and 5.5.7 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 212346.
CVE-2021-33040
1 day agomanagers/views/iframe.js in FuturePress EPub.js before 0.3.89 allows XSS.
CVE-2022-0257
1 day agopimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2022-0256
1 day agopimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2022-0258
1 day agopimcore is vulnerable to Improper Neutralization of Special Elements used in an SQL Command
CVE-2022-0253
1 day agolivehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2022-0240
1 day agomruby is vulnerable to NULL Pointer Dereference
CVE-2021-3862
1 day agoicecoder is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-4164
1 day agocalibre-web is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-25061
1 day agoThe WP Booking System WordPress plugin before 2.0.15 was affected by a reflected xss in wp-booking-system on the wpbs-calendars admin page.
CVE-2021-25065
1 day agoThe Smash Balloon Social Post Feed WordPress plugin before 4.1.1 was affected by a reflected XSS in custom-facebook-feed in cff-top admin page.