Vulnerability feed
CONTRIBUTE

Vulnerability Feed

Exploitations

Vulnerability IDDescriptionDate of first report of exploitationAll reports that were made to a vulnerability
CVE-2022-32893

This vulnerability has not been published at NVD yet. This is normal, it does often take NVD time to publish vulnerabilities as they only publish confirmed ones. If a vulnerability is found in the wild often the report will be much earlier than NVD publishes the vulnerability

08/17/2022
08/17/2022
CVE-2022-32894

This vulnerability has not been published at NVD yet. This is normal, it does often take NVD time to publish vulnerabilities as they only publish confirmed ones. If a vulnerability is found in the wild often the report will be much earlier than NVD publishes the vulnerability

08/17/2022
08/17/2022
CVE-2022-0028

A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. The DoS attack would appear to originate from a Palo Alto Networks PA-Series (hardware), VM-Series (virtual) and CN-Series (container) firewall against an attacker-specified target. To be misused by an external attacker, the firewall configuration must have a URL filtering profile with one or more blocked categories assigned to a source zone that has an external facing interface. This configuration is not typical for URL filtering and, if set, is likely unintended by the administrator. If exploited, this issue would not impact the confidentiality, integrity, or availability of our products. However, the resulting denial-of-service (DoS) attack may help obfuscate the identity of the attacker and implicate the firewall as the source of the attack. We have taken prompt action to address this issue in our PAN-OS software. All software updates for this issue are expected to be released no later than the week of August 15, 2022. This issue does not impact Panorama M-Series or Panorama virtual appliances. This issue has been resolved for all Cloud NGFW and Prisma Access customers and no additional action is required from them.

08/12/2022
08/12/2022
CVE-2022-27925

Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. An authenticated user with administrator rights has the ability to upload arbitrary files to the system, leading to directory traversal.

08/11/2022
08/11/2022
CVE-2022-37042

Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. By bypassing authentication (i.e., not having an authtoken), an attacker can upload arbitrary files to the system, leading to directory traversal and remote code execution. NOTE: this issue exists because of an incomplete fix for CVE-2022-27925.

08/11/2022
08/11/2022
CVE-2022-30333

RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.

08/09/2022
08/09/2022
CVE-2022-34713

Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-35743.

08/09/2022
08/09/2022
08/09/2022
CVE-2022-27924

Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 allows an unauthenticated attacker to inject arbitrary memcache commands into a targeted instance. These memcache commands becomes unescaped, causing an overwrite of arbitrary cached entries.

08/04/2022
08/04/2022
CVE-2022-26138

The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit this to log into Confluence and access all content accessible to users in the confluence-users group. This user account is created when installing versions 2.7.34, 2.7.35, and 3.0.2 of the app.

07/24/2022
07/24/2022
CVE-2022-36408

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-31181. Reason: This candidate is a duplicate of CVE-2022-31181. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2022-31181 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

07/22/2022
07/22/2022
CVE-2022-33891

The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable. With an authentication filter, this checks whether a user has access permissions to view or modify the application. If ACLs are enabled, a code path in HttpSecurityFilter can allow someone to perform impersonation by providing an arbitrary user name. A malicious user might then be able to reach a permission check function that will ultimately build a Unix shell command based on their input, and execute it. This will result in arbitrary shell command execution as the user Spark is currently running as. This affects Apache Spark versions 3.0.3 and earlier, versions 3.1.1 to 3.1.2, and versions 3.2.0 to 3.2.1.

07/21/2022
07/21/2022
CVE-2022-2856

This vulnerability has not been published at NVD yet. This is normal, it does often take NVD time to publish vulnerabilities as they only publish confirmed ones. If a vulnerability is found in the wild often the report will be much earlier than NVD publishes the vulnerability

07/19/2022
08/16/2022
07/19/2022
CVE-2021-24284

The Kaswara Modern VC Addons WordPress plugin through 3.0.1 allows unauthenticated arbitrary file upload via the 'uploadFontIcon' AJAX action. The supplied zipfile being unzipped in the wp-content/uploads/kaswara/fonts_icon directory with no checks for malicious files such as PHP.

07/13/2022
07/13/2022
CVE-2022-22047

Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22026, CVE-2022-22049.

07/12/2022
07/12/2022
07/12/2022
07/12/2022
07/12/2022
CVE-2022-2294

Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

07/01/2022
07/04/2022
07/04/2022
07/04/2022
07/04/2022
07/01/2022
CVE-2018-4344

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

06/27/2022
06/27/2022
CVE-2019-8605

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A malicious application may be able to execute arbitrary code with system privileges.

06/27/2022
06/27/2022
CVE-2020-3837

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with kernel privileges.

06/27/2022
06/27/2022
CVE-2020-9907

A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8. An application may be able to execute arbitrary code with kernel privileges.

06/27/2022
06/27/2022
CVE-2021-4034

A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.

06/27/2022
06/27/2022
06/27/2022

Exploits

Vulnerability IDDescriptionDate of publishingLink to exploit
CVE-2022-33988

dproxy-nexgen (aka dproxy nexgen) re-uses the DNS transaction id (TXID) value from client queries, which allows attackers (able to send queries to the resolver) to conduct DNS cache-poisoning attacks because the TXID value is known to the attacker.

08/17/2022https://www.openwall.com/lists/oss-security/2022/08/14/3
CVE-2021-30490

upsMonitor in ViewPower (aka ViewPowerHTML) 1.04-21012 through 1.04-21353 has insecure permissions for the service binary that enable an Authenticated User to modify files, allowing for privilege escalation.

08/17/2022https://www.0x90.zone/binary/reverse/exploitation/2020/08/16/Privilege-Escalation-ViewPower.html
CVE-2022-34294

totd 1.5.3 uses a fixed UDP source port in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks.

08/17/2022https://www.openwall.com/lists/oss-security/2022/08/14/2
CVE-2022-36272

Mingsoft MCMS 5.2.8 was discovered to contain a SQL injection vulnerability in /mdiy/page/verify URI via fieldName parameter.

08/17/2022https://github.com/ming-soft/MCMS/issues/97
CVE-2022-36273

Tenda AC9 V15.03.2.21_cn is vulnerable to command injection via goform/SetSysTimeCfg.

08/17/2022https://github.com/F0und-icu/CVEIDs/tree/main/TendaAC9
CVE-2022-35113

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via swf_DefineLosslessBitsTagToImage at /modules/swfbits.c.

08/17/2022https://github.com/matthiaskramm/swftools/issues/185
CVE-2022-35100

SWFTools commit 772e55a2 was discovered to contain a segmentation violation via gfxline_getbbox at /lib/gfxtools.c.

08/17/2022https://github.com/matthiaskramm/swftools/issues/182
CVE-2022-35114

SWFTools commit 772e55a2 was discovered to contain a segmentation violation via extractFrame at /readers/swf.c.

08/17/2022https://github.com/matthiaskramm/swftools/issues/185
CVE-2022-36150

tifig v0.2.2 was discovered to contain a heap-buffer overflow via __asan_memmove at /asan/asan_interceptors_memintrinsics.cpp.

08/17/2022https://github.com/monostream/tifig/issues/68
CVE-2022-36149

tifig v0.2.2 was discovered to contain a heap-use-after-free via temInfoEntry().

08/17/2022https://github.com/monostream/tifig/issues/70
CVE-2022-36153

tifig v0.2.2 was discovered to contain a segmentation violation via std::vector<unsigned int, std::allocator<unsigned int> >::size() const at /bits/stl_vector.h.

08/17/2022https://github.com/monostream/tifig/issues/71
CVE-2022-36151

tifig v0.2.2 was discovered to contain a segmentation violation via getType() at /common/bbox.cpp.

08/17/2022https://github.com/monostream/tifig/issues/69
CVE-2022-36155

tifig v0.2.2 was discovered to contain a resource allocation issue via operator new(unsigned long) at asan_new_delete.cpp.

08/17/2022https://github.com/monostream/tifig/issues/73
CVE-2022-36152

tifig v0.2.2 was discovered to contain a memory leak via operator new[](unsigned long) at /asan/asan_new_delete.cpp.

08/17/2022https://github.com/monostream/tifig/issues/72
CVE-2022-35477

OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fe954.

08/17/2022https://cvjark.github.io/2022/07/06/CVE-2022-33047/
CVE-2022-2847

A vulnerability, which was classified as critical, has been found in SourceCodester Guest Management System. This issue affects some unknown processing of the file /guestmanagement/front.php. The manipulation of the argument rid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206489 was assigned to this vulnerability.

08/17/2022https://s1.ax1x.com/2022/08/13/vtDZfe.png
CVE-2022-2847

A vulnerability, which was classified as critical, has been found in SourceCodester Guest Management System. This issue affects some unknown processing of the file /guestmanagement/front.php. The manipulation of the argument rid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206489 was assigned to this vulnerability.

08/17/2022https://vuldb.com/?id.206489
CVE-2022-35482

OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x65f724.

08/17/2022https://cvjark.github.io/2022/07/06/CVE-2022-33047/
CVE-2022-35481

OTFCC v0.10.4 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S.

08/17/2022https://cvjark.github.io/2022/07/06/CVE-2022-33047/
CVE-2022-35479

OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fbbb6.

08/17/2022https://cvjark.github.io/2022/07/06/CVE-2022-33047/
Vulnerability FeedContributorsAboutBlog

@inTheWild

©2022

Privacy Policy