Search Results (364207 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-34101 1 Crestron 1 Airmedia 2024-11-21 7.8 High
A vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a user can place a malicious DLL in a certain path to execute code and preform a privilege escalation attack.
CVE-2022-34100 1 Crestron 1 Airmedia 2024-11-21 8.8 High
A vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a low-privileged user can gain a SYSTEM level command prompt by pre-staging a file structure prior to the installation of a trusted service executable and change permissions on that file structure during a repair operation.
CVE-2022-34094 1 Softwarepublico 1 I3geo 2024-11-21 6.1 Medium
Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting (XSS) vulnerability via request_token.php.
CVE-2022-34093 1 Softwarepublico 1 I3geo 2024-11-21 6.1 Medium
Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting (XSS) vulnerability via access_token.php.
CVE-2022-34092 1 Softwarepublico 1 I3geo 2024-11-21 6.1 Medium
Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting (XSS) vulnerability via svg2img.php.
CVE-2022-34066 1 Texercise Project 1 Texercise 2024-11-21 9.8 Critical
The Texercise package in PyPI v0.0.1 to v0.0.12 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVE-2022-34065 1 Rondolu-yt-concate Project 1 Rondolu-yt-concate 2024-11-21 9.8 Critical
The Rondolu-YT-Concate package in PyPI v0.1.0 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVE-2022-34064 1 Zibal Project 1 Zibal 2024-11-21 9.8 Critical
The Zibal package in PyPI v1.0.0 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVE-2022-34061 1 Catly Translate Project 1 Catly Translate 2024-11-21 9.8 Critical
The Catly-Translate package in PyPI v0.0.3 to v0.0.5 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVE-2022-34060 1 Togglee 1 Togglee 2024-11-21 9.8 Critical
The Togglee package in PyPI version v0.0.8 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVE-2022-34059 1 Sixfab-tool Project 1 Sixfab-tool 2024-11-21 9.8 Critical
The Sixfab-Tool in PyPI v0.0.2 to v0.0.3 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVE-2022-34057 1 Scoptrial Project 1 Scoptrial 2024-11-21 9.8 Critical
The Scoptrial package in PyPI version v0.0.5 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVE-2022-34056 1 Pypi 1 Watertools 2024-11-21 9.8 Critical
The Watertools package in PyPI v0.0.0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVE-2022-34055 1 Pypi 1 Drxhello 2024-11-21 9.8 Critical
The drxhello package in PyPI v0.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVE-2022-34054 1 Pypi 1 Perdido 2024-11-21 9.8 Critical
The Perdido package in PyPI v0.0.1 to v0.0.2 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVE-2022-34053 1 Pypi 1 Dr-web-engine 2024-11-21 9.8 Critical
The DR-Web-Engine package in PyPI v0.2.0b0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVE-2022-34049 1 Wavlink 2 Wl-wn530hg4, Wl-wn530hg4 Firmware 2024-11-21 5.3 Medium
An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows unauthenticated attackers to download log files and configuration data.
CVE-2022-34048 1 Wavlink 2 Wn533a8, Wn533a8 Firmware 2024-11-21 6.1 Medium
Wavlink WN533A8 M33A8.V5030.190716 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the login_page parameter.
CVE-2022-34047 1 Wavlink 2 Wl-wn530hg4, Wl-wn530hg4 Firmware 2024-11-21 7.5 High
An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows attackers to obtain usernames and passwords via view-source:http://IP_ADDRESS/set_safety.shtml?r=52300 and searching for [var syspasswd].
CVE-2022-34046 1 Wavlink 2 Wn533a8, Wn533a8 Firmware 2024-11-21 7.5 High
An access control issue in Wavlink WN533A8 M33A8.V5030.190716 allows attackers to obtain usernames and passwords via view-source:http://IP_ADDRESS/sysinit.shtml?r=52300 and searching for [logincheck(user);].