Search Results (363381 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-26507 2 Att, Schneider-electric 9 Xmill, Ecostruxure Control Expert, Ecostruxure Process Expert and 6 more 2024-11-21 9.8 Critical
A heap-based buffer overflow exists in XML Decompression DecodeTreeBlock in AT&T Labs Xmill 0.7. A crafted input file can lead to remote code execution. This is not the same as any of: CVE-2021-21810, CVE-2021-21811, CVE-2021-21812, CVE-2021-21815, CVE-2021-21825, CVE-2021-21826, CVE-2021-21828, CVE-2021-21829, or CVE-2021-21830. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
CVE-2022-26505 2 Debian, Readymedia Project 2 Debian Linux, Readymedia 2024-11-21 7.4 High
A DNS rebinding issue in ReadyMedia (formerly MiniDLNA) before 1.3.1 allows a remote web server to exfiltrate media files.
CVE-2022-26504 1 Veeam 1 Veeam Backup \& Replication 2024-11-21 8.8 High
Improper authentication in Veeam Backup & Replication 9.5U3, 9.5U4,10.x and 11.x component used for Microsoft System Center Virtual Machine Manager (SCVMM) allows attackers execute arbitrary code via Veeam.Backup.PSManager.exe
CVE-2022-26503 2 Microsoft, Veeam 2 Windows, Veeam 2024-11-21 7.8 High
Deserialization of untrusted data in Veeam Agent for Windows 2.0, 2.1, 2.2, 3.0.2, 4.x, and 5.x allows local users to run arbitrary code with local system privileges.
CVE-2022-26499 2 Debian, Digium 2 Debian Linux, Asterisk 2024-11-21 9.1 Critical
An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it's possible to send arbitrary requests (such as GET) to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2.
CVE-2022-26498 2 Debian, Digium 2 Debian Linux, Asterisk 2024-11-21 7.5 High
An issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it is possible to download files that are not certificates. These files could be much larger than what one would expect to download, leading to Resource Exhaustion. This is fixed in 16.25.2, 18.11.2, and 19.3.2.
CVE-2022-26497 1 Bigbluebutton 1 Greenlight 2024-11-21 5.4 Medium
BigBlueButton Greenlight 2.11.1 allows XSS. A threat actor could have a username containing a JavaScript payload. The payload gets executed in the browser of the victim in the "Share room access" dialog if the victim has shared access to the particular room with the attacker previously.
CVE-2022-26496 3 Debian, Fedoraproject, Network Block Device Project 3 Debian Linux, Fedora, Network Block Device 2024-11-21 9.8 Critical
In nbd-server in nbd before 3.24, there is a stack-based buffer overflow. An attacker can cause a buffer overflow in the parsing of the name field by sending a crafted NBD_OPT_INFO or NBD_OPT_GO message with an large value as the length of the name.
CVE-2022-26495 3 Debian, Fedoraproject, Network Block Device Project 3 Debian Linux, Fedora, Network Block Device 2024-11-21 9.8 Critical
In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer overflow. A value of 0xffffffff in the name length field will cause a zero-sized buffer to be allocated for the name, resulting in a write to a dangling pointer. This issue exists for the NBD_OPT_INFO, NBD_OPT_GO, and NBD_OPT_EXPORT_NAME messages.
CVE-2022-26494 1 Primekey 1 Signserver 2024-11-21 4.8 Medium
An XSS was identified in the Admin Web interface of PrimeKey SignServer before 5.8.1. JavaScript code must be used in a worker name before a Generate CSR request. Only an administrator can update a worker name.
CVE-2022-26493 1 Drupal 1 Saml Sp 2.0 Single Sign On 2024-11-21 9.8 Critical
Xecurify's miniOrange Premium, Standard, and Enterprise Drupal SAML SP modules possess an authentication and authorization bypass vulnerability. An attacker with access to a HTTP-request intercepting method is able to bypass authentication and authorization by removing the SAML Assertion Signature - impersonating existing users and existing roles, including administrative users/roles. This vulnerability is not mitigated by configuring the module to enforce signatures or certificate checks. Xecurify recommends updating miniOrange modules to their most recent versions. This vulnerability is present in paid versions of the miniOrange Drupal SAML SP product affecting Drupal 7, 8, and 9.
CVE-2022-26491 2 Debian, Pidgin 2 Debian Linux, Pidgin 2024-11-21 5.9 Medium
An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious server. The client will perform TLS certificate verification of the malicious domain name instead of the original XMPP service domain, allowing the attacker to take over control over the XMPP connection and to obtain user credentials and all communication content. This is similar to CVE-2022-24968.
CVE-2022-26488 3 Microsoft, Netapp, Python 4 Windows, Active Iq Unified Manager, Ontap Select Deploy Administration Utility and 1 more 2024-11-21 7.0 High
In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the system search path. To exploit, an administrator must have installed Python for all users and enabled PATH entries. A non-administrative user can trigger a repair that incorrectly adds user-writable paths into PATH, enabling search-path hijacking of other users and system services. This affects Python (CPython) through 3.7.12, 3.8.x through 3.8.12, 3.9.x through 3.9.10, and 3.10.x through 3.10.2.
CVE-2022-26484 1 Veritas 1 Infoscale Operations Manager 2024-11-21 4.9 Medium
An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. The web server fails to sanitize admin/cgi-bin/rulemgr.pl/getfile/ input data, allowing a remote authenticated administrator to read arbitrary files on the system via Directory Traversal. By manipulating the resource name in GET requests referring to files with absolute paths, it is possible to access arbitrary files stored on the filesystem, including application source code, configuration files, and critical system files.
CVE-2022-26483 1 Veritas 1 Infoscale Operations Manager 2024-11-21 4.8 Medium
An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. A reflected cross-site scripting (XSS) vulnerability in admin/cgi-bin/listdir.pl allows authenticated remote administrators to inject arbitrary web script or HTML into an HTTP GET parameter (which reflect the user input without sanitization).
CVE-2022-26482 1 Poly 2 Eagleeye Director Ii, Eagleeye Director Ii Firmware 2024-11-21 7.2 High
An issue was discovered in Poly EagleEye Director II before 2.2.2.1. os.system command injection can be achieved by an admin.
CVE-2022-26481 1 Poly 8 G7500, G7500 Firmware, Studio X30 and 5 more 2024-11-21 8.8 High
An issue was discovered in Poly Studio before 3.7.0. Command Injection can occur via the CN field of a Create Certificate Signing Request (CSR) action.
CVE-2022-26479 1 Poly 2 Eagleeye Director Ii, Eagleeye Director Ii Firmware 2024-11-21 9.8 Critical
An issue was discovered in Poly EagleEye Director II before 2.2.2.1. Existence of a certain file (which can be created via an rsync backdoor) causes all API calls to execute as admin without authentication.
CVE-2022-26477 1 Apache 1 Systemds 2024-11-21 7.5 High
The Security Team noticed that the termination condition of the for loop in the readExternal method is a controllable variable, which, if tampered with, may lead to CPU exhaustion. As a fix, we added an upper bound and termination condition in the read and write logic. We classify it as a "low-priority but useful improvement". SystemDS is a distributed system and needs to serialize/deserialize data but in many code paths (e.g., on Spark broadcast/shuffle or writing to sequence files) the byte stream is anyway protected by additional CRC fingerprints. In this particular case though, the number of decoders is upper-bounded by twice the number of columns, which means an attacker would need to modify two entries in the byte stream in a consistent manner. By adding these checks robustness was strictly improved with almost zero overhead. These code changes are available in versions higher than 2.2.1.
CVE-2022-26476 1 Siemens 3 Spectrum Power 4, Spectrum Power 7, Spectrum Power Microgrid Management System 2024-11-21 8.8 High
A vulnerability has been identified in Spectrum Power 4 (All versions using Shared HIS), Spectrum Power 7 (All versions using Shared HIS), Spectrum Power MGMS (All versions using Shared HIS). An unauthenticated attacker could log into the component Shared HIS used in Spectrum Power systems by using an account with default credentials. A successful exploitation could allow the attacker to access the component Shared HIS with administrative privileges.