Search Results (362544 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-42306 1 Veritas 1 Netbackup 2024-11-21 6.5 Medium
An issue was discovered in Veritas NetBackup through 8.2 and related Veritas products. An attacker with local access can send a crafted packet to pbx_exchange during registration and cause a NULL pointer exception, effectively crashing the pbx_exchange process.
CVE-2022-42305 1 Veritas 1 Netbackup 2024-11-21 5.3 Medium
An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to a Path traversal attack through the DiscoveryService service.
CVE-2022-42304 1 Veritas 1 Netbackup 2024-11-21 8 High
An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a SQL Injection attack affecting idm, nbars, and SLP manager code.
CVE-2022-42303 1 Veritas 1 Netbackup 2024-11-21 8 High
An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a second-order SQL Injection attack affecting the NBFSMCLIENT service by leveraging CVE-2022-42302.
CVE-2022-42302 1 Veritas 1 Netbackup 2024-11-21 9 Critical
An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a SQL Injection attack affecting the NBFSMCLIENT service.
CVE-2022-42301 1 Veritas 1 Netbackup 2024-11-21 5.4 Medium
An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to an XML External Entity (XXE) injection attack through the nbars process.
CVE-2022-42300 1 Veritas 1 Netbackup 2024-11-21 4.3 Medium
An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server nbars process can be crashed resulting in a denial of service. (Note: the watchdog service will automatically restart the process.)
CVE-2022-42299 1 Veritas 1 Netbackup 2024-11-21 5.3 Medium
An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to a denial of service attack through the DiscoveryService service.
CVE-2022-42250 1 Oretnom23 1 Simple Cold Storage Management System 2024-11-21 7.2 High
Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/inquiries/view_details.php?id=.
CVE-2022-42249 1 Oretnom23 1 Simple Cold Storage Management System 2024-11-21 7.2 High
Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/storages/view_storage.php?id=.
CVE-2022-42247 1 Pfsense 1 Pfsense 2024-11-21 6.1 Medium
pfSense v2.5.2 was discovered to contain a cross-site scripting (XSS) vulnerability in the browser.php component. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into a file name.
CVE-2022-42243 1 Oretnom23 1 Simple Cold Storage Management System 2024-11-21 7.2 High
Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/storages/manage_storage.php?id=.
CVE-2022-42242 1 Oretnom23 1 Simple Cold Storage Management System 2024-11-21 7.2 High
Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/classes/Master.php?f=delete_booking.
CVE-2022-42241 1 Oretnom23 1 Simple Cold Storage Management System 2024-11-21 7.2 High
Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/classes/Master.php?f=delete_message.
CVE-2022-42232 1 Oretnom23 1 Simple Cold Storage Management System 2024-11-21 7.2 High
Simple Cold Storage Management System v1.0 is vulnerable to SQL Injection via /csms/classes/Master.php?f=delete_storage.
CVE-2022-42183 1 Precisely 1 Spectrum Spatial Analyst 2024-11-21 9.1 Critical
Precisely Spectrum Spatial Analyst 20.01 is vulnerable to Server-Side Request Forgery (SSRF).
CVE-2022-42182 1 Precisely 1 Spectrum Spatial Analyst 2024-11-21 5.3 Medium
Precisely Spectrum Spatial Analyst 20.01 is vulnerable to Directory Traversal.
CVE-2022-42150 1 Tinylab 2 Cloud Lab, Linux Lab 2024-11-21 10.0 Critical
TinyLab linux-lab v1.1-rc1 and cloud-labv0.8-rc2, v1.1-rc1 are vulnerable to insecure permissions. The default configuration could cause Container Escape.
CVE-2022-42092 1 Backdropcms 1 Backdrop Cms 2024-11-21 7.2 High
Backdrop CMS 1.22.0 has Unrestricted File Upload vulnerability via 'themes' that allows attackers to Remote Code Execution. Note: Third parties dispute this and argue that advanced permissions are required.
CVE-2022-42075 1 Wedding Planner Project 1 Wedding Planner 2024-11-21 9.8 Critical
Wedding Planner v1.0 is vulnerable to arbitrary code execution.