Latest 7 days CVE Lists

Latest 7 days CVE Lists 피드 구독하기
This feed contains the most recent CVE cyber vulnerabilities published within the National Vulnerability Database.
업데이트: 2시간 39분 지남

CVE-2022-23664

화, 2022/05/17 - 5:15오전
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.

CVE-2022-23665

화, 2022/05/17 - 5:15오전
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.

CVE-2022-23666

화, 2022/05/17 - 5:15오전
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.

CVE-2022-1731

화, 2022/05/17 - 4:15오전
Metasonic Doc WebClient 7.0.14.0 / 7.0.12.0 / 7.0.3.0 is vulnerable to a SQL injection attack in the username field. SSO or System authentication are required to be enabled for vulnerable conditions to exist.

CVE-2021-27442

화, 2022/05/17 - 3:15오전
The Weintek cMT product line is vulnerable to a cross-site scripting vulnerability, which could allow an unauthenticated remote attacker to inject malicious JavaScript code.

CVE-2021-27444

화, 2022/05/17 - 3:15오전
The Weintek cMT product line is vulnerable to various improper access controls, which may allow an unauthenticated attacker to remotely access and download sensitive information and perform administrative actions on behalf of a legitimate administrator.

CVE-2021-27446

화, 2022/05/17 - 3:15오전
The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attacker to execute commands with root privileges on the operation system.

CVE-2021-33001

화, 2022/05/17 - 3:15오전
xArrow SCADA versions 7.2 and prior is vulnerable to cross-site scripting due to parameter ‘bdate’ of the resource xhisvalue.htm, which may allow an unauthorized attacker to execute arbitrary code.

CVE-2021-33021

화, 2022/05/17 - 3:15오전
xArrow SCADA versions 7.2 and prior is vulnerable to cross-site scripting due to parameter ‘edate’ of the resource xhisalarm.htm, which may allow an unauthorized attacker to execute arbitrary code.

CVE-2021-33025

화, 2022/05/17 - 3:15오전
xArrow SCADA versions 7.2 and prior permits unvalidated registry keys to be run with application-level privileges.

CVE-2022-1679

화, 2022/05/17 - 3:15오전
A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.

CVE-2022-30695

화, 2022/05/17 - 3:15오전
Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Snap Deploy (Windows) before build 3640

CVE-2022-30696

화, 2022/05/17 - 3:15오전
Local privilege escalation due to a DLL hijacking vulnerability. The following products are affected: Acronis Snap Deploy (Windows) before build 3640

CVE-2022-30697

화, 2022/05/17 - 3:15오전
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Snap Deploy (Windows) before build 3640

CVE-2021-23265

화, 2022/05/17 - 2:15오전
A logged-in and authenticated user with a Reviewer Role may lock a content item.

CVE-2021-23266

화, 2022/05/17 - 2:15오전
An anonymous user can craft a URL with text that ends up in the log viewer as is. The text can then include textual messages to mislead the administrator.

CVE-2021-23267

화, 2022/05/17 - 2:15오전
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker static methods.

CVE-2022-25169

화, 2022/05/17 - 2:15오전
The BPG parser in versions of Apache Tika before 1.28.2 and 2.4.0 may allocate an unreasonable amount of memory on carefully crafted files.

CVE-2022-30050

화, 2022/05/17 - 2:15오전
Gnuboard 5.55 and 5.56 is vulnerable to Cross Site Scripting (XSS) via bbs/member_confirm.php.

CVE-2022-30055

화, 2022/05/17 - 2:15오전
Prime95 30.7 build 9 suffers from a Buffer Overflow vulnerability that could lead to Remote Code Execution.

페이지