CVE & Exploit Intelligence Database

CVE-2022-24742 5.0 MEDIUM EPSS 0.00

Sylius is an open source eCommerce platform. Prior to versions 1.9.10, 1.10.11, and 1.11.2, any other user can view the data if browser tab remains unclosed after log out. The issue is fixed in versions 1.9.10, 1.10.11, and 1.11.2. A workaround is available. The application must strictly redirect to login page even browser back button is pressed. Another possibility is to set more strict cache policies for restricted content.

CWE-200 Mar 14, 2022

CVE-2022-0815 6.5 MEDIUM EPSS 0.00

Improper access control vulnerability in McAfee WebAdvisor Chrome and Edge browser extensions up to 8.1.0.1895 allows a remote attacker to gain access to McAfee WebAdvisor settings and other details about the user’s system. This could lead to unexpected behaviors including; settings being changed, fingerprinting of the system leading to targeted scams, and not triggering the malicious software if McAfee software is detected.

CWE-668 Mar 10, 2022

CVE-2022-26355 4.4 MEDIUM EPSS 0.00

Citrix Federated Authentication Service (FAS) 7.17 - 10.6 causes deployments that have been configured to store a registration authority certificate's private key in a Trusted Platform Module (TPM) to incorrectly store that key in the Microsoft Software Key Storage Provider (MSKSP). This issue only occurs if PowerShell was used when configuring FAS to store the registration authority certificate’s private key in the TPM. It does not occur if the TPM was not selected for use or if the FAS administration console was used for configuration.

CWE-668 Mar 10, 2022

CVE-2021-28488 6.5 MEDIUM EPSS 0.01

Ericsson Network Manager (ENM) before 21.2 has incorrect access-control behavior (that only affects the level of access available to persons who were already granted a highly privileged role). Users in the same AMOS authorization group can retrieve managed-network data that was not set to be accessible to the entire group (i.e., was only set to be accessible to a subset of that group).

CWE-668 Mar 10, 2022

CVE-2022-24747 6.3 MEDIUM 1 Writeup EPSS 0.00

Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. Affected versions of shopware do no properly set sensitive HTTP headers to be non-cacheable. If there is an HTTP cache between the server and client then headers may be exposed via HTTP caches. This issue has been resolved in version 6.4.8.2. There are no known workarounds.

CWE-200 Mar 09, 2022

CVE-2022-24986 7.8 HIGH EPSS 0.00

KDE KCron through 21.12.2 uses a temporary file in /tmp when saving, but reuses the filename during an editing session. Thus, someone watching it be created the first time could potentially intercept the file the following time, enabling that person to run unauthorized commands.

CWE-362 Feb 26, 2022

CVE-2022-23835 8.1 HIGH 2 PoCs Analysis EPSS 0.00

The Visual Voice Mail (VVM) application through 2022-02-24 for Android allows persistent access if an attacker temporarily controls an application that has the READ_SMS permission, and reads an IMAP credentialing message that is (by design) not displayed to the victim within the AOSP SMS/MMS messaging application. (Often, the IMAP credentials are usable to listen to voice mail messages sent before the vulnerability was exploited, in addition to new ones.) NOTE: some vendors characterize this as not a "concrete and exploitable risk.

CWE-668 Feb 25, 2022

CVE-2022-25643 9.8 CRITICAL 1 Writeup EPSS 0.02

seatd-launch in seatd 0.6.x before 0.6.4 allows removing files with escalated privileges when installed setuid root. The attack vector is a user-supplied socket pathname.

CWE-668 Feb 24, 2022

CVE-2022-25236 9.8 CRITICAL 1 PoC Analysis EPSS 0.09

xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.

CWE-668 Feb 16, 2022

CVE-2021-42714 7.8 HIGH 1 Writeup EPSS 0.00

Splashtop Remote Client (Business Edition) through 3.4.8.3 creates a Temporary File in a Directory with Insecure Permissions.

CWE-668 Feb 15, 2022

CVE-2021-42713 7.8 HIGH 1 Writeup EPSS 0.00

Splashtop Remote Client (Personal Edition) through 3.4.6.1 creates a Temporary File in a Directory with Insecure Permissions.

CWE-668 Feb 15, 2022

CVE-2021-42712 7.8 HIGH 1 Writeup EPSS 0.00

Splashtop Streamer through 3.4.8.3 creates a Temporary File in a Directory with Insecure Permissions.

CWE-668 Feb 15, 2022

CVE-2021-45420 9.8 CRITICAL EXPLOITED NUCLEI EPSS 0.81

Emerson Dixell XWEB-500 products are affected by arbitrary file write vulnerability in /cgi-bin/logo_extra_upload.cgi, /cgi-bin/cal_save.cgi, and /cgi-bin/lo_utils.cgi. An attacker will be able to write any file on the target system without any kind of authentication mechanism, and this can lead to denial of service and potentially remote code execution. Note: the product has not been supported since 2018 and should be removed or replaced

CWE-306 Feb 14, 2022

CVE-2022-24975 7.5 HIGH 1 Writeup EPSS 0.01

The --mirror documentation for Git through 2.35.1 does not mention the availability of deleted content, aka the "GitBleed" issue. This could present a security risk if information-disclosure auditing processes rely on a clone operation without the --mirror option. Note: This has been disputed by multiple 3rd parties who believe this is an intended feature of the git binary and does not pose a security risk.

CWE-668 Feb 11, 2022

CVE-2020-13670 7.5 HIGH EPSS 0.00

Information Disclosure vulnerability in file module of Drupal Core allows an attacker to gain access to the file metadata of a permanent private file that they do not have access to by guessing the ID of the file. This issue affects: Drupal Core 8.8.x versions prior to 8.8.10; 8.9.x versions prior to 8.9.6; 9.0.x versions prior to 9.0.6.

CWE-668 Feb 11, 2022

CVE-2021-45402 5.5 MEDIUM EPSS 0.00

The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."

CWE-668 Feb 11, 2022

CVE-2021-33096 5.5 MEDIUM EPSS 0.00

Improper isolation of shared resources in network on chip for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access.

CWE-668 Feb 09, 2022

CVE-2021-46354 7.5 HIGH 1 PoC Analysis EPSS 0.35

Thinfinity VirtualUI 2.1.28.0, 2.1.32.1 and 2.5.26.2, fixed in version 3.0 is affected by an information disclosure vulnerability in the parameter "Addr" in cmd site. The ability to send requests to other systems can allow the vulnerable server to filtrate the real IP of the web server or increase the attack surface.

CWE-668 Feb 09, 2022

CVE-2021-42641 7.5 HIGH EPSS 0.01

PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the username and email address of all users.

CWE-668 Feb 02, 2022

CVE-2021-42640 9.1 CRITICAL EPSS 0.01

PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to reassign drivers for any printer.

CWE-668 Feb 02, 2022