Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

CVE-2021-35587 vulnerabilities and exploits

(subscribe to this query)

9.8
CVSSv3
CVE-2022-24112
An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX (with default API key) is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed...
Apache Apisix
8.8
CVE-2022-44635
Apache Fineract allowed an authenticated user to perform remote code execution due to a path traversal vulnerability in a file upload component of Apache Fineract, allowing an attacker to run remote code. This issue affects Apache Fineract version 1.8.0 and prior versions. We...
Apache Fineract
7.5
CVE-2022-28607
An issue was discovered in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to gain sensitive information via the action parameter to /system/user/modules/mod_users/controller.php....
Isic.lk Project Isic.lk
9.8
CVE-2022-4257
A vulnerability was found in C-DATA Web Management System. It has been rated as critical. This issue affects some unknown processing of the file cgi-bin/jumpto.php of the component GET Parameter Handler. The manipulation of the argument hostname leads to argument injection. The...
Cdatatec C-data Web Management System -
9.8
CVE-2022-30528
SQL Injection vulnerability in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to execute arbitrary commands via the username parameter to /system/user/modules/mod_users/controller.php....
Isic.lk Project Isic.lk
7.5
CVE-2022-37017
Symantec Endpoint Protection (Windows) agent, prior to 14.3 RU6/14.3 RU5 Patch 1, may be susceptible to a Security Control Bypass vulnerability, which is a type of issue that can potentially allow a threat actor to circumvent existing security controls. This CVE applies narrowly...
Broadcom Symantec Endpoint Protection
7.8
CVE-2022-4139
An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system....
Linux Linux KernelLinux Linux Kernel 6.1
NA
CVE-2022-3328
The Qualys Research Team discovered a race condition in the snapd-confine binary which could result in local privilege escalation. For the stable distribution (bullseye), this problem has been fixed in version 2.49-1+deb11u2. We recommend that you upgrade your snapd...
7.8
CVE-2022-41325
An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions....
Videolan Vlc Media PlayerDebian Debian Linux 11.0
8
CVE-2022-21225
Improper neutralization in the Intel(R) Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable escalation of privilege via adjacent access....
Intel Data Center Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversalCVE-2023-21068CVE-2023-21077unspecifiedCVE-2023-21070CVE-2023-21016file upload
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook