Security Vulnerabilities - CVEs Published In January 2022
An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. An authentication bypass in ECM/maintenance/forgotpasswordstep1 allows an unauthenticated user to reset passwords and login as any local account.
CVSS Score
9.8
EPSS Score
0.01
Published
2022-01-24
An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. An attacker can enumerate users by changing the id parameter, such as for the ECM/maintenance/forgotpasswordstep1 URI.
CVSS Score
5.3
EPSS Score
0.002
Published
2022-01-24
model/criteria/criteria.go in Navidrome before 0.47.5 is vulnerable to SQL injection attacks when processing crafted Smart Playlists. An authenticated user could abuse this to extract arbitrary data from the database, including the user table (which contains sensitive information such as the users' encrypted passwords).
CVSS Score
6.5
EPSS Score
0.002
Published
2022-01-24
An issue was discovered in lib_mem.c in Micrium uC/OS uC/LIB 1.38.x and 1.39.00. The following memory allocation functions do not check for integer overflow when allocating a pool whose size exceeds the address space: Mem_PoolCreate, Mem_DynPoolCreate, and Mem_DynPoolCreateHW. Because these functions use multiplication to calculate the pool sizes, the operation may cause an integer overflow if the arguments are large enough. The resulting memory pool will be smaller than expected and may be exploited by an attacker.
CVSS Score
9.8
EPSS Score
0.008
Published
2022-01-24
In MediaTek LinkIt SDK before 4.6.1, there is a possible memory corruption due to an integer overflow during mishandled memory allocation by pvPortCalloc and pvPortRealloc.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-01-24
In archive/zip in Go before 1.16.8 and 1.17.x before 1.17.1, a crafted archive header (falsely designating that many files are present) can cause a NewReader or OpenReader panic. NOTE: this issue exists because of an incomplete fix for CVE-2021-33196.
CVSS Score
7.5
EPSS Score
0.0
Published
2022-01-24
AppCMS 2.0.101 has a XSS injection vulnerability in \templates\m\inc_head.php
CVSS Score
6.1
EPSS Score
0.058
Published
2022-01-23
Projectworlds online-shopping-webvsite-in-php 1.0 suffers from a SQL Injection vulnerability via the "id" parameter in cart_add.php, No login is required.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-01-23
xhtml_translate_entity in xhtml.c in epub2txt (aka epub2txt2) through 2.02 allows a stack-based buffer overflow via a crafted EPUB document.
CVSS Score
7.8
EPSS Score
0.002
Published
2022-01-23
Cross-site Scripting (XSS) - Stored in GitHub repository vanessa219/vditor prior to 1.0.34.
CVSS Score
6.8
EPSS Score
0.003
Published
2022-01-23