Security Vulnerabilities - CVEs Published In April 2022
A cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Scheduled Cron Jobs feature.
CVSS Score
8.8
EPSS Score
0.08
Published
2022-04-11
A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via the Scheduled Cron Jobs feature.
CVSS Score
9.6
EPSS Score
0.253
Published
2022-04-11
A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via the Upload and Download feature.
CVSS Score
6.1
EPSS Score
0.081
Published
2022-04-11
A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Upload and Download feature.
CVSS Score
8.8
EPSS Score
0.08
Published
2022-04-11
A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through the Add Users feature.
CVSS Score
6.1
EPSS Score
0.081
Published
2022-04-11
A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through the File Manager feature.
CVSS Score
6.1
EPSS Score
0.081
Published
2022-04-11
A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 through the File Manager feature.
CVSS Score
8.8
EPSS Score
0.08
Published
2022-04-11
The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-04-11
D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formLanguageChange. This vulnerability allows attackers to cause a Denial of Service (DoS) via the nextPage parameter.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-04-10
D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formWlanSetup. This vulnerability allows attackers to cause a Denial of Service (DoS) via the webpage parameter.
CVSS Score
7.5
EPSS Score
0.004
Published
2022-04-10