Total
29058 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-40811 | 1 Democritus Urls Project | 1 Democritus Urls | 2024-11-21 | N/A | 9.8 CRITICAL |
| The d8s-urls for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0. | |||||
| CVE-2022-40810 | 1 Democritus Ip Addresses Project | 1 Democritus Ip Addresses | 2024-11-21 | N/A | 9.8 CRITICAL |
| The d8s-ip-addresses for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0 | |||||
| CVE-2022-40809 | 1 Democritus Dicts Project | 1 Democritus Dicts | 2024-11-21 | N/A | 9.8 CRITICAL |
| The d8s-dicts for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0 | |||||
| CVE-2022-40808 | 1 Democritus Dates Project | 1 Democritus Dates | 2024-11-21 | N/A | 9.8 CRITICAL |
| The d8s-dates for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0 | |||||
| CVE-2022-40807 | 1 Democritus Domains Project | 1 Democritus Domains | 2024-11-21 | N/A | 9.8 CRITICAL |
| The d8s-domains for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0 | |||||
| CVE-2022-40806 | 1 Democritus Uuids Project | 1 Democritus Uuids | 2024-11-21 | N/A | 9.8 CRITICAL |
| The d8s-uuids for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0 | |||||
| CVE-2022-40805 | 1 Democritus Urls Project | 1 Democritus Urls | 2024-11-21 | N/A | 9.8 CRITICAL |
| The d8s-urls for python 0.1.0, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-hypothesis package. | |||||
| CVE-2022-40798 | 1 Ocomon Project | 1 Ocomon | 2024-11-21 | N/A | 7.5 HIGH |
| OcoMon 4.0RC1 is vulnerable to Incorrect Access Control. Through a request the user can obtain the real email, sending the same request with correct email its possible to account takeover. | |||||
| CVE-2022-40785 | 1 Mipcm | 2 Mipc Camera, Mipc Camera Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| Unsanitized input when setting a locale file leads to shell injection in mIPC camera firmware 5.3.1.2003161406. This allows an attacker to gain remote code execution on cameras running the firmware when a victim logs into a specially crafted mobile app. | |||||
| CVE-2022-40740 | 1 Realtek | 2 Usdk, Xpon Software Development Kit | 2024-11-21 | N/A | 7.2 HIGH |
| Realtek GPON router has insufficient filtering for special characters. A remote attacker authenticated as an administrator can exploit this vulnerability to perform command injection attacks, to execute arbitrary system command, manipulate system or disrupt service. | |||||
| CVE-2022-40691 | 1 Moxa | 4 Sds-3008, Sds-3008-t, Sds-3008-t Firmware and 1 more | 2024-11-21 | N/A | 5.3 MEDIUM |
| An information disclosure vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2022-40633 | 1 Rittal | 2 Cmc Iii, Cmc Iii Firmware | 2024-11-21 | N/A | 4.6 MEDIUM |
| A malicious actor can clone access cards used to open control cabinets secured with Rittal CMC III locks. | |||||
| CVE-2022-40430 | 1 D8s-utility Project | 1 D8s-utility | 2024-11-21 | N/A | 9.8 CRITICAL |
| The d8s-utility for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0. | |||||
| CVE-2022-40429 | 1 D8s-ip-addresses Project | 1 D8s-ip-addresses | 2024-11-21 | N/A | 9.8 CRITICAL |
| The d8s-ip-addresses for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0. | |||||
| CVE-2022-40428 | 1 D8s-mpeg Project | 1 D8s Mpeg | 2024-11-21 | N/A | 9.8 CRITICAL |
| The d8s-mpeg for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0. | |||||
| CVE-2022-40427 | 1 Democritus Domains Project | 1 Democritus Domains | 2024-11-21 | N/A | 9.8 CRITICAL |
| The d8s-domains for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0 | |||||
| CVE-2022-40426 | 1 D8s-asns Project | 1 D8s-asns | 2024-11-21 | N/A | 9.8 CRITICAL |
| The d8s-asns for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0. | |||||
| CVE-2022-40425 | 1 D8s-html Project | 1 D8s-html | 2024-11-21 | N/A | 9.8 CRITICAL |
| The d8s-html for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0. | |||||
| CVE-2022-40424 | 1 Democritus Urls Project | 1 Democritus Urls | 2024-11-21 | N/A | 9.8 CRITICAL |
| The d8s-urls for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-networking package. The affected version of d8s-urls is 0.1.0 | |||||
| CVE-2022-40306 | 1 Ecisolutions | 1 Printanista Managed Print Service | 2024-11-21 | N/A | 5.9 MEDIUM |
| The login form /Login in ECi Printanista Hub (formerly FMAudit Printscout) before 5.5.2 (July 2023) performs expensive RSA key-generation operations, which allows attackers to cause a denial of service (DoS) by requesting that form repeatedly. | |||||