Security Vulnerabilities - CVEs Published In June 2022
Cross-site Scripting (XSS) - Stored in GitHub repository francoisjacquet/rosariosis prior to 9.0.
CVSS Score
8.8
EPSS Score
0.003
Published
2022-06-08
H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the CMD parameter at /goform/aspForm.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-06-08
H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the GO parameter at /goform/aspForm.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-06-08
H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the UpdateWanParams parameter at /goform/aspForm.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-06-08
H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the ipqos_set_bandwidth parameter at /goform/aspForm.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-06-08
Das U-Boot 2022.01 has a Buffer Overflow.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-06-08
Das U-Boot 2022.01 has a Buffer Overflow, a different issue than CVE-2022-30552.
CVSS Score
7.8
EPSS Score
0.003
Published
2022-06-08
Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.
CVSS Score
9.3
EPSS Score
0.01
Published
2022-06-08
LibreHealth EHR Base 2.0.0 allows interface/main/finder/finder_navigation.php patient XSS.
CVSS Score
6.1
EPSS Score
0.003
Published
2022-06-08
The FormCraft WordPress plugin before 1.2.6 does not sanitise and escape Field Labels, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
CVSS Score
4.8
EPSS Score
0.002
Published
2022-06-08