Security Vulnerabilities - CVEs Published In June 2022
A vulnerability classified as problematic has been found in Linking. This affects an unknown part of the component New Windows Macro. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
3.5
EPSS Score
0.002
Published
2022-06-07
A vulnerability classified as problematic was found in Countdown Timer. This vulnerability affects unknown code of the component Macro Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
3.5
EPSS Score
0.002
Published
2022-06-07
A vulnerability, which was classified as problematic, has been found in Server Status. This issue affects some unknown processing of the component HTTP Status/SMTP Status. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
3.5
EPSS Score
0.002
Published
2022-06-07
A vulnerability, which was classified as critical, was found in Platinum Mobile 1.0.4.850. Affected is /MobileHandler.ashx which leads to broken access control. The attack requires authentication. Upgrading to version 1.0.4.851 is able to address this issue. It is recommended to upgrade the affected component.
CVSS Score
5.5
EPSS Score
0.005
Published
2022-06-07
A vulnerability classified as critical has been found in SevOne Network Management System up to 5.7.2.22. This affects the file traceroute.php of the Traceroute Handler. The manipulation leads to privilege escalation with a command injection. It is possible to initiate the attack remotely.
CVSS Score
8.8
EPSS Score
0.082
Published
2022-06-07
A vulnerability classified as critical was found in SevOne Network Management System up to 5.7.2.22. This vulnerability affects the Alert Summary. The manipulation leads to sql injection. The attack can be initiated remotely.
CVSS Score
6.3
EPSS Score
0.002
Published
2022-06-07
A vulnerability, which was classified as critical, has been found in SevOne Network Management System up to 5.7.2.22. This issue affects the Device Manager Page. An injection leads to privilege escalation. The attack may be initiated remotely.
CVSS Score
6.3
EPSS Score
0.004
Published
2022-06-07
A vulnerability has been found in Klapp App and classified as problematic. This vulnerability affects unknown code of the component Authorization. The manipulation leads to information disclosure (Credentials). The attack can be initiated remotely. It is recommended to upgrade the affected app.
CVSS Score
4.3
EPSS Score
0.003
Published
2022-06-07
A vulnerability was found in Klapp App and classified as problematic. This issue affects some unknown processing of the JSON Web Token Handler. The manipulation leads to weak authentication. The attack may be initiated remotely.
CVSS Score
3.7
EPSS Score
0.007
Published
2022-06-07
MinIO is a multi-cloud object storage solution. Starting with version RELEASE.2019-09-25T18-25-51Z and ending with version RELEASE.2022-06-02T02-11-04Z, MinIO is vulnerable to an unending go-routine buildup while keeping connections established due to HTTP clients not closing the connections. Public-facing MinIO deployments are most affected. Users should upgrade to RELEASE.2022-06-02T02-11-04Z to receive a patch. One possible workaround is to use a reverse proxy to limit the number of connections being attempted in front of MinIO, and actively rejecting connections from such malicious clients.
CVSS Score
7.5
EPSS Score
0.014
Published
2022-06-07