CVE-2022-0219

Improper Restriction of XML External Entity Reference in GitHub repository skylot/jadx prior to 1.3.2.

Source: CVE-2022-0219

CVE-2021-44829

Cross Site Scripting (XSS) vulnerability exists in index.html in AFI WebACMS through 2.1.0 via the the ID parameter.

Source: CVE-2021-44829

CVE-2021-44737

PJL directory traversal vulnerability in Lexmark devices through 2021-12-07 that can be leveraged to overwrite internal configuration files.

Source: CVE-2021-44737

CVE-2021-44736

The initial admin account setup wizard on Lexmark devices allow unauthenticated access to the “out of service erase� feature.

Source: CVE-2021-44736

CVE-2021-44735

Embedded web server command injection vulnerability in Lexmark devices through 2021-12-07.

Source: CVE-2021-44735

CVE-2021-44734

Embedded web server input sanitization vulnerability in Lexmark devices through 2021-12-07, which can which can lead to remote code execution on the device.

Source: CVE-2021-44734

CVE-2021-44738

Buffer overflow vulnerability has been identified in Lexmark devices through 2021-12-07 in postscript interpreter.

Source: CVE-2021-44738

CVE-2021-32039

Users with appropriate file access may be able to access unencrypted user credentials saved by MongoDB Extension for VS Code in a binary file. These credentials may be used by malicious attackers to perform unauthorized actions. This vulnerability affects all MongoDB Extension for VS Code including and prior to version 0.7.0

Source: CVE-2021-32039

CVE-2022-0285

Cross-site Scripting (XSS) – Stored in Packagist pimcore/pimcore prior to 10.2.9.

Source: CVE-2022-0285

CVE-2022-0282

Code Injection in Packagist microweber/microweber prior to 1.2.11.

Source: CVE-2022-0282