CWE:
 

Tytuł
Data
Autor
High
VBox Satellite Express Arbitrary Write Privilege Escalation
19.09.2015
KoreLogic
Med.
SiS Windows VGA Display Manager Multiple Privilege Escalation
02.09.2015
KoreLogic
Med.
XGI Windows VGA Display Manager Arbitrary Write Privilege Escalation
02.09.2015
KoreLogic
High
FortiClient Antivirus Information Exposure / Access Control
02.09.2015
CORE
Med.
Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation
22.07.2014
Matt Bergin of KoreLog...
Med.
Microsoft XP SP3 BthPan.sys Arbitrary Write Privilege Escalation
22.07.2014
Matt Bergin of KoreLog...
Med.
Oracle VirtualBox Guest Additions Arbitrary Write Privilege Escalation
16.07.2014
Matt Bergin of KoreLog...


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2022-01-10
Waiting for details
CVE-2022-22121

Updating...
 

 
In NocoDB, versions 0.81.0 through 0.83.8 are affected by CSV Injection vulnerability (Formula Injection). A low privileged attacker can create a new table to inject payloads in the table rows. When an administrator accesses the User Management endpoint and exports the data as a CSV file and opens it, the payload gets executed.

 
2021-11-26
Medium
CVE-2021-23654

Vendor: Html2csv project
Software: Html2csv
 

 
This affects all versions of package html-to-csv. When there is a formula embedded in a HTML page, it gets accepted without any validation and the same would be pushed while converting it into a CSV file. Through this a malicious actor can embed or generate a malicious link or execute commands via CSV files.

 
2021-11-24
Low
CVE-2021-41270

Vendor: Sensiolabs
Software: Symfony
 

 
Symfony/Serializer handles serializing and deserializing data structures for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Symfony versions 4.1.0 before 4.4.35 and versions 5.0.0 before 5.3.12 are vulnerable to CSV injection, also known as formula injection. In Symfony 4.1, maintainers added the opt-in `csv_escape_formulas` option in the `CsvEncoder`, to prefix all cells starting with `=`, `+`, `-` or `@` with a tab `\t`. Since then, OWASP added 2 chars in that list: Tab (0x09) and Carriage return (0x0D). This makes the previous prefix char (Tab `\t`) part of the vulnerable characters, and OWASP suggests using the single quote `'` for prefixing the value. Starting with versions 4.4.34 and 5.3.12, Symfony now follows the OWASP recommendations and uses the single quote `'` to prefix formulas and add the prefix to cells starting by `\t`, `\r` as well as `=`, `+`, `-` and `@`.

 
2021-11-23
Medium
CVE-2021-36334

Vendor: DELL
Software: Emc cloud link
 

 
Dell EMC CloudLink 7.1 and all prior versions contain a CSV formula Injection Vulnerability. A remote high privileged attacker, may potentially exploit this vulnerability, leading to arbitrary code execution on end user machine

 
2021-11-03
Medium
CVE-2021-38424

Vendor: Deltaww
Software: Dialink
 

 
The tag interface of Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to an attacker injecting formulas into the tag data. Those formulas may then be executed when it is opened with a spreadsheet application.

 
Medium
CVE-2021-40848

Vendor: Mahara
Software: Mahara
 

 
In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, exported CSV files could contain characters that a spreadsheet program could interpret as a command, leading to execution of a malicious string locally on a device, aka CSV injection.

 
2021-11-01
Medium
CVE-2020-36503

Vendor: Connections-pro
Software: Connections ...
 

 
The Connections Business Directory WordPress plugin before 9.7 does not validate or sanitise some connections' fields, which could lead to a CSV injection issue

 
2021-10-27
Medium
CVE-2021-37131

Vendor: Huawei
Software: Manageone
 

 
There is a CSV injection vulnerability in ManageOne, iManager NetEco and iManager NetEco 6000. An attacker with high privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject CSV files to the target device.

 
2021-10-22
Medium
CVE-2021-42540

Updating...
 

 
The affected product is vulnerable to a unsanitized extract folder for system configuration. A low-privileged user can leverage this logic to overwrite the settings and other key functionality.

 
Medium
CVE-2021-38449

Vendor: Auvesy
Software: Versiondog
 

 
Some API functions permit by-design writing or copying data into a given buffer. Since the client controls these parameters, an attacker could rewrite the memory in any location of the affected product.

 

 


Copyright 2022, cxsecurity.com

 

Back to Top