VulnCheck KEV: CVE-2022-3125

The Frontend File Manager Plugin WordPress plugin before 21.3 allows any authenticated users, such as subscriber, to rename a file to an arbitrary extension, like PHP, which could allow them to basically be able to upload arbitrary files on the server and achieve RCE...

CVE-2022-24633

All versions of FileCloud prior to 21.3 are vulnerable to user enumeration. The vulnerability exists in the parameter "path" passing "/SHARED/". A malicious actor could identify the existence of users by requesting share information on specified share paths...

CVE-2022-24633

All versions of FileCloud prior to 21.3 are vulnerable to user enumeration. The vulnerability exists in the parameter "path" passing "/SHARED/". A malicious actor could identify the existence of users by requesting share information on specified share paths...

CVE-2022-25242

In FileCloud before 21.3, file upload is not protected against Cross-Site Request Forgery CSRF...

CVE-2022-21204

Improper permissions for IntelR QuartusR Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2022-21205

Improper restriction of XML external entity reference in DSP Builder Pro for IntelR QuartusR Prime Pro Edition before version 21.3 may allow an unauthenticated user to potentially enable information disclosure via network access...

CVE-2021-44454

Improper input validation in a third-party component for IntelR QuartusR Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2021-35651

Vulnerability in the Essbase Administration Services product of Oracle Essbase component: EAS Console. The supported versions that are affected are Prior to 11.1.2.4.046 and Prior to 21.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...