CVE-2022-42002

CRITICAL Year: 2022
CVSS v3 Score
9.1
Critical
Weakness Type
CWE-787
View all →

Vulnerability Description

SonicJS through 0.6.0 allows file overwrite. It has the following mutations that are used for updating files: fileCreate and fileUpdate. Both of these mutations can be called without any authentication to overwrite any files on a SonicJS application, leading to Arbitrary File Write and Delete.

Related Vulnerabilities

CVE-2017-2615

CRITICAL
CVSS:9.1(Critical)

Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A pri...

CWE-7872017

CVE-2019-5541

CRITICAL
CVSS:9.1(Critical)

VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain an out-of-bounds write vulnerability in the e1000e virtual network adapter. Successful exploitation of this issue may le...

CWE-7872019

CVE-2020-0283

CRITICAL
CVSS:9.1(Critical)

There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-163008257

CWE-7872020

CVE-2020-0367

CRITICAL
CVSS:9.1(Critical)

There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-162980455

CWE-7872020

CVE-2020-17528

CRITICAL
CVSS:9.1(Critical)

Out-of-bounds Write vulnerability in TCP stack of Apache NuttX (incubating) versions up to and including 9.1.0 and 10.0.0 allows attacker to corrupt memory by supplying arbitrary urgent data pointer o...

CWE-7872020

CVE-2020-9142

CRITICAL
CVSS:9.1(Critical)

There is a heap base buffer overflow vulnerability in some Huawei smartphone.Successful exploitation of this vulnerability can cause heap overflow and memory overwriting when the system incorrectly pr...

CWE-7872020