CISA Bulletins - Vulnerability Summary for the Week of December 12, 2022

Original release date: December 19, 2022

High Vulnerabilities

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD][LEFT]hp -- futuresmart_5[/LEFT][/TD] [TD][LEFT]A potential security vulnerability has been identified for certain HP multifunction printers (MFPs). The vulnerability may lead to Denial of Service when running HP Workpath solutions on potentially affected products.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-3821&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2021-3821]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-3821') [MISC]('https://support.hp.com/us-en/document/ish_4980799-4980823-16/hpsbpi03747')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In toLanguageTag of LocaleListCache.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-239210579[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20472&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20472]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20472') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In toLanguageTag of LocaleListCache.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-239267173[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20473&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20473]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20473') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]cycle-import-check_project -- cycle-import-check[/LEFT][/TD] [TD][LEFT]The package cycle-import-check before 1.3.2 are vulnerable to Command Injection via the writeFileToTmpDirAndOpenIt function due to improper user-input sanitization.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-24377&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-24377]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-24377') [CONFIRM]('https://security.snyk.io/vuln/SNYK-JS-CYCLEIMPORTCHECK-3157955') [CONFIRM]('https://github.com/Soontao/cycle-import-check/commit/1ca97b59df7e9c704471fcb4cf042ce76d7c9890')[/TD] [/TR] [TR] [TD][LEFT]citrix -- application_delivery_controller_firmware[/LEFT][/TD] [TD][LEFT]Unauthenticated remote arbitrary code execution[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-27518&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-27518]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-27518') [MISC]('https://support.citrix.com/article/CTX474995')[/TD] [/TR] [TR] [TD][LEFT]zephyrproject -- zephyr[/LEFT][/TD] [TD][LEFT]There is an error in the condition of the last if-statement in the function smp_check_keys. It was rejecting current keys if all requirements were unmet.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2993&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-2993]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2993') [MISC]('https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-3286-jgjx-8cvr')[/TD] [/TR] [TR] [TD][LEFT]vmware -- vrealize_network_insight[/LEFT][/TD] [TD][LEFT]vRealize Network Insight (vRNI) contains a command injection vulnerability present in the vRNI REST API. A malicious actor with network access to the vRNI REST API can execute commands without authentication.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-31702&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-31702]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-31702') [MISC]('https://www.vmware.com/security/advisories/VMSA-2022-0031.html')[/TD] [/TR] [TR] [TD][LEFT]arubanetworks -- sd-wan[/LEFT][/TD] [TD][LEFT]There is a command injection vulnerability that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37897&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-37897]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37897') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-016.txt')[/TD] [/TR] [TR] [TD][LEFT]hpe -- officeconnect_1820_j9979a_firmware[/LEFT][/TD] [TD][LEFT]A potential security vulnerability has been identified in Hewlett Packard Enterprise OfficeConnect 1820, 1850, and 1920S Network switches. The vulnerability could be remotely exploited to allow authentication bypass. HPE has made the following software updates to resolve the vulnerability in Hewlett Packard Enterprise OfficeConnect 1820, 1850 and 1920S Network switches versions: Prior to PT.02.14; Prior to PC.01.22; Prior to PO.01.21; Prior to PD.02.22;[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37932&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-37932]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37932') [MISC]('https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04383en_us')[/TD] [/TR] [TR] [TD][LEFT]hcltechsw -- hcl_commerce[/LEFT][/TD] [TD][LEFT]HCL Commerce, when using Elasticsearch, can allow a remote attacker to cause a denial of service attack on the site and make administrative changes.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-38656&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-38656]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-38656') [MISC]('https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0101265')[/TD] [/TR] [TR] [TD][LEFT]boxystudio -- cooked[/LEFT][/TD] [TD][LEFT]The Cooked Pro WordPress plugin before 1.7.5.7 does not properly validate or sanitize the recipe_args parameter before unserializing it in the cooked_loadmore action, allowing an unauthenticated attacker to trigger a PHP Object injection vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3900&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3900]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3900') [MISC]('https://wpscan.com/vulnerability/c969c4bc-82d7-46a0-88ba-e056c0b27de7')[/TD] [/TR] [TR] [TD][LEFT]wedevs -- dokan[/LEFT][/TD] [TD][LEFT]The Dokan WordPress plugin before 3.7.6 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3915&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3915]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3915') [MISC]('https://wpscan.com/vulnerability/fd416d99-1970-418f-81f5-8438490d4479')[/TD] [/TR] [TR] [TD][LEFT]themographics -- listingo[/LEFT][/TD] [TD][LEFT]The Listingo WordPress theme before 3.2.7 does not validate files to be uploaded via an AJAX action available to unauthenticated users, which could allow them to upload arbitrary files and lead to RCE[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3921&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3921]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3921') [MISC]('https://wpscan.com/vulnerability/e39b59b0-f24f-4de5-a21c-c4de34c3a14f')[/TD] [/TR] [TR] [TD][LEFT]wpdevart -- booking_calendar[/LEFT][/TD] [TD][LEFT]The Booking calendar, Appointment Booking System WordPress plugin before 3.2.2 does not validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as PHP and achieve RCE[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3982&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3982]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3982') [MISC]('https://wpscan.com/vulnerability/4d91f3e1-4de9-46c1-b5ba-cc55b7726867')[/TD] [/TR] [TR] [TD][LEFT]daikinlatam -- svmpc2[/LEFT][/TD] [TD][LEFT]Daikin SVMPC1 version 2.1.22 and prior and SVMPC2 version 1.2.3 and prior are vulnerable to an attacker obtaining user login credentials and control the system.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41653&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41653]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41653') [MISC]('https://www.cisa.gov/uscert/ics/advisories/icsa-22-284-02')[/TD] [/TR] [TR] [TD][LEFT]rxvt-unicode_project -- rxvt-unicode[/LEFT][/TD] [TD][LEFT]The rxvt-unicode package is vulnerable to a remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certain options are set.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4170&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4170]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4170') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2151597') [MISC]('https://www.openwall.com/lists/oss-security/2022/12/05/1')[/TD] [/TR] [TR] [TD][LEFT]ikus-soft -- rdiffweb[/LEFT][/TD] [TD][LEFT]Improper Privilege Management in GitHub repository ikus060/rdiffweb prior to 2.5.2.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4314&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4314]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4314') [MISC]('https://github.com/ikus060/rdiffweb/commit/b2df3679564d0daa2856213bb307d3e34bd89a25') [CONFIRM]('https://huntr.dev/bounties/b2dc504d-92ae-4221-a096-12ff223d95a8')[/TD] [/TR] [TR] [TD][LEFT]siemens -- sicam_pas[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0). Affected software transmits the database credentials for the inbuilt SQL server in cleartext. In combination with the by default enabled xp_cmdshell feature unauthenticated remote attackers could execute custom OS commands. At the time of assigning the CVE, the affected firmware version of the component has already been superseded by succeeding mainline versions.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43724&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43724]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43724') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-849072.pdf')[/TD] [/TR] [TR] [TD][LEFT]mingsoft -- mcms[/LEFT][/TD] [TD][LEFT]A vulnerability was found in Mingsoft MCMS up to 5.2.9. It has been classified as critical. Affected is an unknown function of the file /cms/category/list. The manipulation of the argument sqlWhere leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 5.2.10 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-215196.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4375&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4375]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4375') [MISC]('https://vuldb.com/?id.215196') [MISC]('https://gitee.com/mingSoft/MCMS/issues/I61TG5')[/TD] [/TR] [TR] [TD][LEFT]nodau_project -- nodau[/LEFT][/TD] [TD][LEFT]A vulnerability was found in TicklishHoneyBee nodau. It has been rated as critical. Affected by this issue is some unknown functionality of the file src/db.c. The manipulation of the argument value/name leads to sql injection. The name of the patch is 7a7d737a3929f335b9717ddbd31db91151b69ad2. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-215252.[/LEFT][/TD] [TD][CENTER]2022-12-10[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4399&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4399]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4399') [MISC]('https://vuldb.com/?id.215252') [MISC]('https://github.com/TicklishHoneyBee/nodau/commit/7a7d737a3929f335b9717ddbd31db91151b69ad2') [MISC]('https://github.com/TicklishHoneyBee/nodau/pull/26')[/TD] [/TR] [TR] [TD][LEFT]corebos -- corebos[/LEFT][/TD] [TD][LEFT]PHP Remote File Inclusion in GitHub repository tsolucio/corebos prior to 8.0.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4446&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4446]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4446') [MISC]('https://github.com/tsolucio/corebos/commit/8035e725ecb397348bd50545e90975b699e4f9f2') [CONFIRM]('https://huntr.dev/bounties/718f1be6-3834-4ef2-8134-907a52009894')[/TD] [/TR] [TR] [TD][LEFT]dlink -- dir-3040_firmware[/LEFT][/TD] [TD][LEFT]D-Link DIR-3040 device with firmware 120B03 was discovered to contain a command injection vulnerability via the SetTriggerLEDBlink function.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44832&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44832]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44832') [MISC]('https://www.dlink.com/en/security-bulletin/') [MISC]('https://github.com/flamingo1616/iot_vuln/blob/main/D-Link/DIR-3040/6.md')[/TD] [/TR] [TR] [TD][LEFT]scif -- scifio[/LEFT][/TD] [TD][LEFT]A vulnerability classified as critical was found in scifio. Affected by this vulnerability is the function downloadAndUnpackResource of the file src/test/java/io/scif/util/DefaultSampleFilesService.java of the component ZIP File Handler. The manipulation leads to path traversal. The attack can be launched remotely. The name of the patch is fcb0dbca0ec72b22fe0c9ddc8abc9cb188a0ff31. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-215803.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4493&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4493]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4493') [N/A]('https://github.com/scifio/scifio/commit/fcb0dbca0ec72b22fe0c9ddc8abc9cb188a0ff31') [N/A]('https://vuldb.com/?id.215803')[/TD] [/TR] [TR] [TD][LEFT]mcp_mapping_viewer_project -- mcp_mapping_viewer[/LEFT][/TD] [TD][LEFT]A vulnerability, which was classified as critical, has been found in bspkrs MCPMappingViewer. Affected by this issue is the function extractZip of the file src/main/java/bspkrs/mmv/RemoteZipHandler.java of the component ZIP File Handler. The manipulation leads to path traversal. The attack may be launched remotely. The name of the patch is 6e602746c96b4756c271d080dae7d22ad804a1bd. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-215804.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4494&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4494]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4494') [N/A]('https://vuldb.com/?id.215804') [N/A]('https://github.com/bspkrs/MCPMappingViewer/commit/6e602746c96b4756c271d080dae7d22ad804a1bd')[/TD] [/TR] [TR] [TD][LEFT]ip-com -- ew9_firmware[/LEFT][/TD] [TD][LEFT]IP-COM EW9 V15.11.0.14(9732) was discovered to contain a command injection vulnerability in the cmd_get_ping_output function.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45005&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45005]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45005') [MISC]('https://github.com/splashsc/IOT_Vulnerability_Discovery/blob/main/ip-com/6_ping_cmdi.md')[/TD] [/TR] [TR] [TD][LEFT]call-cc -- chicken[/LEFT][/TD] [TD][LEFT]egg-compile.scm in CHICKEN 5.x before 5.3.1 allows arbitrary OS command execution during package installation via escape characters in a .egg file.[/LEFT][/TD] [TD][CENTER]2022-12-10[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45145&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45145]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45145') [MISC]('https://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=blobdiff;f=egg-compile.scm;h=9ba4568113350ec75204cba55e43e27925e2d6fe;hp=c1f2ceb0fb470f63c2ba2a1cf9d8d40083c2359f;hb=a08f8f548d772ef410c672ba33a27108d8d434f3;hpb=9c6fb001c25de4390f46ffd7c3c94237f4df92a9') [MISC]('https://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=blobdiff;f=NEWS;h=54888afff09353093453673c407cabfe76a5ce77;hp=a3fd88a892f82c8353267f50509d018bbb1934b9;hb=670478435a982fc4d1f001ea08669f53d35a51cd;hpb=a08f8f548d772ef410c672ba33a27108d8d434f3') [MISC]('https://lists.gnu.org/archive/html/chicken-announce/2022-11/msg00000.html')[/TD] [/TR] [TR] [TD][LEFT]helmet_store_showroom_site_project -- helmet_store_showroom_site[/LEFT][/TD] [TD][LEFT]There is SQL Injection vulnerability at Helmet Store Showroom v1.0 Login Page. This vulnerability can be exploited to bypass admin access.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46071&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46071]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46071') [MISC]('https://www.youtube.com/watch?v=5wit1Arzwxs&feature=youtu.be')[/TD] [/TR] [TR] [TD][LEFT]helmet_store_showroom_project -- helmet_store_showroom[/LEFT][/TD] [TD][LEFT]Helmet Store Showroom v1.0 vulnerable to unauthenticated SQL Injection.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46072&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46072]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46072') [MISC]('https://www.youtube.com/watch?v=jBAVUSzBL_M&ab_channel=IkariShinji')[/TD] [/TR] [TR] [TD][LEFT]codecentric -- spring_boot_admin[/LEFT][/TD] [TD][LEFT]Spring boot admins is an open source administrative user interface for management of spring boot applications. All users who run Spring Boot Admin Server, having enabled Notifiers (e.g. Teams-Notifier) and write access to environment variables via UI are affected. Users are advised to upgrade to the most recent releases of Spring Boot Admin 2.6.10 and 2.7.8 to resolve this issue. Users unable to upgrade may disable any notifier or disable write access (POST request) on [ICODE]/env[/ICODE] actuator endpoint.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46166&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46166]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46166') [MISC]('https://github.com/codecentric/spring-boot-admin/security/advisories/GHSA-w3x5-427h-wfq6') [MISC]('https://github.com/codecentric/spring-boot-admin/commit/c14c3ec12533f71f84de9ce3ce5ceb7991975f75')[/TD] [/TR] [TR] [TD][LEFT]github -- enterprise_server[/LEFT][/TD] [TD][LEFT]An improper limitation of a pathname to a restricted directory vulnerability was identified in GitHub Enterprise Server that enabled remote code execution. A check was added within Pages to ensure the working directory is clean before unpacking new content to prevent an arbitrary file overwrite bug. This vulnerability affected only version 3.7.0 of GitHub Enterprise Server and was fixed in version 3.7.1. This vulnerability was reported via the GitHub Bug Bounty program.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46255&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46255]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46255') [MISC]('https://docs.github.com/en/[email protected]/admin/release-notes#3.7.1')[/TD] [/TR] [TR] [TD][LEFT]siemens -- 6gk5204-0ba00-2mb2_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46353&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46353]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46353') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-363821.pdf')[/TD] [/TR] [TR] [TD][LEFT]apache -- cxf[/LEFT][/TD] [TD][LEFT]A SSRF vulnerability in parsing the href attribute of XOP:Include in MTOM requests in versions of Apache CXF before 3.5.5 and 3.4.10 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46364&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46364]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46364') [MISC]('https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1&modificationDate=1670944472739&api=v2')[/TD] [/TR] [TR] [TD][LEFT]python3-restfulapi_project -- python3-restfulapi[/LEFT][/TD] [TD][LEFT]Python3-RESTfulAPI commit d9907f14e9e25dcdb54f5b22252b0e9452e3970e and e772e0beee284c50946e94c54a1d43071ca78b74 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46609&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46609]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46609') [MISC]('https://mirrors.neusoft.edu.cn/pypi/web/simple/request/') [MISC]('https://github.com/herry-zhang/Python3-RESTfulAPI/') [MISC]('https://github.com/herry-zhang/Python3-RESTfulAPI/blob/1c2081dca357685b3180b9baeb7e761e9a10ca99/SECURITY.md') [MISC]('https://github.com/herry-zhang/Python3-RESTfulAPI/commit/1c2081dca357685b3180b9baeb7e761e9a10ca99')[/TD] [/TR] [TR] [TD][LEFT]jenkins -- plot[/LEFT][/TD] [TD][LEFT]Jenkins Plot Plugin 2.1.11 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46682&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46682]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46682') [MISC]('https://www.jenkins.io/security/advisory/2022-12-07/#SECURITY-2940')[/TD] [/TR] [TR] [TD][LEFT]sqlite -- sqlite[/LEFT][/TD] [TD][LEFT]SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46908&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46908]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46908') [MISC]('https://sqlite.org/src/info/cefc032473ac5ad2') [MISC]('https://sqlite.org/forum/forumpost/07beac8056151b2f') [MISC]('https://news.ycombinator.com/item?id=33948588')[/TD] [/TR] [TR] [TD][LEFT]vsphere_selfuse_project -- vsphere_selfuse[/LEFT][/TD] [TD][LEFT]vSphere_selfuse commit 2a9fe074a64f6a0dd8ac02f21e2f10d66cac5749 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46996&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46996]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46996') [MISC]('https://github.com/SHenry07/vSphere_selfuse/issues/39') [MISC]('https://mirrors.neusoft.edu.cn/pypi/web/simple/request/') [MISC]('https://github.com/SHenry07/vSphere_selfuse/')[/TD] [/TR] [TR] [TD][LEFT]passhunt_project -- passhunt[/LEFT][/TD] [TD][LEFT]Passhunt commit 54eb987d30ead2b8ebbf1f0b880aa14249323867 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46997&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46997]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46997') [MISC]('https://github.com/Viralmaniar/Passhunt/') [MISC]('https://mirrors.neusoft.edu.cn/pypi/web/simple/request/') [MISC]('https://github.com/Viralmaniar/Passhunt/issues/14')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- 365_apps[/LEFT][/TD] [TD][LEFT]Microsoft Office Graphics Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26804, CVE-2022-26805, CVE-2022-26806, CVE-2022-44692, CVE-2022-47212, CVE-2022-47213.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-47211&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-47211]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-47211') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-47211')[/TD] [/TR] [TR] [TD][LEFT]sap -- netweaver_process_integration[/LEFT][/TD] [TD][LEFT]An unauthenticated user can attach to an open interface exposed through JNDI by the Messaging System of SAP NetWeaver Process Integration (PI) - version 7.50. This user can make use of an open naming and directory API to access services that could perform unauthorized operations. The vulnerability affects local users and data, leading to a considerable impact on confidentiality as well as availability and a limited impact on the integrity of the application. These operations can be used to: * Read any information * Modify sensitive information * Denial of Service attacks (DoS) * SQL Injection[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][9.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41271&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H')[/CENTER][/TD] [TD][CVE-2022-41271]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41271') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html') [MISC]('https://launchpad.support.sap.com/#/notes/3267780')[/TD] [/TR] [TR] [TD][LEFT]kingspan -- tms300_cs_firmware[/LEFT][/TD] [TD][LEFT]Due to the lack of adequately implemented access-control rules, all versions Kingspan TMS300 CS are vulnerable to an attacker viewing and modifying the application settings without authenticating by accessing a specific uniform resource locator (URL) on the webserver.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2757&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-2757]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2757') [MISC]('https://www.cisa.gov/uscert/ics/advisories/icsa-22-256-04')[/TD] [/TR] [TR] [TD][LEFT]kbase_doc_project -- kbase_doc[/LEFT][/TD] [TD][LEFT]Kbase Doc v1.0 was discovered to contain an arbitrary file deletion vulnerability via the component /web/IndexController.java.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45290&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45290]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45290') [MISC]('https://github.com/HH1F/KbaseDoc-v1.0-Arbitrary-file-deletion-vulnerability/blob/main/README.md')[/TD] [/TR] [TR] [TD][LEFT]fp_newsletter_project -- fp_newsletter[/LEFT][/TD] [TD][LEFT]An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. There is a CAPTCHA bypass that can lead to subscribing many people.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-47408&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-47408]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-47408') [MISC]('https://typo3.org/security/advisory/typo3-ext-sa-2022-017')[/TD] [/TR] [TR] [TD][LEFT]proxmox -- virtual_environment[/LEFT][/TD] [TD][LEFT]A reflected cross-site scripting (XSS) vulnerability in Proxmox Virtual Environment prior to v7.2-3 allows remote attackers to execute arbitrary web scripts or HTML via non-existent endpoints under path /api2/html/.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-31358&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-31358]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-31358') [MISC]('https://www.proxmox.com/en/') [MISC]('https://git.proxmox.com/?p=pve-http-server.git;a=commitdiff;h=00661f1223b7c0afffa64e1d91f5e018b985f762') [MISC]('https://starlabs.sg/blog/2022/12-multiple-vulnerabilites-in-proxmox-ve--proxmox-mail-gateway/') [MISC]('http://proxmox.com')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In avdt_msg_asmbl of avdt_msg.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-232023771[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20411&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20411]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20411') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In avct_lcb_msg_asmbl of avct_lcb_act.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-230867224[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20469&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20469]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20469') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]cisco -- ata_190_firmware[/LEFT][/TD] [TD][LEFT]Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, adjacent attacker to cause Cisco Discovery Protocol memory corruption on an affected device. These vulnerabilities are due to missing length validation checks when processing Cisco Discovery Protocol messages. An attacker could exploit these vulnerabilities by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to cause an out-of-bounds read of the valid Cisco Discovery Protocol packet data, which could allow the attacker to cause corruption in the internal Cisco Discovery Protocol database of the affected device.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20689&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20689]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20689') [MISC]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ata19x-multivuln-GEZYVvs')[/TD] [/TR] [TR] [TD][LEFT]cisco -- ata_190_firmware[/LEFT][/TD] [TD][LEFT]Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, adjacent attacker to cause Cisco Discovery Protocol memory corruption on an affected device. These vulnerabilities are due to missing length validation checks when processing Cisco Discovery Protocol messages. An attacker could exploit these vulnerabilities by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to cause an out-of-bounds read of the valid Cisco Discovery Protocol packet data, which could allow the attacker to cause corruption in the internal Cisco Discovery Protocol database of the affected device.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20690&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20690]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20690') [MISC]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ata19x-multivuln-GEZYVvs')[/TD] [/TR] [TR] [TD][LEFT]cisco -- ip_phone_7811_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could allow an unauthenticated, adjacent attacker to cause a stack overflow on an affected device. This vulnerability is due to insufficient input validation of received Cisco Discovery Protocol packets. An attacker could exploit this vulnerability by sending crafted Cisco Discovery Protocol traffic to an affected device. A successful exploit could allow the attacker to cause a stack overflow, resulting in possible remote code execution or a denial of service (DoS) condition on an affected device.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20968&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20968]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20968') [MISC]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipp-oobwrite-8cMF5r7U')[/TD] [/TR] [TR] [TD][LEFT]typo3 -- typo3[/LEFT][/TD] [TD][LEFT]TYPO3 is an open source PHP based web content management system. Versions prior to 8.7.49, 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are vulnerable to Code Injection. Due to the lack of separating user-submitted data from the internal configuration in the Form Designer backend module, it is possible to inject code instructions to be processed and executed via TypoScript as PHP code. The existence of individual TypoScript instructions for a particular form item and a valid backend user account with access to the form module are needed to exploit this vulnerability. This issue is patched in versions 8.7.49 ELTS, 9.5.38 ELTS, 10.4.33, 11.5.20, 12.1.1.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23503&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-23503]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23503') [MISC]('https://github.com/TYPO3/typo3/security/advisories/GHSA-c5wx-6c2c-f7rm')[/TD] [/TR] [TR] [TD][LEFT]cube -- cube.js[/LEFT][/TD] [TD][LEFT]cube-js is a headless business intelligence platform. In version 0.31.23 all authenticated Cube clients could bypass SQL row-level security and run arbitrary SQL via the newly introduced /v1/sql-runner endpoint. This issue has been resolved in version 0.31.24. Users are advised to either upgrade to 0.31.24 or to downgrade to 0.31.22. There are no known workarounds for this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23510&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-23510]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23510') [MISC]('https://github.com/cube-js/cube.js/security/advisories/GHSA-6jqm-3c9g-pch7') [MISC]('https://github.com/cube-js/cube.js/commit/3c614674fed6ca17df08bbba8c835ef110167570') [MISC]('https://github.com/cube-js/cube.js/commit/f1140de508e359970ac82b50bae1c4bf152f6041')[/TD] [/TR] [TR] [TD][LEFT]vmware -- esxi[/LEFT][/TD] [TD][LEFT]VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket. A malicious actor with local access to ESXi may exploit this issue to corrupt memory leading to an escape of the ESXi sandbox.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-31696&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-31696]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-31696') [MISC]('https://www.vmware.com/security/advisories/VMSA-2022-0030.html')[/TD] [/TR] [TR] [TD][LEFT]averta -- shortcodes_and_extra_features_for_phlox_theme[/LEFT][/TD] [TD][LEFT]The Shortcodes and extra features for Phlox WordPress plugin through 2.10.5 unserializes the content of an imported file, which could lead to PHP object injection when a user imports (intentionally or not) a malicious file and a suitable gadget chain is present on the blog.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3359&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3359]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3359') [MISC]('https://wpscan.com/vulnerability/08f3ce22-94a0-496a-aaf9-d35b6b0f5bb6')[/TD] [/TR] [TR] [TD][LEFT]apache -- atlas[/LEFT][/TD] [TD][LEFT]A vulnerability in import module of Apache Atlas allows an authenticated user to write to web server filesystem. This issue affects Apache Atlas versions from 0.8.4 to 2.2.0.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-34271&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-34271]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-34271') [MISC]('https://lists.apache.org/thread/0rqvcxo6brmos9w3lzfsdn2lsmlblpw3')[/TD] [/TR] [TR] [TD][LEFT]devolutions -- remote_desktop_manager[/LEFT][/TD] [TD][LEFT]Elevation of privilege in the Azure SQL Data Source in Devolutions Remote Desktop Manager 2022.3.13 to 2022.3.24 allows an authenticated user to spoof a privileged account.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3641&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3641]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3641') [MISC]('https://devolutions.net/security/advisories/DEVO-2022-0010')[/TD] [/TR] [TR] [TD][LEFT]spip -- spip[/LEFT][/TD] [TD][LEFT]RCE in SPIP 3.1.13 through 4.1.2 allows remote authenticated users to execute arbitrary code via a GET parameter[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37155&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-37155]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37155') [MISC]('https://pastebin.com/ZH7CPc8X')[/TD] [/TR] [TR] [TD][LEFT]arubanetworks -- arubaos[/LEFT][/TD] [TD][LEFT]Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities results in the ability to execute arbitrary commands as a privileged user on the underlying operating system.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37898&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-37898]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37898') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-016.txt')[/TD] [/TR] [TR] [TD][LEFT]arubanetworks -- arubaos[/LEFT][/TD] [TD][LEFT]A vulnerability exists that allows an authenticated attacker to overwrite an arbitrary file with attacker-controlled content via the web interface. Successful exploitation of this vulnerability could lead to full compromise the underlying host operating system.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37903&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-37903]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37903') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-016.txt')[/TD] [/TR] [TR] [TD][LEFT]arubanetworks -- sd-wan[/LEFT][/TD] [TD][LEFT]Vulnerabilities in ArubaOS running on 7xxx series controllers exist that allows an attacker to execute arbitrary code during the boot sequence. Successful exploitation could allow an attacker to achieve permanent modification of the underlying operating system.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37904&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-37904]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37904') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-016.txt')[/TD] [/TR] [TR] [TD][LEFT]arubanetworks -- sd-wan[/LEFT][/TD] [TD][LEFT]Vulnerabilities in ArubaOS running on 7xxx series controllers exist that allows an attacker to execute arbitrary code during the boot sequence. Successful exploitation could allow an attacker to achieve permanent modification of the underlying operating system.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37905&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-37905]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37905') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-016.txt')[/TD] [/TR] [TR] [TD][LEFT]arubanetworks -- sd-wan[/LEFT][/TD] [TD][LEFT]Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities results in the ability to execute arbitrary commands as a privileged user on the underlying operating system.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37912&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-37912]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37912') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-016.txt')[/TD] [/TR] [TR] [TD][LEFT]icegram -- email_subscribers_\&_newsletters[/LEFT][/TD] [TD][LEFT]The Icegram Express WordPress plugin before 5.5.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by any authenticated users, such as subscriber[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3981&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3981]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3981') [MISC]('https://wpscan.com/vulnerability/78054d08-0227-426c-903d-d146e0919028')[/TD] [/TR] [TR] [TD][LEFT]wut -- com-server_\+\+_firmware[/LEFT][/TD] [TD][LEFT]Multiple Wiesemann&Theis products of the ComServer Series are prone to an authentication bypass through IP spoofing. During an authenticated session to the WBM of the Com-Server an unauthenticated attacker in the same subnet can obtain the session ID and through IP spoofing change arbitrary settings by crafting modified HTTP Get requests. This may result in a complete takeover of the device.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4098&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4098]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4098') [MISC]('https://cert.vde.com/en/advisories/VDE-2022-057/')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- .net[/LEFT][/TD] [TD][LEFT].NET Framework Remote Code Execution Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41089&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41089]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41089') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41089')[/TD] [/TR] [TR] [TD][LEFT]sap -- basis[/LEFT][/TD] [TD][LEFT]Due to the unrestricted scope of the RFC function module, SAP BASIS - versions 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, 791, allows an authenticated non-administrator attacker to access a system class and execute any of its public methods with parameters provided by the attacker. On successful exploitation the attacker can have full control of the system to which the class belongs, causing a high impact on the integrity of the application.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41264&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41264]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41264') [MISC]('https://launchpad.support.sap.com/#/notes/3268172') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html')[/TD] [/TR] [TR] [TD][LEFT]sap -- business_objects_business_intelligence_platform[/LEFT][/TD] [TD][LEFT]SAP Business Objects Platform - versions 420, and 430, allows an attacker with normal BI user privileges to upload/replace any file on Business Objects server at the operating system level, enabling the attacker to take full control of the system causing a high impact on confidentiality, integrity, and availability of the application.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41267&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41267]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41267') [MISC]('https://launchpad.support.sap.com/#/notes/3239475') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html')[/TD] [/TR] [TR] [TD][LEFT]ibm -- db2[/LEFT][/TD] [TD][LEFT]IBM Db2U 3.5, 4.0, and 4.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 237210.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41296&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41296]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41296') [MISC]('https://www.ibm.com/support/pages/node/6843071') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/237210')[/TD] [/TR] [TR] [TD][LEFT]deltaww -- dvw-w02w2-e2_firmware[/LEFT][/TD] [TD][LEFT]Delta Electronics DVW-W02W2-E2 1.5.0.10 is vulnerable to Command Injection via Crafted URL.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42139&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-42139]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42139') [MISC]('https://cyberdanube.com/en/en-authenticated-command-injection-in-delta-electronics-dvw-w02w2-e2/')[/TD] [/TR] [TR] [TD][LEFT]arm -- bifrost_gpu_kernel_driver[/LEFT][/TD] [TD][LEFT]An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Valhall r29p0 through r40P0.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42716&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-42716]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42716') [MISC]('https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities')[/TD] [/TR] [TR] [TD][LEFT]arubanetworks -- edgeconnect_enterprise[/LEFT][/TD] [TD][LEFT]Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43542&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43542]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43542') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-018.txt')[/TD] [/TR] [TR] [TD][LEFT]canteen_management_system_project -- canteen_management_system[/LEFT][/TD] [TD][LEFT]A vulnerability classified as critical was found in SourceCodester Canteen Management System. This vulnerability affects unknown code of the file ajax_represent.php. The manipulation of the argument customer_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-215272.[/LEFT][/TD] [TD][CENTER]2022-12-11[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4403&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4403]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4403') [MISC]('https://blog.csdn.net/hzwsuki/article/details/128277038') [MISC]('https://vuldb.com/?id.215272')[/TD] [/TR] [TR] [TD][LEFT]mxsdoc_project -- mxsdoc[/LEFT][/TD] [TD][LEFT]A vulnerability was found in RainyGao DocSys. It has been declared as critical. This vulnerability affects the function getReposAllUsers of the file /DocSystem/Repos/getReposAllUsers.do. The manipulation of the argument searchWord/reposId leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-215278 is the identifier assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4416&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4416]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4416') [N/A]('https://vuldb.com/?id.215278') [N/A]('https://gitee.com/RainyGao/DocSys/issues/I65QEE')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Use after free in Blink Media in Google Chrome prior to 108.0.5359.124 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4436&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4436]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4436') [MISC]('https://chromereleases.googleblog.com/2022/12/stable-channel-update-for-desktop_13.html') [MISC]('https://crbug.com/1383991')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Use after free in Mojo IPC in Google Chrome prior to 108.0.5359.124 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4437&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4437]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4437') [MISC]('https://crbug.com/1394692') [MISC]('https://chromereleases.googleblog.com/2022/12/stable-channel-update-for-desktop_13.html')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Use after free in Blink Frames in Google Chrome prior to 108.0.5359.124 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4438&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4438]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4438') [MISC]('https://chromereleases.googleblog.com/2022/12/stable-channel-update-for-desktop_13.html') [MISC]('https://crbug.com/1381871')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Use after free in Aura in Google Chrome on Windows prior to 108.0.5359.124 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions. (Chromium security severity: High)[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4439&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4439]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4439') [MISC]('https://crbug.com/1392661') [MISC]('https://chromereleases.googleblog.com/2022/12/stable-channel-update-for-desktop_13.html')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Use after free in Profiles in Google Chrome prior to 108.0.5359.124 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4440&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4440]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4440') [MISC]('https://chromereleases.googleblog.com/2022/12/stable-channel-update-for-desktop_13.html') [MISC]('https://crbug.com/1382761')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- sharepoint_foundation[/LEFT][/TD] [TD][LEFT]Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-44693.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44690&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44690]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44690') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44690')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- sharepoint_foundation[/LEFT][/TD] [TD][LEFT]Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-44690.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44693&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44693]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44693') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44693')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ax12_firmware[/LEFT][/TD] [TD][LEFT]Tenda AX12 V22.03.01.16_cn is vulnerable to command injection via goform/fast_setting_internet_set.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45043&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45043]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45043') [MISC]('https://github.com/The-Itach1/IOT-CVE/tree/master/Tenda/AX12/2')[/TD] [/TR] [TR] [TD][LEFT]open-emr -- openemr[/LEFT][/TD] [TD][LEFT]Unrestricted Upload of File with Dangerous Type in GitHub repository openemr/openemr prior to 7.0.0.2.[/LEFT][/TD] [TD][CENTER]2022-12-15[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4506&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4506]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4506') [CONFIRM]('https://huntr.dev/bounties/f423d193-4ab0-4f03-ad90-25e4f02e7942') [MISC]('https://github.com/openemr/openemr/commit/2e7678d812df167ea3c0756382408b670e8aa51f')[/TD] [/TR] [TR] [TD][LEFT]sens_project -- sens[/LEFT][/TD] [TD][LEFT]SENS v1.0 has a file upload vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45759&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45759]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45759') [MISC]('https://github.com/saysky/SENS/issues/20')[/TD] [/TR] [TR] [TD][LEFT]sens_project -- sens[/LEFT][/TD] [TD][LEFT]SENS v1.0 is vulnerable to Incorrect Access Control vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45760&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45760]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45760') [MISC]('https://github.com/saysky/SENS/issues/21')[/TD] [/TR] [TR] [TD][LEFT]alist_project -- alist[/LEFT][/TD] [TD][LEFT]Alist v3.4.0 is vulnerable to File Upload. A user with only file upload permission can upload any file to any folder (even a password protected one).[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45968&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45968]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45968') [MISC]('https://github.com/alist-org/alist/issues/2444')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ax12_firmware[/LEFT][/TD] [TD][LEFT]Tenda AX12 V22.03.01.21_CN was found to have a command injection vulnerability via /goform/setMacFilterCfg function.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45977&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45977]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45977') [MISC]('https://github.com/The-Itach1/IOT-CVE/tree/master/Tenda/AX12/3')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ax12_firmware[/LEFT][/TD] [TD][LEFT]Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via /goform/SysToolRestoreSet .[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45980&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45980]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45980') [MISC]('https://github.com/The-Itach1/IOT-CVE/tree/master/Tenda/AX12/6')[/TD] [/TR] [TR] [TD][LEFT]helmet_store_showroom_project -- helmet_store_showroom[/LEFT][/TD] [TD][LEFT]Helmet Store Showroom 1.0 is vulnerable to Cross Site Request Forgery (CSRF). An unauthenticated user can add an admin account due to missing CSRF protection.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46074&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46074]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46074') [MISC]('https://www.youtube.com/watch?v=5Q3vyTo02bc&ab_channel=IkariShinji')[/TD] [/TR] [TR] [TD][LEFT]akeneo -- product_information_management[/LEFT][/TD] [TD][LEFT]Akeneo PIM is an open source Product Information Management (PIM). Akeneo PIM Community Edition versions before v5.0.119 and v6.0.53 allows remote authenticated users to execute arbitrary PHP code on the server by uploading a crafted image. Akeneo PIM Community Edition after the versions aforementioned provides patched Apache HTTP server configuration file, for docker setup and in documentation sample, to fix this vulnerability. Community Edition users must change their Apache HTTP server configuration accordingly to be protected. The patch for Cloud Based Akeneo PIM Services customers has been applied since 30th October 2022. Users are advised to upgrade. Users unable to upgrade may Replace any reference to [ICODE][/ICODE] in their apache httpd configurations with: [ICODE][/ICODE].[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46157&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46157]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46157') [MISC]('https://github.com/akeneo/pim-community-dev/blob/b4d79bb073c8b68ea26ab227c97cc78d86c4cba1/docker/httpd.conf#L39') [MISC]('https://github.com/akeneo/pim-community-dev/security/advisories/GHSA-w9wc-4xcq-8gr6')[/TD] [/TR] [TR] [TD][LEFT]github -- enterprise_server[/LEFT][/TD] [TD][LEFT]A path traversal vulnerability was identified in GitHub Enterprise Server that allowed remote code execution when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the instance. This vulnerability was fixed in versions 3.3.17, 3.4.12, 3.5.9, 3.6.5 and 3.7.2. This vulnerability was reported via the GitHub Bug Bounty program.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46256&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46256]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46256') [MISC]('https://docs.github.com/en/[email protected]/admin/release-notes#3.5.9') [MISC]('https://docs.github.com/en/[email protected]/admin/release-notes#3.4.12') [MISC]('https://docs.github.com/en/[email protected]/admin/release-notes#3.6.5') [MISC]('https://docs.github.com/en/[email protected]/admin/release-notes#3.7.2') [MISC]('https://docs.github.com/en/[email protected]/admin/release-notes#3.3.17')[/TD] [/TR] [TR] [TD][LEFT]bangresto_project -- bangresto[/LEFT][/TD] [TD][LEFT]mesinkasir Bangresto 1.0 is vulnberable to SQL Injection via the itemqty%5B%5D parameter.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46443&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46443]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46443') [MISC]('https://www.youtube.com/watch?v=Dmjk6uOU8vY')[/TD] [/TR] [TR] [TD][LEFT]gnu -- grub2[/LEFT][/TD] [TD][LEFT]A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][8.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2601&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-2601]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2601') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2112975#c0')[/TD] [/TR] [TR] [TD][LEFT]sap -- netweaver_process_integration[/LEFT][/TD] [TD][LEFT]An unauthenticated attacker over the network can attach to an open interface exposed through JNDI by the User Defined Search (UDS) of SAP NetWeaver Process Integration (PI) - version 7.50 and make use of an open naming and directory API to access services which can be used to perform unauthorized operations affecting users and data across the entire system. This allows the attacker to have full read access to user data, make limited modifications to user data, and degrade the performance of the system, leading to a high impact on confidentiality and a limited impact on the availability and integrity of the application.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][8.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41272&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L')[/CENTER][/TD] [TD][CVE-2022-41272]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41272') [MISC]('https://launchpad.support.sap.com/#/notes/3273480') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]PowerShell Remote Code Execution Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][8.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41076&vector=CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41076]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41076') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41076')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- dynamics_nav[/LEFT][/TD] [TD][LEFT]Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][8.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41127&vector=CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41127]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41127') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41127')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In several functions of inputDispatcher.cpp, there is a possible way to make toasts clickable due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-197296414[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][8.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20444&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20444]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20444') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]tibco -- jasperreports_server[/LEFT][/TD] [TD][LEFT]The HTML escaping component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server - Community Edition, TIBCO JasperReports Server - Developer Edition, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for Microsoft Azure, and TIBCO JasperReports Server for Microsoft Azure contains an easily exploitable vulnerability that allows a privileged/administrative attacker with network access to execute an XSS attack on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO JasperReports Server: versions 8.0.2 and below, TIBCO JasperReports Server: version 8.1.0, TIBCO JasperReports Server - Community Edition: versions 8.1.0 and below, TIBCO JasperReports Server - Developer Edition: versions 8.1.0 and below, TIBCO JasperReports Server for AWS Marketplace: versions 8.0.2 and below, TIBCO JasperReports Server for AWS Marketplace: version 8.1.0, TIBCO JasperReports Server for Microsoft Azure: versions 8.0.2 and below, and TIBCO JasperReports Server for Microsoft Azure: version 8.1.0.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][8.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41562&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41562]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41562') [CONFIRM]('https://www.tibco.com/services/support/advisories') [CONFIRM]('https://www.tibco.com/support/advisories/2022/12/tibco-security-advisory-december-13-2022-tibco-jasperreports-server-cve-2022-41562')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- edge_chromium[/LEFT][/TD] [TD][LEFT]Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][8.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44708&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44708]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44708') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44708')[/TD] [/TR] [TR] [TD][LEFT]metersphere -- metersphere[/LEFT][/TD] [TD][LEFT]MeterSphere is a one-stop open source continuous testing platform. Versions prior to 2.4.1 are vulnerable to Path Injection in ApiTestCaseService::deleteBodyFiles which takes a user-controlled string id and passes it to ApiTestCaseService, which uses the user-provided value (testId) in new File(BODY_FILE_DIR + "/" + testId), being deleted later by file.delete(). By adding some camouflage parameters to the url, an attacker can target files on the server. The vulnerability has been fixed in v2.4.1.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23512&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-23512]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23512') [MISC]('https://github.com/metersphere/metersphere/security/advisories/GHSA-5mwp-xw7p-5j27')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- apq8009_firmware[/LEFT][/TD] [TD][LEFT]Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-33268&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-33268]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-33268') [CONFIRM]('https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin')[/TD] [/TR] [TR] [TD][LEFT]arubanetworks -- sd-wan[/LEFT][/TD] [TD][LEFT]An authenticated path traversal vulnerability exists in the ArubaOS command line interface. Successful exploitation of the vulnerability results in the ability to delete arbitrary files on the underlying operating system.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37906&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-37906]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37906') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-016.txt')[/TD] [/TR] [TR] [TD][LEFT]dpdgroup -- woocommerce_shipping[/LEFT][/TD] [TD][LEFT]The WooCommerce Shipping WordPress plugin through 1.2.11 does not have authorisation and CRSF in an AJAX action, which could allow any authenticated users, such as subscriber to delete arbitrary options from the blog, which could make the blog unavailable.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3999&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3999]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3999') [MISC]('https://wpscan.com/vulnerability/625ae924-68db-4579-a34f-e6f33aa33643')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-44676.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44670&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44670]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44670') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44670')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-44670.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44676&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44676]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44676') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44676')[/TD] [/TR] [TR] [TD][LEFT]siemens -- mendix_email_connector[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in Mendix Email Connector (All versions < V2.0.0). Affected versions of the module improperly handle access control for some module entities. This could allow authenticated remote attackers to read and manipulate sensitive information.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45936&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-45936]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45936') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-224632.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- mendix_workflow_commons[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in Mendix Workflow Commons (All versions < V2.4.0). Affected versions of the module improperly handle access control for some module entities. This could allow authenticated remote attackers to read or delete sensitive information.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46664&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-46664]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46664') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-210822.pdf')[/TD] [/TR] [TR] [TD][LEFT]msi -- wrapper[/LEFT][/TD] [TD][LEFT]EXEMSI MSI Wrapper Versions prior to 10.0.50 and at least since version 6.0.91 will introduce a local privilege escalation vulnerability in installers it creates.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-32415&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2021-32415]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-32415') [MISC]('http://exemsi.com') [MISC]('https://improsec.com/tech-blog/privilege-escalation-vulnerability-in-ninjarmm') [MISC]('http://msi.com')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In the user interface buttons of PermissionController, there is a possible way to bypass permissions dialogs due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12LAndroid ID: A-175190844[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-39617&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2021-39617]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-39617') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In bindRemoteViewsService of AppWidgetServiceImpl.java, there is a possible way to bypass background activity launch due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-234013191[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20470&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20470]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20470') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In readLazyValue of Parcel.java, there is a possible loading of arbitrary code into the System Settings app due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-240138294[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20474&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20474]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20474') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In test of ResetTargetTaskHelper.java, there is a possible hijacking of any app which sets allowTaskReparenting="true" due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-240663194[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20475&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20475]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20475') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In shouldHideNotification of KeyguardNotificationVisibilityProvider.kt, there is a possible way to show hidden notifications due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-241611867[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20477&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20477]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20477') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-241764135[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20478&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20478]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20478') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-241764340[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20479&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20479]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20479') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-241764350[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20480&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20480]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20480') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242702851[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20484&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20484]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20484') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242702935[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20485&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20485]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20485') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242703118[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20486&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20486]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20486') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242703202[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20487&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20487]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20487') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242703217[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20488&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20488]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20488') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242703556[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20491&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20491]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20491') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In getEnabledAccessibilityServiceList of AccessibilityManager.java, there is a possible way to hide an accessibility service due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-243849844[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20495&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20495]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20495') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In deletePackageVersionedInternal of DeletePackageHelper.java, there is a possible way to bypass carrier restrictions due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242996180[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20611&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20611]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20611') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- apq8096au_firmware[/LEFT][/TD] [TD][LEFT]Memory corruption in diag due to use after free while processing dci packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-25677&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-25677]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-25677') [CONFIRM]('https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- aqt1000_firmware[/LEFT][/TD] [TD][LEFT]Possible memory corruption in kernel while performing memory access due to hypervisor not correctly invalidated the processor translation caches in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-25681&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-25681]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-25681') [CONFIRM]('https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- apq8009_firmware[/LEFT][/TD] [TD][LEFT]Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-25682&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-25682]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-25682') [CONFIRM]('https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- apq8009_firmware[/LEFT][/TD] [TD][LEFT]Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-25695&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-25695]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-25695') [CONFIRM]('https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- sd_8_gen1_5g_firmware[/LEFT][/TD] [TD][LEFT]Memory corruption in i2c buses due to improper input validation while reading address configuration from i2c driver in Snapdragon Mobile, Snapdragon Wearables[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-25697&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-25697]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-25697') [CONFIRM]('https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- sd_8_gen1_5g_firmware[/LEFT][/TD] [TD][LEFT]Memory corruption in SPI buses due to improper input validation while reading address configuration from spi buses in Snapdragon Mobile, Snapdragon Wearables[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-25698&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-25698]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-25698') [CONFIRM]('https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- aqt1000_firmware[/LEFT][/TD] [TD][LEFT]Memory corruption in camera due to improper validation of array index in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-25711&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-25711]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-25711') [CONFIRM]('https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- aqt1000_firmware[/LEFT][/TD] [TD][LEFT]Memory corruption in camera due to buffer copy without checking size of input in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wearables[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-25712&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-25712]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-25712') [CONFIRM]('https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- 365_apps[/LEFT][/TD] [TD][LEFT]Microsoft Office Graphics Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26805, CVE-2022-26806, CVE-2022-44692, CVE-2022-47211, CVE-2022-47212, CVE-2022-47213.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-26804&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-26804]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-26804') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-26804')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- 365_apps[/LEFT][/TD] [TD][LEFT]Microsoft Office Graphics Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26804, CVE-2022-26806, CVE-2022-44692, CVE-2022-47211, CVE-2022-47212, CVE-2022-47213.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-26805&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-26805]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-26805') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-26805')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- 365_apps[/LEFT][/TD] [TD][LEFT]Microsoft Office Graphics Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26804, CVE-2022-26805, CVE-2022-44692, CVE-2022-47211, CVE-2022-47212, CVE-2022-47213.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-26806&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-26806]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-26806') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-26806')[/TD] [/TR] [TR] [TD][LEFT]secomea -- gatemanager[/LEFT][/TD] [TD][LEFT]A vulnerability in the web server of Secomea GateManager allows a local user to impersonate as the previous user under some failed login conditions. This issue affects: Secomea GateManager versions from 9.4 through 9.7.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2752&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-2752]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2752') [MISC]('https://www.secomea.com/support/cybersecurity-advisory')[/TD] [/TR] [TR] [TD][LEFT]altair -- hyperview_player[/LEFT][/TD] [TD][LEFT]Altair HyperView Player versions 2021.1.0.27 and prior perform operations on a memory buffer but can read from or write to a memory location outside of the intended boundary of the buffer. This hits initially as a read access violation, leading to a memory corruption situation.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2947&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-2947]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2947') [MISC]('https://www.cisa.gov/uscert/ics/advisories/icsa-22-284-01')[/TD] [/TR] [TR] [TD][LEFT]altair -- hyperview_player[/LEFT][/TD] [TD][LEFT]Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading to memory corruption.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2949&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-2949]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2949') [MISC]('https://www.cisa.gov/uscert/ics/advisories/icsa-22-284-01')[/TD] [/TR] [TR] [TD][LEFT]google -- google_search[/LEFT][/TD] [TD][LEFT]There exists a path traversal vulnerability in the Android Google Search app. This is caused by the incorrect usage of uri.getLastPathSegment. A symbolic encoded string can bypass the path logic to get access to unintended directories. An attacker can manipulate paths that could lead to code execution on the device. We recommend upgrading beyond version 13.41[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-29580&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-29580]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-29580') [MISC]('https://support.google.com/faqs/answer/7496913?hl=en')[/TD] [/TR] [TR] [TD][LEFT]wp_csv_exporter_project -- wp_csv_exporter[/LEFT][/TD] [TD][LEFT]The WP CSV Exporter WordPress plugin before 1.3.7 does not properly escape the fields when exporting data as CSV, leading to a CSV injection vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3605&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3605]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3605') [MISC]('https://wpscan.com/vulnerability/28ecdf61-e478-42c3-87c0-80a9912eadb2')[/TD] [/TR] [TR] [TD][LEFT]hp -- support_assistant[/LEFT][/TD] [TD][LEFT]HP Support Assistant uses HP Performance Tune-up as a diagnostic tool. HP Support Assistant uses Fusion to launch HP Performance Tune-up. It is possible for an attacker to exploit the DLL hijacking vulnerability and elevate privileges when Fusion launches the HP Performance Tune-up.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-38395&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-38395]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-38395') [MISC]('https://support.hp.com/us-en/document/ish_6788123-6788147-16/hpsbhf03809')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Fax Compose Form Elevation of Privilege Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41077&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41077]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41077') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41077')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2012[/LEFT][/TD] [TD][LEFT]Windows Hyper-V Elevation of Privilege Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41094&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41094]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41094') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41094')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Graphics Component Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-44671, CVE-2022-44680, CVE-2022-44697.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41121&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41121]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41121') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41121')[/TD] [/TR] [TR] [TD][LEFT]siemens -- teamcenter_visualization[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains an out of bounds read vulnerability when parsing a CGM file. An attacker can leverage this vulnerability to execute code in the context of the current process.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41281&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41281]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41281') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- teamcenter_visualization[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains an out of bounds read vulnerability when parsing a CGM file. An attacker can leverage this vulnerability to execute code in the context of the current process.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41282&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41282]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41282') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- teamcenter_visualization[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains an out of bounds write vulnerability when parsing a CGM file. An attacker can leverage this vulnerability to execute code in the context of the current process.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41283&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41283]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41283') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- teamcenter_visualization[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains an out of bounds read vulnerability when parsing a CGM file. An attacker can leverage this vulnerability to execute code in the context of the current process.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41284&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41284]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41284') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- teamcenter_visualization[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains a use-after-free vulnerability that could be triggered while parsing specially crafted CGM files. An attacker could leverage this vulnerability to execute code in the context of the current process.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41285&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41285]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41285') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- teamcenter_visualization[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains an out of bounds write vulnerability when parsing a CGM file. An attacker can leverage this vulnerability to execute code in the context of the current process.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41286&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41286]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41286') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- star-ccm\+[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in Simcenter STAR-CCM+ (All versions). The affected application improperly assigns file permissions to installation folders. This could allow a local attacker with an unprivileged account to override or modify the service executables and subsequently gain elevated privileges.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43517&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43517]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43517') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-930100.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- sicam_pas[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0). Affected software does not properly secure a folder containing library files. This could allow an attacker to place a custom malicious DLL in this folder which is then run with SYSTEM rights when a service is started that requires this DLL. At the time of assigning the CVE, the affected firmware version of the component has already been superseded by succeeding mainline versions.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43722&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43722]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43722') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-849072.pdf')[/TD] [/TR] [TR] [TD][LEFT]radare -- radare2[/LEFT][/TD] [TD][LEFT]Integer Overflow or Wraparound in GitHub repository radareorg/radare2 prior to 5.8.0.[/LEFT][/TD] [TD][CENTER]2022-12-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4398&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4398]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4398') [MISC]('https://github.com/radareorg/radare2/commit/b53a1583d05c3a5bfe5fa60da133fe59dfbb02b8') [CONFIRM]('https://huntr.dev/bounties/c6f8d3ef-5420-4eba-9a5f-aba5e2b5fea2')[/TD] [/TR] [TR] [TD][LEFT]trendmicro -- apex_one[/LEFT][/TD] [TD][LEFT]An out-of-bounds access vulnerability in the Unauthorized Change Prevention service of Trend Micro Apex One and Apex One as a Service could allow a local attacker to elevate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44649&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44649]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44649') [MISC]('https://www.zerodayinitiative.com/advisories/ZDI-22-1619/') [MISC]('https://success.trendmicro.com/solution/000291770')[/TD] [/TR] [TR] [TD][LEFT]trendmicro -- apex_one[/LEFT][/TD] [TD][LEFT]A memory corruption vulnerability in the Unauthorized Change Prevention service of Trend Micro Apex One and Apex One as a Service could allow a local attacker to elevate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44650&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44650]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44650') [MISC]('https://www.zerodayinitiative.com/advisories/ZDI-22-1616/') [MISC]('https://success.trendmicro.com/solution/000291770')[/TD] [/TR] [TR] [TD][LEFT]trendmicro -- apex_one[/LEFT][/TD] [TD][LEFT]An improper handling of exceptional conditions vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44652&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44652]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44652') [MISC]('https://www.zerodayinitiative.com/advisories/ZDI-22-1621/') [MISC]('https://success.trendmicro.com/solution/000291770')[/TD] [/TR] [TR] [TD][LEFT]trendmicro -- apex_one[/LEFT][/TD] [TD][LEFT]A security agent directory traversal vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44653&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44653]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44653') [MISC]('https://www.zerodayinitiative.com/advisories/ZDI-22-1622/') [MISC]('https://success.trendmicro.com/solution/000291770')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Contacts Remote Code Execution Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44666&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44666]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44666') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44666')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Media Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-44668.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44667&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44667]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44667') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44667')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Media Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-44667.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44668&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44668]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44668') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44668')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_10[/LEFT][/TD] [TD][LEFT]Windows Graphics Component Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41121, CVE-2022-44680, CVE-2022-44697.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44671&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44671]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44671') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44671')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Bluetooth Driver Elevation of Privilege Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44675&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44675]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44675') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44675')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2019[/LEFT][/TD] [TD][LEFT]Windows Projected File System Elevation of Privilege Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44677&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44677]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44677') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44677')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-44681.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44678&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44678]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44678') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44678')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2012[/LEFT][/TD] [TD][LEFT]Windows Graphics Component Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41121, CVE-2022-44671, CVE-2022-44697.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44680&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44680]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44680') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44680')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-44678.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44681&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44681]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44681') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44681')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2012[/LEFT][/TD] [TD][LEFT]Windows Kernel Elevation of Privilege Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44683&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44683]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44683') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44683')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- raw_image_extension[/LEFT][/TD] [TD][LEFT]Raw Image Extension Remote Code Execution Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44687&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44687]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44687') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44687')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2019[/LEFT][/TD] [TD][LEFT]Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44689&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44689]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44689') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44689')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- office[/LEFT][/TD] [TD][LEFT]Microsoft Office OneNote Remote Code Execution Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44691&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44691]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44691') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44691')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- office[/LEFT][/TD] [TD][LEFT]Microsoft Office Graphics Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26804, CVE-2022-26805, CVE-2022-26806, CVE-2022-47211, CVE-2022-47212, CVE-2022-47213.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44692&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44692]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44692') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44692')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- 365_apps[/LEFT][/TD] [TD][LEFT]Microsoft Office Visio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-44695, CVE-2022-44696.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44694&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44694]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44694') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44694')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- visio[/LEFT][/TD] [TD][LEFT]Microsoft Office Visio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-44694, CVE-2022-44696.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44695&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44695]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44695') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44695')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- 365_apps[/LEFT][/TD] [TD][LEFT]Microsoft Office Visio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-44694, CVE-2022-44695.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44696&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44696]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44696') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44696')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Graphics Component Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41121, CVE-2022-44671, CVE-2022-44680.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44697&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44697]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44697') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44697')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- terminal[/LEFT][/TD] [TD][LEFT]Windows Terminal Remote Code Execution Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44702&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44702]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44702') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44702')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_sysmon[/LEFT][/TD] [TD][LEFT]Microsoft Windows Sysmon Elevation of Privilege Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44704&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44704]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44704') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44704')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_11[/LEFT][/TD] [TD][LEFT]DirectX Graphics Kernel Elevation of Privilege Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44710&vector=CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44710]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44710') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44710')[/TD] [/TR] [TR] [TD][LEFT]asus -- aura_sync[/LEFT][/TD] [TD][LEFT]The MsIo64.sys component in Asus Aura Sync through v1.07.79 does not properly validate input to IOCTL 0x80102040, 0x80102044, 0x80102050, and 0x80102054, allowing attackers to trigger a memory corruption and cause a Denial of Service (DoS) or escalate privileges via crafted IOCTL requests.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44898&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44898]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44898') [MISC]('https://heegong.github.io/posts/ASUS-AuraSync-Kernel-Stack-Based-Buffer-Overflow-Local-Privilege-Escalation/') [MISC]('https://www.asus.com/campaign/aura/us/download.php') [MISC]('https://www.asus.com/content/ASUS-Product-Security-Advisory/')[/TD] [/TR] [TR] [TD][LEFT]quarkslab -- binbloom[/LEFT][/TD] [TD][LEFT]Binbloom 2.0 was discovered to contain a heap buffer overflow via the read_pointer function at /binbloom-master/src/helpers.c.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44910&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44910]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44910') [MISC]('https://github.com/yangfar/CVE/blob/main/Reference%20of%20Binbloom.md')[/TD] [/TR] [TR] [TD][LEFT]siemens -- parasolid[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19070)[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46345&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46345]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46345') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-588101.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- parasolid[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19071)[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46346&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46346]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46346') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-588101.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- parasolid[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19079)[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46347&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46347]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46347') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-588101.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- parasolid[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19383)[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46348&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46348]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46348') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-588101.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- parasolid[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19384)[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46349&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46349]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46349') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-588101.pdf')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- 365_apps[/LEFT][/TD] [TD][LEFT]Microsoft Office Graphics Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26804, CVE-2022-26805, CVE-2022-26806, CVE-2022-44692, CVE-2022-47211, CVE-2022-47213.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-47212&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-47212]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-47212') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-47212')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- 365_apps[/LEFT][/TD] [TD][LEFT]Microsoft Office Graphics Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26804, CVE-2022-26805, CVE-2022-26806, CVE-2022-44692, CVE-2022-47211, CVE-2022-47212.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-47213&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-47213]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-47213') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-47213')[/TD] [/TR] [TR] [TD][LEFT]siemens -- simatic_s7-plcsim_advanced_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V3.0.1), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.6.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.0.1), SIMATIC S7-1500 Software Controller (All versions), SIMATIC S7-PLCSIM Advanced (All versions < V5.0), SIPLUS TIM 1531 IRC (All versions), TIM 1531 IRC (All versions). Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial-of-service in the device.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-40365&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2021-40365]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-40365') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- simatic_s7-plcsim_advanced_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V3.0.1), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.6.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.0.1), SIMATIC S7-1500 Software Controller (All versions), SIMATIC S7-PLCSIM Advanced (All versions < V5.0), SIPLUS TIM 1531 IRC (All versions), TIM 1531 IRC (All versions). Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial-of-service in the device.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-44693&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2021-44693]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-44693') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- simatic_s7-plcsim_advanced_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V3.0.1), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.6.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.0.1), SIMATIC S7-1500 Software Controller (All versions), SIMATIC S7-PLCSIM Advanced (All versions < V5.0), SIPLUS TIM 1531 IRC (All versions), TIM 1531 IRC (All versions). Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial-of-service in the device.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-44694&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2021-44694]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-44694') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- simatic_s7-plcsim_advanced_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V3.0.1), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.6.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.0.1), SIMATIC S7-1500 Software Controller (All versions), SIMATIC S7-PLCSIM Advanced (All versions < V5.0), SIPLUS TIM 1531 IRC (All versions), TIM 1531 IRC (All versions). Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial-of-service in the device.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-44695&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2021-44695]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-44695') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In several functions that parse avrc response in avrc_pars_ct.cc and related files, there are possible out of bounds reads due to integer overflows. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242459126[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20483&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-20483]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20483') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]freshrss -- freshrss[/LEFT][/TD] [TD][LEFT]FreshRSS is a free, self-hostable RSS aggregator. User configuration files can be accessed by a remote user. In addition to user preferences, such configurations contain hashed passwords (brypt with cost 9, salted) of FreshRSS Web interface. If the API is used, the configuration might contain a hashed password (brypt with cost 9, salted) of the GReader API, and a hashed password (MD5 salted) of the Fever API. Users should update to version 1.20.2 or edge. Users unable to upgrade can apply the patch manually or delete the file [ICODE]./FreshRSS/p/ext.php[/ICODE].[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23497&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-23497]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23497') [MISC]('https://github.com/FreshRSS/FreshRSS/pull/4928') [MISC]('https://github.com/FreshRSS/FreshRSS/security/advisories/GHSA-hvrj-5fwj-p7v6') [MISC]('https://github.com/FreshRSS/FreshRSS/releases/tag/1.20.2')[/TD] [/TR] [TR] [TD][LEFT]typo3 -- typo3[/LEFT][/TD] [TD][LEFT]TYPO3 is an open source PHP based web content management system. In versions prior to 9.5.38, 10.4.33, 11.5.20, and 12.1.1, requesting invalid or non-existing resources via HTTP triggers the page error handler, which again could retrieve content to be shown as an error message from another page. This leads to a scenario in which the application is calling itself recursively - amplifying the impact of the initial attack until the limits of the web server are exceeded. This vulnerability is very similar, but not identical, to the one described in CVE-2021-21359. This issue is patched in versions 9.5.38 ELTS, 10.4.33, 11.5.20 or 12.1.1.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23500&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-23500]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23500') [MISC]('https://github.com/TYPO3/typo3/security/advisories/GHSA-8c28-5mp7-v24h')[/TD] [/TR] [TR] [TD][LEFT]auth0 -- passport-wsfed-saml2[/LEFT][/TD] [TD][LEFT]Passport-wsfed-saml2 is a ws-federation protocol and SAML2 tokens authentication provider for Passport. In versions prior to 4.6.3, a remote attacker may be able to bypass WSFed authentication on a website using passport-wsfed-saml2. A successful attack requires that the attacker is in possession of an arbitrary IDP signed assertion. Depending on the IDP used, fully unauthenticated attacks (e.g without access to a valid user) might also be feasible if generation of a signed message can be triggered. This issue is patched in version 4.6.3. Use of SAML2 authentication instead of WSFed is a workaround.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23505&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-23505]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23505') [MISC]('https://github.com/auth0/passport-wsfed-saml2/security/advisories/GHSA-ppjq-qxhx-m25f')[/TD] [/TR] [TR] [TD][LEFT]rails_html_sanitizer_project -- rails_html_sanitizer[/LEFT][/TD] [TD][LEFT]rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Certain configurations of rails-html-sanitizer < 1.4.4 use an inefficient regular expression that is susceptible to excessive backtracking when attempting to sanitize certain SVG attributes. This may lead to a denial of service through CPU resource consumption. This issue has been patched in version 1.4.4.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23517&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-23517]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23517') [MISC]('https://hackerone.com/reports/1684163') [MISC]('https://github.com/rails/rails-html-sanitizer/security/advisories/GHSA-5x79-w82f-gw8w') [MISC]('https://github.com/rails/rails-html-sanitizer/commit/56c61c0cebd1e493e8ad7bca2a0191609a4a6979')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- ar8035_firmware[/LEFT][/TD] [TD][LEFT]Denial of service in MODEM due to reachable assertion while processing SIB1 with invalid Bandwidth in Snapdragon Mobile[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-25672&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-25672]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-25672') [CONFIRM]('https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- ar8035_firmware[/LEFT][/TD] [TD][LEFT]Denial of service in MODEM due to reachable assertion while processing configuration from network in Snapdragon Mobile[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-25673&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-25673]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-25673') [CONFIRM]('https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- apq8009_firmware[/LEFT][/TD] [TD][LEFT]Denial of service in Modem module due to improper authorization while error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-25685&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-25685]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-25685') [CONFIRM]('https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- ar8035_firmware[/LEFT][/TD] [TD][LEFT]Denial of service in Modem due to reachable assertion in Snapdragon Mobile[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-25689&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-25689]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-25689') [CONFIRM]('https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- ar8035_firmware[/LEFT][/TD] [TD][LEFT]Denial of service in Modem due to reachable assertion while processing SIB1 with invalid SCS and bandwidth settings in Snapdragon Mobile[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-25691&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-25691]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-25691') [CONFIRM]('https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- ar8035_firmware[/LEFT][/TD] [TD][LEFT]Denial of service in Modem due to reachable assertion while processing the common config procedure in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-25692&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-25692]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-25692') [CONFIRM]('https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- apq8009_firmware[/LEFT][/TD] [TD][LEFT]Denial of service in modem due to reachable assertion while processing reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-25702&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-25702]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-25702') [CONFIRM]('https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin')[/TD] [/TR] [TR] [TD][LEFT]bluetooth -- bluetooth_core_specification[/LEFT][/TD] [TD][LEFT]Bluetooth® Low Energy Pairing in Bluetooth Core Specification v4.0 through v5.3 may permit an unauthenticated MITM to acquire credentials with two pairing devices via adjacent access when the MITM negotiates Legacy Passkey Pairing with the pairing Initiator and Secure Connections Passkey Pairing with the pairing Responder and brute forces the Passkey entered by the user into the Initiator. The MITM attacker can use the identified Passkey value to complete authentication with the Responder via Bluetooth pairing method confusion.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-25836&vector=CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-25836]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-25836') [CONFIRM]('https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security/')[/TD] [/TR] [TR] [TD][LEFT]bluetooth -- bluetooth_core_specification[/LEFT][/TD] [TD][LEFT]Bluetooth® Pairing in Bluetooth Core Specification v1.0B through v5.3 may permit an unauthenticated MITM to acquire credentials with two pairing devices via adjacent access when at least one device supports BR/EDR Secure Connections pairing and the other BR/EDR Legacy PIN code pairing if the MITM negotiates BR/EDR Secure Simple Pairing in Secure Connections mode using the Passkey association model with the pairing Initiator and BR/EDR Legacy PIN code pairing with the pairing Responder and brute forces the Passkey entered by the user into the Responder as a 6-digit PIN code. The MITM attacker can use the identified PIN code value as the Passkey value to complete authentication with the Initiator via Bluetooth pairing method confusion.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-25837&vector=CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-25837]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-25837') [CONFIRM]('https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security/')[/TD] [/TR] [TR] [TD][LEFT]deltaww -- dialink[/LEFT][/TD] [TD][LEFT]Delta Industrial Automation DIALink versions 1.4.0.0 and prior are vulnerable to the use of a hard-coded cryptographic key which could allow an attacker to decrypt sensitive data and compromise the machine.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2660&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-2660]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2660') [MISC]('https://www.cisa.gov/uscert/ics/advisories/icsa-22-235-02')[/TD] [/TR] [TR] [TD][LEFT]hp -- pagewide_352dw_j6u57a_firmware[/LEFT][/TD] [TD][LEFT]Certain HP PageWide Pro Printers may be vulnerable to a potential denial of service attack.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2794&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-2794]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2794') [MISC]('https://support.hp.com/us-en/document/ish_6720386-6720411-16/hpsbpi03807')[/TD] [/TR] [TR] [TD][LEFT]vmware -- vrealize_network_insight[/LEFT][/TD] [TD][LEFT]vRealize Network Insight (vRNI) directory traversal vulnerability in vRNI REST API. A malicious actor with network access to the vRNI REST API can read arbitrary files from the server.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-31703&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-31703]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-31703') [MISC]('https://www.vmware.com/security/advisories/VMSA-2022-0031.html')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- apq8009_firmware[/LEFT][/TD] [TD][LEFT]Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-33235&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-33235]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-33235') [CONFIRM]('https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- apq8009_firmware[/LEFT][/TD] [TD][LEFT]Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-33238&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-33238]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-33238') [CONFIRM]('https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin')[/TD] [/TR] [TR] [TD][LEFT]ifm -- moneo_qha210_firmware[/LEFT][/TD] [TD][LEFT]In IFM Moneo Appliance with version up to 1.9.3 an unauthenticated remote attacker can reset the administrator password by only supplying the serial number.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3485&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-3485]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3485') [MISC]('https://cert.vde.com/en/advisories/VDE-2022-050/')[/TD] [/TR] [TR] [TD][LEFT]google -- protobuf-javalite[/LEFT][/TD] [TD][LEFT]A parsing issue similar to CVE-2022-3171, but with textformat in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3509&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-3509]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3509') [MISC]('https://github.com/protocolbuffers/protobuf/commit/a3888f53317a8018e7a439bac4abeb8f3425d5e9')[/TD] [/TR] [TR] [TD][LEFT]google -- protobuf-javalite[/LEFT][/TD] [TD][LEFT]A parsing issue similar to CVE-2022-3171, but with Message-Type Extensions in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3510&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-3510]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3510') [MISC]('https://github.com/protocolbuffers/protobuf/commit/db7c17803320525722f45c1d26fc08bc41d1bf48')[/TD] [/TR] [TR] [TD][LEFT]wireshark -- wireshark[/LEFT][/TD] [TD][LEFT]Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file on Windows[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3724&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-3724]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3724') [MISC]('https://gitlab.com/wireshark/wireshark/-/issues/18384') [MISC]('https://www.wireshark.org/security/wnpa-sec-2022-08.html') [CONFIRM]('https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3724.json')[/TD] [/TR] [TR] [TD][LEFT]arubanetworks -- sd-wan[/LEFT][/TD] [TD][LEFT]A vulnerability exists in the ArubaOS bootloader on 7xxx series controllers which can result in a denial of service (DoS) condition on an impacted system. A successful attacker can cause a system hang which can only be resolved via a power cycle of the impacted controller.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37907&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-37907]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37907') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-016.txt')[/TD] [/TR] [TR] [TD][LEFT]arubanetworks -- edgeconnect_enterprise[/LEFT][/TD] [TD][LEFT]A vulnerability exists in the API of Aruba EdgeConnect Enterprise. An unauthenticated attacker can exploit this condition via the web-based management interface to create a denial-of-service condition which prevents the appliance from properly responding to API requests in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below;[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37919&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-37919]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37919') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-018.txt')[/TD] [/TR] [TR] [TD][LEFT]wpeverest -- user_registration[/LEFT][/TD] [TD][LEFT]The User Registration WordPress plugin before 2.2.4.1 does not properly restrict the files to be uploaded via an AJAX action available to both unauthenticated and authenticated users, which could allow unauthenticated users to upload PHP files for example.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3912&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-3912]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3912') [MISC]('https://wpscan.com/vulnerability/968c677c-1beb-459b-8fd1-7f70bcaa4f74')[/TD] [/TR] [TR] [TD][LEFT]openssl -- openssl[/LEFT][/TD] [TD][LEFT]If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some operating systems (most widely: Windows) this results in a denial of service when the affected process hangs. Policy processing being enabled on a publicly facing server is not considered to be a common setup. Policy processing is enabled by passing the `-policy' argument to the command line utilities or by calling either `X509_VERIFY_PARAM_add0_policy()' or `X509_VERIFY_PARAM_set1_policies()' functions.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3996&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-3996]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3996') [MISC]('https://github.com/openssl/openssl/commit/7725e7bfe6f2ce8146b6552b44e0d226be7638e7') [MISC]('https://www.openssl.org/news/secadv/20221213.txt')[/TD] [/TR] [TR] [TD][LEFT]sap -- business_planning_and_consolidation[/LEFT][/TD] [TD][LEFT]In some SAP standard roles in SAP Business Planning and Consolidation - versions - SAP_BW 750, 751, 752, 753, 754, 755, 756, 757, DWCORE 200, 300, CPMBPC 810, a transaction code reserved for the customer is used. By implementing such transaction code, a malicious user may execute unauthorized transaction functionality. Under specific circumstances, a successful attack could enable an adversary to escalate their privileges to be able to read, change or delete system data.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41268&vector=CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41268]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41268') [MISC]('https://launchpad.support.sap.com/#/notes/3271091') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html')[/TD] [/TR] [TR] [TD][LEFT]superwhite -- demon_image_annotation[/LEFT][/TD] [TD][LEFT]The demon image annotation plugin for WordPress is vulnerable to improper input validation in versions up to, and including 5.0. This is due to the plugin improperly validating the number of characters supplied during an annotation despite there being a setting to limit the number characters input. This means that unauthenticated attackers can bypass the length restrictions and input more characters than allowed via the settings.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4171&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-4171]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4171') [MISC]('https://www.wordfence.com/threat-intel/vulnerabilities/id/ac5549ec-f931-4b13-b5f9-0d6f3e53aae4') [MISC]('https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2830349%40demon-image-annotation&new=2830349%40demon-image-annotation&sfp_email=&sfph_mail=')[/TD] [/TR] [TR] [TD][LEFT]siemens -- sicam_pas[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0), SICAM PAS/PQS (All versions >= 7.0 < V8.06). Affected software does not properly validate the input for a certain parameter in the s7ontcp.dll. This could allow an unauthenticated remote attacker to send messages and create a denial of service condition as the application crashes. At the time of assigning the CVE, the affected firmware version of the component has already been superseded by succeeding mainline versions.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43723&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-43723]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43723') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-849072.pdf')[/TD] [/TR] [TR] [TD][LEFT]hp -- m2u75a_firmware[/LEFT][/TD] [TD][LEFT]Certain HP ENVY, OfficeJet, and DeskJet printers may be vulnerable to a Denial of Service attack.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43780&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-43780]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43780') [MISC]('https://support.hp.com/us-en/document/ish_7095452-7095489-16/hpsbpi03813')[/TD] [/TR] [TR] [TD][LEFT]phpmyfaq -- phpmyfaq[/LEFT][/TD] [TD][LEFT]Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository thorsten/phpmyfaq prior to 3.1.9.[/LEFT][/TD] [TD][CENTER]2022-12-11[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4409&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-4409]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4409') [MISC]('https://github.com/thorsten/phpmyfaq/commit/8b47f38') [CONFIRM]('https://huntr.dev/bounties/5915ed4c-5fe2-42e7-8fac-5dd0d032727c')[/TD] [/TR] [TR] [TD][LEFT]trendmicro -- apex_one[/LEFT][/TD] [TD][LEFT]Affected builds of Trend Micro Apex One and Apex One as a Service contain a monitor engine component that is complied without the /SAFESEH memory protection mechanism which helps to monitor for malicious payloads. The affected component's memory protection mechanism has been updated to enhance product security.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44654&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-44654]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44654') [MISC]('https://success.trendmicro.com/solution/000291770')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- office[/LEFT][/TD] [TD][LEFT]Microsoft Outlook for Mac Spoofing Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44713&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-44713]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44713') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44713')[/TD] [/TR] [TR] [TD][LEFT]interspire -- email_marketer[/LEFT][/TD] [TD][LEFT]Interspire Email Marketer through 6.5.1 allows SQL Injection via the surveys module. An unauthenticated attacker could successfully perform an attack to extract potentially sensitive information from the database if the survey id exists.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44790&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-44790]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44790') [MISC]('https://www.interspire.com/security-bulletin-2022-44790/')[/TD] [/TR] [TR] [TD][LEFT]open-emr -- openemr[/LEFT][/TD] [TD][LEFT]Improper Input Validation in GitHub repository openemr/openemr prior to 7.0.0.2.[/LEFT][/TD] [TD][CENTER]2022-12-15[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4504&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-4504]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4504') [MISC]('https://github.com/openemr/openemr/commit/37d7ed4855763fc588485f05b2e9cc0944f71879') [CONFIRM]('https://huntr.dev/bounties/f50538cb-99d3-411d-bd1a-5f36d1fa9f5d')[/TD] [/TR] [TR] [TD][LEFT]siemens -- siprotec_5_6md85_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in SIPROTEC 5 6MD85 devices (CPU variant CP200) (All versions), SIPROTEC 5 6MD85 devices (CPU variant CP300) (All versions), SIPROTEC 5 6MD86 devices (CPU variant CP200) (All versions), SIPROTEC 5 6MD86 devices (CPU variant CP300) (All versions), SIPROTEC 5 6MD89 devices (CPU variant CP300) (All versions), SIPROTEC 5 6MU85 devices (CPU variant CP300) (All versions), SIPROTEC 5 7KE85 devices (CPU variant CP200) (All versions), SIPROTEC 5 7KE85 devices (CPU variant CP300) (All versions), SIPROTEC 5 7SA82 devices (CPU variant CP100) (All versions), SIPROTEC 5 7SA82 devices (CPU variant CP150) (All versions), SIPROTEC 5 7SA86 devices (CPU variant CP200) (All versions), SIPROTEC 5 7SA86 devices (CPU variant CP300) (All versions), SIPROTEC 5 7SA87 devices (CPU variant CP200) (All versions), SIPROTEC 5 7SA87 devices (CPU variant CP300) (All versions), SIPROTEC 5 7SD82 devices (CPU variant CP100) (All versions), SIPROTEC 5 7SD82 devices (CPU variant CP150) (All versions), SIPROTEC 5 7SD86 devices (CPU variant CP200) (All versions), SIPROTEC 5 7SD86 devices (CPU variant CP300) (All versions), SIPROTEC 5 7SD87 devices (CPU variant CP200) (All versions), SIPROTEC 5 7SD87 devices (CPU variant CP300) (All versions), SIPROTEC 5 7SJ81 devices (CPU variant CP100) (All versions), SIPROTEC 5 7SJ81 devices (CPU variant CP150) (All versions), SIPROTEC 5 7SJ82 devices (CPU variant CP100) (All versions), SIPROTEC 5 7SJ82 devices (CPU variant CP150) (All versions), SIPROTEC 5 7SJ85 devices (CPU variant CP200) (All versions), SIPROTEC 5 7SJ85 devices (CPU variant CP300) (All versions), SIPROTEC 5 7SJ86 devices (CPU variant CP200) (All versions), SIPROTEC 5 7SJ86 devices (CPU variant CP300) (All versions), SIPROTEC 5 7SK82 devices (CPU variant CP100) (All versions), SIPROTEC 5 7SK82 devices (CPU variant CP150) (All versions), SIPROTEC 5 7SK85 devices (CPU variant CP200) (All versions), SIPROTEC 5 7SK85 devices (CPU variant CP300) (All versions), SIPROTEC 5 7SL82 devices (CPU variant CP100) (All versions), SIPROTEC 5 7SL82 devices (CPU variant CP150) (All versions), SIPROTEC 5 7SL86 devices (CPU variant CP200) (All versions), SIPROTEC 5 7SL86 devices (CPU variant CP300) (All versions), SIPROTEC 5 7SL87 devices (CPU variant CP200) (All versions), SIPROTEC 5 7SL87 devices (CPU variant CP300) (All versions), SIPROTEC 5 7SS85 devices (CPU variant CP200) (All versions), SIPROTEC 5 7SS85 devices (CPU variant CP300) (All versions), SIPROTEC 5 7ST85 devices (CPU variant CP200) (All versions), SIPROTEC 5 7ST85 devices (CPU variant CP300) (All versions), SIPROTEC 5 7SX85 devices (CPU variant CP300) (All versions), SIPROTEC 5 7UM85 devices (CPU variant CP300) (All versions), SIPROTEC 5 7UT82 devices (CPU variant CP100) (All versions), SIPROTEC 5 7UT82 devices (CPU variant CP150) (All versions), SIPROTEC 5 7UT85 devices (CPU variant CP200) (All versions), SIPROTEC 5 7UT85 devices (CPU variant CP300) (All versions), SIPROTEC 5 7UT86 devices (CPU variant CP200) (All versions), SIPROTEC 5 7UT86 devices (CPU variant CP300) (All versions), SIPROTEC 5 7UT87 devices (CPU variant CP200) (All versions), SIPROTEC 5 7UT87 devices (CPU variant CP300) (All versions), SIPROTEC 5 7VE85 devices (CPU variant CP300) (All versions), SIPROTEC 5 7VK87 devices (CPU variant CP200) (All versions), SIPROTEC 5 7VK87 devices (CPU variant CP300) (All versions), SIPROTEC 5 Communication Module ETH-BA-2EL (All versions), SIPROTEC 5 Communication Module ETH-BB-2FO (All versions), SIPROTEC 5 Communication Module ETH-BD-2FO (All versions), SIPROTEC 5 Compact 7SX800 devices (CPU variant CP050) (All versions). Affected devices do not properly restrict secure client-initiated renegotiations within the SSL and TLS protocols. This could allow an attacker to create a denial of service condition on the ports 443/tcp and 4443/tcp for the duration of the attack.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45044&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45044]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45044') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-552874.pdf')[/TD] [/TR] [TR] [TD][LEFT]dragino -- lg01_lora_firmware[/LEFT][/TD] [TD][LEFT]The web portal of Dragino Lora LG01 18ed40 IoT v4.3.4 has the directory listing at the URL https://10.10.20.74/lib/ . This address has a backup file which can be downloaded without any authentication.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45227&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-45227]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45227') [MISC]('https://sectrio.com/vulnerability-research/cve-2022-45227/')[/TD] [/TR] [TR] [TD][LEFT]gmaolinx -- linx_sphere[/LEFT][/TD] [TD][LEFT]A directory traversal vulnerability in the component SCS.Web.Server.SPI/1.0 of Linx Sphere LINX 7.35.ST15 allows attackers to read arbitrary files.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45269&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-45269]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45269') [MISC]('https://gist.github.com/robotshell/7b97af98c5dc0cacd57e6bfac90019cd')[/TD] [/TR] [TR] [TD][LEFT]jettison_project -- jettison[/LEFT][/TD] [TD][LEFT]A stack overflow in Jettison before v1.5.2 allows attackers to cause a Denial of Service (DoS) via crafted JSON data.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45685&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45685]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45685') [MISC]('https://github.com/jettison-json/jettison/issues/54')[/TD] [/TR] [TR] [TD][LEFT]hutool -- hutool[/LEFT][/TD] [TD][LEFT]A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45688&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45688]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45688') [MISC]('https://github.com/dromara/hutool/issues/2748') [MISC]('https://github.com/stleary/JSON-java/issues/708')[/TD] [/TR] [TR] [TD][LEFT]hutool -- hutool[/LEFT][/TD] [TD][LEFT]hutool-json v5.8.10 was discovered to contain an out of memory error.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45689&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45689]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45689') [MISC]('https://github.com/dromara/hutool/issues/2747')[/TD] [/TR] [TR] [TD][LEFT]hutool -- hutool[/LEFT][/TD] [TD][LEFT]A stack overflow in the org.json.JSONTokener.nextValue::JSONTokener.java component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45690&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45690]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45690') [MISC]('https://github.com/dromara/hutool/issues/2746') [MISC]('https://github.com/stleary/JSON-java/issues/654')[/TD] [/TR] [TR] [TD][LEFT]jettison_project -- jettison[/LEFT][/TD] [TD][LEFT]Jettison before v1.5.2 was discovered to contain a stack overflow via the map parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45693&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45693]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45693') [MISC]('https://github.com/jettison-json/jettison/issues/52')[/TD] [/TR] [TR] [TD][LEFT]f-secure -- atlant[/LEFT][/TD] [TD][LEFT]A Denial-of-Service (DoS) vulnerability was discovered in the fsicapd component used in WithSecure products whereby the service may crash while parsing ICAP request. The exploit can be triggered remotely by an attacker.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45871&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45871]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45871') [MISC]('https://www.withsecure.com/en/support/security-advisories')[/TD] [/TR] [TR] [TD][LEFT]zte -- zxhn-h108ns_firmware[/LEFT][/TD] [TD][LEFT]ZTE ZXHN-H108NS router with firmware version H108NSV1.0.7u_ZRD_GR2_A68 is vulnerable to remote stack buffer overflow.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45957&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45957]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45957') [MISC]('https://packetstormsecurity.com/files/169949/ZTE-ZXHN-H108NS-Stack-Buffer-Overflow-Denial-Of-Service.html')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ax12_firmware[/LEFT][/TD] [TD][LEFT]Tenda AX12 v22.03.01.21_CN was discovered to contain a stack overflow via the ssid parameter at /goform/fast_setting_wifi_set .[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45979&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45979]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45979') [MISC]('https://github.com/The-Itach1/IOT-CVE/tree/master/Tenda/AX12/4')[/TD] [/TR] [TR] [TD][LEFT]siemens -- 6gk5204-0ba00-2mb2_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). Specially crafted PROFINET DCP packets could cause a denial of service condition of affected products.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46352&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-46352]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46352') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-363821.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- 6gk5204-0ba00-2mb2_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). The affected products are vulnerable to an "Exposure of Sensitive Information to an Unauthorized Actor" vulnerability by leaking sensitive data in the HTTP Referer.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46355&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-46355]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46355') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-363821.pdf')[/TD] [/TR] [TR] [TD][LEFT]apache -- cxf[/LEFT][/TD] [TD][LEFT]A vulnerability in Apache CXF before versions 3.5.5 and 3.4.10 allows an attacker to perform a remote directory listing or code exfiltration. The vulnerability only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, and so the vulnerability can only arise if the CXF service is misconfigured.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46363&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-46363]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46363') [MISC]('https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c')[/TD] [/TR] [TR] [TD][LEFT]fp_newsletter_project -- fp_newsletter[/LEFT][/TD] [TD][LEFT]An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Attackers can unsubscribe everyone via a series of modified subscription UIDs in deleteAction operations.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-47409&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-47409]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-47409') [MISC]('https://typo3.org/security/advisory/typo3-ext-sa-2022-017')[/TD] [/TR] [TR] [TD][LEFT]fp_newsletter_project -- fp_newsletter[/LEFT][/TD] [TD][LEFT]An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via createAction operations.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-47410&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-47410]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-47410') [MISC]('https://typo3.org/security/advisory/typo3-ext-sa-2022-017')[/TD] [/TR] [TR] [TD][LEFT]fp_newsletter_project -- fp_newsletter[/LEFT][/TD] [TD][LEFT]An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via unsubscribeAction operations.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-47411&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-47411]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-47411') [MISC]('https://typo3.org/security/advisory/typo3-ext-sa-2022-017')[/TD] [/TR] [TR] [TD][LEFT]redhat -- openshift[/LEFT][/TD] [TD][LEFT]Openshift 4.9 does not use HTTP Strict Transport Security (HSTS) which may allow man-in-the-middle (MITM) attacks.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][7.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3259&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-3259]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3259') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2103220')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In onCreate of ReviewPermissionsActivity.java, there is a possible way to grant permissions for a separate app with API level < 23 due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-176094367[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20442&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20442]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20442') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In onCreate of EnableAccountPreferenceActivity.java, there is a possible way to mislead the user into enabling a malicious phone account due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-246933359[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20501&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20501]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20501') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]github -- enterprise_server[/LEFT][/TD] [TD][LEFT]An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed a scoped user-to-server token to escalate to full admin/owner privileges. An attacker would require an account with admin access to install a malicious GitHub App. This vulnerability was fixed in versions 3.3.17, 3.4.12, 3.5.9, and 3.6.5. This vulnerability was reported via the GitHub Bug Bounty program.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23741&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-23741]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23741') [MISC]('https://docs.github.com/en/[email protected]/admin/release-notes#3.5.9') [MISC]('https://docs.github.com/en/[email protected]/admin/release-notes#3.4.12') [MISC]('https://docs.github.com/en/[email protected]/admin/release-notes#3.6.5') [MISC]('https://docs.github.com/en/[email protected]/admin/release-notes#3.3.17')[/TD] [/TR] [TR] [TD][LEFT]arubanetworks -- arubaos[/LEFT][/TD] [TD][LEFT]Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities results in the ability to execute arbitrary commands as a privileged user on the underlying operating system.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37899&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-37899]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37899') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-016.txt')[/TD] [/TR] [TR] [TD][LEFT]arubanetworks -- arubaos[/LEFT][/TD] [TD][LEFT]Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities results in the ability to execute arbitrary commands as a privileged user on the underlying operating system.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37900&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-37900]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37900') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-016.txt')[/TD] [/TR] [TR] [TD][LEFT]arubanetworks -- arubaos[/LEFT][/TD] [TD][LEFT]Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities results in the ability to execute arbitrary commands as a privileged user on the underlying operating system.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37901&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-37901]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37901') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-016.txt')[/TD] [/TR] [TR] [TD][LEFT]arubanetworks -- arubaos[/LEFT][/TD] [TD][LEFT]Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities results in the ability to execute arbitrary commands as a privileged user on the underlying operating system.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37902&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-37902]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37902') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-016.txt')[/TD] [/TR] [TR] [TD][LEFT]arubanetworks -- edgeconnect_enterprise[/LEFT][/TD] [TD][LEFT]Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37920&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-37920]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37920') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-018.txt')[/TD] [/TR] [TR] [TD][LEFT]arubanetworks -- edgeconnect_enterprise[/LEFT][/TD] [TD][LEFT]Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37921&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-37921]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37921') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-018.txt')[/TD] [/TR] [TR] [TD][LEFT]arubanetworks -- edgeconnect_enterprise[/LEFT][/TD] [TD][LEFT]Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37922&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-37922]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37922') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-018.txt')[/TD] [/TR] [TR] [TD][LEFT]arubanetworks -- edgeconnect_enterprise[/LEFT][/TD] [TD][LEFT]Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37923&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-37923]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37923') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-018.txt')[/TD] [/TR] [TR] [TD][LEFT]arubanetworks -- edgeconnect_enterprise[/LEFT][/TD] [TD][LEFT]Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37924&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-37924]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37924') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-018.txt')[/TD] [/TR] [TR] [TD][LEFT]buddybadges_project -- buddybadges[/LEFT][/TD] [TD][LEFT]The buddybadges WordPress plugin through 1.0.0 does not sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3925&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3925]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3925') [MISC]('https://bulletin.iese.de/post/buddybadges_1-0-0/') [MISC]('https://wpscan.com/vulnerability/178499a3-97d1-4ab2-abbe-4a9d2ebc85da')[/TD] [/TR] [TR] [TD][LEFT]tibco -- jasperreports_server[/LEFT][/TD] [TD][LEFT]The JNDI Data Sources component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server - Community Edition, TIBCO JasperReports Server - Developer Edition, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for Microsoft Azure, and TIBCO JasperReports Server for Microsoft Azure contains an easily exploitable vulnerability that allows a privileged/administrative attacker with network access to execute Remote Code Execution to obtain a reverse shell on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO JasperReports Server: versions 8.0.2 and below, TIBCO JasperReports Server: version 8.1.0, TIBCO JasperReports Server - Community Edition: versions 8.1.0 and below, TIBCO JasperReports Server - Developer Edition: versions 8.1.0 and below, TIBCO JasperReports Server for AWS Marketplace: versions 8.0.2 and below, TIBCO JasperReports Server for AWS Marketplace: version 8.1.0, TIBCO JasperReports Server for Microsoft Azure: versions 8.0.2 and below, and TIBCO JasperReports Server for Microsoft Azure: version 8.1.0.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41561&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41561]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41561') [CONFIRM]('https://www.tibco.com/services/support/advisories') [CONFIRM]('https://www.tibco.com/support/advisories/2022/12/tibco-security-advisory-december-13-2022-tibco-jasperreports-server-cve-2022-41561')[/TD] [/TR] [TR] [TD][LEFT]deltaww -- dx-2100-l1-cn_firmware[/LEFT][/TD] [TD][LEFT]Delta Electronics DX-2100-L1-CN 2.42 is vulnerable to Command Injection via lform/net_diagnose.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42140&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-42140]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42140') [MISC]('https://cyberdanube.com/en/en-multiple-vulnerabilities-in-delta-electronics-dx-2100-l1-cn/')[/TD] [/TR] [TR] [TD][LEFT]arubanetworks -- edgeconnect_enterprise[/LEFT][/TD] [TD][LEFT]Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43541&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43541]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43541') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-018.txt')[/TD] [/TR] [TR] [TD][LEFT]docsys_project -- docsys[/LEFT][/TD] [TD][LEFT]A vulnerability classified as critical has been found in RainyGao DocSys 2.02.37. This affects an unknown part of the component ZIP File Decompression Handler. The manipulation leads to path traversal: '../filedir'. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-215271.[/LEFT][/TD] [TD][CENTER]2022-12-11[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4402&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4402]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4402') [N/A]('https://gitee.com/RainyGao/DocSys/issues/I65IYU') [N/A]('https://vuldb.com/?id.215271') [N/A]('https://github.com/A-TGAO/MxsDocVul/blob/main/ZipSlipVul.md')[/TD] [/TR] [TR] [TD][LEFT]arubanetworks -- edgeconnect_enterprise[/LEFT][/TD] [TD][LEFT]A vulnerability in the Aruba EdgeConnect Enterprise web management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44533&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44533]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44533') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-018.txt')[/TD] [/TR] [TR] [TD][LEFT]automotive_shop_management_system_project -- automotive_shop_management_system[/LEFT][/TD] [TD][LEFT]Automotive Shop Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /services/view_service.php.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44838&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44838]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44838') [MISC]('https://github.com/GkaMei/bug_report/blob/main/vendors/oretnom23/automotive-shop-management-system/SQLi-1.md')[/TD] [/TR] [TR] [TD][LEFT]dynamic_transaction_queuing_system_project -- dynamic_transaction_queuing_system[/LEFT][/TD] [TD][LEFT]An arbitrary file upload vulnerability in /queuing/admin/ajax.php?action=save_settings of Dynamic Transaction Queuing System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45275&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45275]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45275') [MISC]('https://github.com/ATKF/bug_report/blob/main/vendors/oretnom23/dynamic-transaction-queuing-system/RCE-1.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- w20e_firmware[/LEFT][/TD] [TD][LEFT]Tenda W20E V16.01.0.6(3392) is vulnerable to Command injection via cmd_get_ping_output.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45996&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45996]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45996') [MISC]('https://github.com/bugfinder0/public_bug/tree/main/tenda/w20e/2')[/TD] [/TR] [TR] [TD][LEFT]tenda -- w20e_firmware[/LEFT][/TD] [TD][LEFT]Tenda W20E V16.01.0.6(3392) is vulnerable to Buffer Overflow.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45997&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45997]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45997') [MISC]('https://github.com/bugfinder0/public_bug/tree/main/tenda/w20e/1')[/TD] [/TR] [TR] [TD][LEFT]aerocms_project -- aerocms[/LEFT][/TD] [TD][LEFT]The approve parameter from the AeroCMS-v0.0.1 CMS system is vulnerable to SQL injection attacks.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46051&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46051]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46051') [MISC]('https://github.com/rdyx0/CVE/blob/master/AeroCMS/AeroCMS-v0.0.1-SQLi/view_all_comments_update/view_all_comments_update.MD')[/TD] [/TR] [TR] [TD][LEFT]helmet_store_showroom_site_project -- helmet_store_showroom_site[/LEFT][/TD] [TD][LEFT]Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/?page=view_product&id=.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46117&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46117]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46117') [MISC]('https://github.com/HMHYHM/bug_report/blob/main/vendors/oretnom23/helmet-store-showroom-site/SQLi-1.md')[/TD] [/TR] [TR] [TD][LEFT]helmet_store_showroom_site_project -- helmet_store_showroom_site[/LEFT][/TD] [TD][LEFT]Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/?page=product_per_brand&bid=.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46118&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46118]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46118') [MISC]('https://github.com/HMHYHM/bug_report/blob/main/vendors/oretnom23/helmet-store-showroom-site/SQLi-2.md')[/TD] [/TR] [TR] [TD][LEFT]helmet_store_showroom_site_project -- helmet_store_showroom_site[/LEFT][/TD] [TD][LEFT]Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/?page=categories&c=.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46119&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46119]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46119') [MISC]('https://github.com/HMHYHM/bug_report/blob/main/vendors/oretnom23/helmet-store-showroom-site/SQLi-3.md')[/TD] [/TR] [TR] [TD][LEFT]helmet_store_showroom_site_project -- helmet_store_showroom_site[/LEFT][/TD] [TD][LEFT]Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/?page=products/view_product&id=.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46120&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46120]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46120') [MISC]('https://github.com/HMHYHM/bug_report/blob/main/vendors/oretnom23/helmet-store-showroom-site/SQLi-4.md')[/TD] [/TR] [TR] [TD][LEFT]helmet_store_showroom_site_project -- helmet_store_showroom_site[/LEFT][/TD] [TD][LEFT]Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/?page=products/manage_product&id=.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46121&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46121]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46121') [MISC]('https://github.com/HMHYHM/bug_report/blob/main/vendors/oretnom23/helmet-store-showroom-site/SQLi-5.md')[/TD] [/TR] [TR] [TD][LEFT]helmet_store_showroom_site_project -- helmet_store_showroom_site[/LEFT][/TD] [TD][LEFT]Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/categories/view_category.php?id=.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46122&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46122]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46122') [MISC]('https://github.com/HMHYHM/bug_report/blob/main/vendors/oretnom23/helmet-store-showroom-site/SQLi-6.md')[/TD] [/TR] [TR] [TD][LEFT]helmet_store_showroom_site_project -- helmet_store_showroom_site[/LEFT][/TD] [TD][LEFT]Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/categories/manage_category.php?id=.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46123&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46123]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46123') [MISC]('https://github.com/HMHYHM/bug_report/blob/main/vendors/oretnom23/helmet-store-showroom-site/SQLi-7.md')[/TD] [/TR] [TR] [TD][LEFT]helmet_store_showroom_site_project -- helmet_store_showroom_site[/LEFT][/TD] [TD][LEFT]Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/?page=user/manage_user&id=.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46124&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46124]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46124') [MISC]('https://github.com/HMHYHM/bug_report/blob/main/vendors/oretnom23/helmet-store-showroom-site/SQLi-9.md')[/TD] [/TR] [TR] [TD][LEFT]helmet_store_showroom_site_project -- helmet_store_showroom_site[/LEFT][/TD] [TD][LEFT]Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/?page=client/manage_client&id=.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46125&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46125]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46125') [MISC]('https://github.com/HMHYHM/bug_report/blob/main/vendors/oretnom23/helmet-store-showroom-site/SQLi-10.md')[/TD] [/TR] [TR] [TD][LEFT]helmet_store_showroom_site_project -- helmet_store_showroom_site[/LEFT][/TD] [TD][LEFT]Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/brands/manage_brand.php?id=.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46126&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46126]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46126') [MISC]('https://github.com/HMHYHM/bug_report/blob/main/vendors/oretnom23/helmet-store-showroom-site/SQLi-8.md')[/TD] [/TR] [TR] [TD][LEFT]helmet_store_showroom_site_project -- helmet_store_showroom_site[/LEFT][/TD] [TD][LEFT]Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/classes/Master.php?f=delete_product.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46127&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46127]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46127') [MISC]('https://github.com/HMHYHM/bug_report/blob/main/vendors/oretnom23/helmet-store-showroom-site/SQLi-11.md')[/TD] [/TR] [TR] [TD][LEFT]hcltechsw -- hcl_workload_automation[/LEFT][/TD] [TD][LEFT]HCL Workload Automation could allow a local user to overwrite key system files which would cause the system to crash.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-38661&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-38661]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-38661') [MISC]('https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0100939')[/TD] [/TR] [TR] [TD][LEFT]iconics -- genesis64[/LEFT][/TD] [TD][LEFT]Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ICONICS/Mitsubishi Electric GENESIS64 versions 10.96 to 10.97.2 allows an unauthenticated attacker to create, tamper with or destroy arbitrary files by getting a legitimate user import a project package file crafted by the attacker.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][7.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40264&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40264]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40264') [MISC]('https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-014_en.pdf') [MISC]('https://jvn.jp/vu/JVNVU95858406/index.html') [MISC]('https://iconics.com/About/Security/CERT') [MISC]('https://www.cisa.gov/uscert/ics/advisories/icsa-22-347-01')[/TD] [/TR] [TR] [TD][LEFT]trendmicro -- apex_one[/LEFT][/TD] [TD][LEFT]An arbitrary file deletion vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local attacker to escalate privileges and delete files on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45797&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45797]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45797') [MISC]('https://success.trendmicro.com/solution/000291830')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In TBD of TBD, there is a possible way to archive arbitrary code execution in kernel due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-254742984[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-39660&vector=CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2021-39660]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-39660') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]trendmicro -- apex_one[/LEFT][/TD] [TD][LEFT]A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44651&vector=CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44651]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44651') [MISC]('https://www.zerodayinitiative.com/advisories/ZDI-22-1620/') [MISC]('https://success.trendmicro.com/solution/000291770')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2019[/LEFT][/TD] [TD][LEFT]Windows Error Reporting Elevation of Privilege Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44669&vector=CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44669]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44669') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44669')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_10[/LEFT][/TD] [TD][LEFT]Windows Client Server Run-Time Subsystem (CSRSS) Elevation of Privilege Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44673&vector=CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44673]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44673') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44673')[/TD] [/TR] [/TABLE][/CENTER] [Back to top]('https://us-cert.cisa.gov#top')

Medium Vulnerabilities

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD][LEFT]amazon -- cloudwatch_agent[/LEFT][/TD] [TD][LEFT]A privilege escalation issue exists within the Amazon CloudWatch Agent for Windows, software for collecting metrics and logs from Amazon EC2 instances and on-premises servers, in versions up to and including v1.247354. When users trigger a repair of the Agent, a pop-up window opens with SYSTEM permissions. Users with administrative access to affected hosts may use this to create a new command prompt as NT AUTHORITY\SYSTEM. To trigger this issue, the third party must be able to access the affected host and elevate their privileges such that they're able to trigger the agent repair process. They must also be able to install the tools required to trigger the issue. This issue does not affect the CloudWatch Agent for macOS or Linux. Agent users should upgrade to version 1.247355 of the CloudWatch Agent to address this issue. There is no recommended work around. Affected users must update the installed version of the CloudWatch Agent to address this issue.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][6.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23511&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-23511]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23511') [MISC]('https://github.com/aws/amazon-cloudwatch-agent/security/advisories/GHSA-j8x2-2m5w-j939') [MISC]('https://github.com/aws/amazon-cloudwatch-agent/commit/6119858864c317ff26f41f576c169148d1250837#diff-76ed074a9305c04054cdebb9e9aad2d818052b07091de1f20cad0bbac34ffb52')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- outlook[/LEFT][/TD] [TD][LEFT]Outlook for Android Elevation of Privilege Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][6.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-24480&vector=CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-24480]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-24480') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24480')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_10[/LEFT][/TD] [TD][LEFT]Windows Hyper-V Denial of Service Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][6.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44682&vector=CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-44682]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44682') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44682')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- edge_chromium[/LEFT][/TD] [TD][LEFT]Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][6.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41115&vector=CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41115]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41115') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41115')[/TD] [/TR] [TR] [TD][LEFT]arcadyan -- vrv9506jac23_firmware[/LEFT][/TD] [TD][LEFT]The login password of the web administrative dashboard in Arcadyan Wifi routers VRV9506JAC23 is sent in cleartext, allowing an attacker to sniff and intercept traffic to learn the administrative credentials to the router.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-9420&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2020-9420]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-9420') [MISC]('https://gist.github.com/AsherDLL/03d0762b5a535e300f1121caebe333ce')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In BNEP_ConnectResp of bnep_api.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-228450451[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20468&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-20468]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20468') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]cisco -- ata_190_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Adaptive Telephone Adapter firmware could allow an unauthenticated, adjacent attacker to cause a DoS condition of an affected device. This vulnerability is due to missing length validation of certain Cisco Discovery Protocol packet header fields. An attacker could exploit this vulnerability by sending crafted Cisco Discovery Protocol packets to an affected device. A successful exploit could allow the attacker to cause the device to exhaust available memory and cause the service to restart. Cisco has released firmware updates that address this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20691&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-20691]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20691') [MISC]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ata19x-multivuln-GEZYVvs')[/TD] [/TR] [TR] [TD][LEFT]typo3 -- typo3[/LEFT][/TD] [TD][LEFT]TYPO3 is an open source PHP based web content management system. In versions prior to 8.7.49, 9.5.38, 10.4.33, 11.5.20, and 12.1.1 TYPO3 is vulnerable to Improper Authentication. Restricting frontend login to specific users, organized in different storage folders (partitions), can be bypassed. A potential attacker might use this ambiguity in usernames to get access to a different account - however, credentials must be known to the adversary. This issue is patched in versions 8.7.49 ELTS, 9.5.38 ELTS, 10.4.33, 11.5.20, 12.1.1.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23501&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-23501]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23501') [MISC]('https://github.com/TYPO3/typo3/security/advisories/GHSA-jfp7-79g7-89rf')[/TD] [/TR] [TR] [TD][LEFT]sick -- rfu610-10600_firmware[/LEFT][/TD] [TD][LEFT]Use of a Broken or Risky Cryptographic Algorithm in SICK RFU61x firmware version = 2.3 < V3.0), SCALANCE SC626-2C (All versions < V2.3), SCALANCE SC626-2C (All versions >= 2.3 < V3.0), SCALANCE SC632-2C (All versions < V2.3), SCALANCE SC632-2C (All versions >= 2.3 < V3.0), SCALANCE SC636-2C (All versions < V2.3), SCALANCE SC636-2C (All versions >= 2.3 < V3.0), SCALANCE SC642-2C (All versions < V2.3), SCALANCE SC642-2C (All versions >= 2.3 < V3.0), SCALANCE SC646-2C (All versions < V2.3), SCALANCE SC646-2C (All versions >= 2.3 < V3.0). Affected devices do not properly process CLI commands after a user forcefully quitted the SSH connection. This could allow an authenticated attacker to make the CLI via SSH or serial interface irresponsive.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46144&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-46144]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46144') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf')[/TD] [/TR] [TR] [TD][LEFT]jenkins -- sonar_gerrit[/LEFT][/TD] [TD][LEFT]A cross-site request forgery (CSRF) vulnerability in Jenkins Sonar Gerrit Plugin 377.v8f3808963dc5 and earlier allows attackers to have Jenkins connect to Gerrit servers (previously configured by Jenkins administrators) using attacker-specified credentials IDs obtained through another method, potentially capturing credentials stored in Jenkins.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46688&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-46688]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46688') [MISC]('https://www.jenkins.io/security/advisory/2022-12-07/#SECURITY-1002')[/TD] [/TR] [TR] [TD][LEFT]sick -- rfu620-10100_firmware[/LEFT][/TD] [TD][LEFT]Use of a Broken or Risky Cryptographic Algorithm in SICK RFU62x firmware version < 2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the firmware update is available from the responsible SICK customer contact person.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46832&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-46832]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46832') [MISC]('https://sick.com/psirt')[/TD] [/TR] [TR] [TD][LEFT]sick -- rfu630-04100_firmware[/LEFT][/TD] [TD][LEFT]Use of a Broken or Risky Cryptographic Algorithm in SICK RFU63x firmware version < v2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the firmware update is available from the responsible SICK customer contact person.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46833&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-46833]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46833') [MISC]('https://sick.com/psirt')[/TD] [/TR] [TR] [TD][LEFT]sick -- rfu650-10100_firmware[/LEFT][/TD] [TD][LEFT]Use of a Broken or Risky Cryptographic Algorithm in SICK RFU65x firmware version < v2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the firmware update is available from the responsible SICK customer contact person.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46834&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-46834]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46834') [MISC]('https://sick.com/psirt')[/TD] [/TR] [TR] [TD][LEFT]fp_masterquiz_project -- fp_masterquiz[/LEFT][/TD] [TD][LEFT]An issue was discovered in the fp_masterquiz (aka Master-Quiz) extension before 2.2.1, and 3.x before 3.5.1, for TYPO3. An attacker can continue the quiz of a different user. In doing so, the attacker can view that user's answers and modify those answers.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-47407&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-47407]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-47407') [MISC]('https://typo3.org/security/advisory/typo3-ext-sa-2022-018')[/TD] [/TR] [TR] [TD][LEFT]feehi -- feehicms[/LEFT][/TD] [TD][LEFT]Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.0.8 allows remote attackers to run arbitrary code via tha lang attribute of an html tag.[/LEFT][/TD] [TD][CENTER]2022-12-15[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-20589&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2020-20589]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-20589') [CONFIRM]('https://github.com/liufee/cms/issues/45')[/TD] [/TR] [TR] [TD][LEFT]feehi -- feehicms[/LEFT][/TD] [TD][LEFT]Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.0.8 allows remote attackers to run arbitrary code via tha lang attribute of an html tag.[/LEFT][/TD] [TD][CENTER]2022-12-15[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-36607&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2020-36607]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-36607') [CONFIRM]('https://github.com/liufee/cms/issues/45')[/TD] [/TR] [TR] [TD][LEFT]logrhythm -- logrhythm[/LEFT][/TD] [TD][LEFT]Logrhythm Web Console 7.4.9 allows for HTML tag injection through Contextualize Action -> Create a new Contextualize Action -> Inject your HTML tag in the name field.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-41943&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2021-41943]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-41943') [MISC]('https://medium.com/@idema16/how-i-found-a-cve-in-logrhythm-cve-2021-41943-61cef1797cb')[/TD] [/TR] [TR] [TD][LEFT]jquery-minicolors_project -- jquery-minicolors[/LEFT][/TD] [TD][LEFT]A vulnerability was found in claviska jquery-minicolors up to 2.3.5. It has been rated as problematic. Affected by this issue is some unknown functionality of the file jquery.minicolors.js. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 2.3.6 is able to address this issue. The name of the patch is ef134824a7f4110ada53ea6c173111a4fa2f48f3. It is recommended to upgrade the affected component. VDB-215306 is the identifier assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-4243&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2021-4243]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-4243') [MISC]('https://github.com/claviska/jquery-minicolors/commit/ef134824a7f4110ada53ea6c173111a4fa2f48f3') [MISC]('https://vuldb.com/?id.215306') [MISC]('https://github.com/claviska/jquery-minicolors/releases/tag/2.3.6')[/TD] [/TR] [TR] [TD][LEFT]yikesplugins -- easy_forms_for_mailchimp[/LEFT][/TD] [TD][LEFT]A vulnerability classified as problematic has been found in yikes-inc-easy-mailchimp-extender Plugin up to 6.8.5. This affects an unknown part of the file admin/partials/ajax/add_field_to_form.php. The manipulation of the argument field_name/merge_tag/field_type/list_id leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 6.8.6 is able to address this issue. The name of the patch is 3662c6593aa1bb4286781214891d26de2e947695. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-215307.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-4244&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2021-4244]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-4244') [MISC]('https://github.com/EvanHerman/yikes-inc-easy-mailchimp-extender/releases/tag/6.8.6') [MISC]('https://vuldb.com/?id.215307') [MISC]('https://github.com/EvanHerman/yikes-inc-easy-mailchimp-extender/pull/889') [MISC]('https://github.com/EvanHerman/yikes-inc-easy-mailchimp-extender/commit/3662c6593aa1bb4286781214891d26de2e947695')[/TD] [/TR] [TR] [TD][LEFT]hp -- integrated_lights-out_5_firmware[/LEFT][/TD] [TD][LEFT]Cross Site Scripting vulnerability in Hewlett Packard Enterprise Integrated Lights-Out 5.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-46846&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2021-46846]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-46846') [MISC]('https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04133en_us')[/TD] [/TR] [TR] [TD][LEFT]typo3 -- html_sanitizer[/LEFT][/TD] [TD][LEFT]HTML sanitizer is written in PHP, aiming to provide XSS-safe markup based on explicitly allowed tags, attributes and values. In versions prior to 1.5.0 or 2.1.1, malicious markup used in a sequence with special HTML CDATA sections cannot be filtered and sanitized due to a parsing issue in the upstream package masterminds/html5. This allows bypassing the cross-site scripting mechanism of typo3/html-sanitizer. The upstream package masterminds/html5 provides HTML raw text elements ([ICODE]script[/ICODE], [ICODE]style[/ICODE], [ICODE]noframes[/ICODE], [ICODE]noembed[/ICODE] and [ICODE]iframe[/ICODE]) as DOMText nodes, which were not processed and sanitized further. None of the mentioned elements were defined in the default builder configuration, that's why only custom behaviors, using one of those tag names, were vulnerable to cross-site scripting. This issue has been fixed in versions 1.5.0 and 2.1.1.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23499&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-23499]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23499') [MISC]('https://github.com/TYPO3/html-sanitizer/security/advisories/GHSA-hvwx-qh2h-xcfj')[/TD] [/TR] [TR] [TD][LEFT]rails_html_sanitizer_project -- rails_html_sanitizer[/LEFT][/TD] [TD][LEFT]rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Versions >= 1.0.3, < 1.4.4 are vulnerable to cross-site scripting via data URIs when used in combination with Loofah >= 2.1.0. This issue is patched in version 1.4.4.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23518&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-23518]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23518') [MISC]('https://hackerone.com/reports/1694173') [MISC]('https://github.com/rails/rails-html-sanitizer/security/advisories/GHSA-mcvf-2q2m-x72m') [MISC]('https://github.com/rails/rails-html-sanitizer/issues/135')[/TD] [/TR] [TR] [TD][LEFT]rails_html_sanitizer_project -- rails_html_sanitizer[/LEFT][/TD] [TD][LEFT]rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer's allowed tags in either of the following ways: allow both "math" and "style" elements, or allow both "svg" and "style" elements. Code is only impacted if allowed tags are being overridden. . This issue is fixed in version 1.4.4. All users overriding the allowed tags to include "math" or "svg" and "style" should either upgrade or use the following workaround immediately: Remove "style" from the overridden allowed tags, or remove "math" and "svg" from the overridden allowed tags.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23519&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-23519]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23519') [MISC]('https://hackerone.com/reports/1656627') [MISC]('https://github.com/rails/rails-html-sanitizer/security/advisories/GHSA-9h9g-93gc-623h')[/TD] [/TR] [TR] [TD][LEFT]rails_html_sanitizer_project -- rails_html_sanitizer[/LEFT][/TD] [TD][LEFT]rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, there is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer due to an incomplete fix of CVE-2022-32209. Rails::Html::Sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer's allowed tags to allow both "select" and "style" elements. Code is only impacted if allowed tags are being overridden. This issue is patched in version 1.4.4. All users overriding the allowed tags to include both "select" and "style" should either upgrade or use this workaround: Remove either "select" or "style" from the overridden allowed tags. NOTE: Code is [I]not[/I] impacted if allowed tags are overridden using either the :tags option to the Action View helper method sanitize or the :tags option to the instance method SafeListSanitizer#sanitize.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23520&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-23520]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23520') [MISC]('https://github.com/rails/rails-html-sanitizer/security/advisories/GHSA-rrfc-7g8p-99q8') [MISC]('https://hackerone.com/reports/1654310')[/TD] [/TR] [TR] [TD][LEFT]zmartzone -- mod_auth_openidc[/LEFT][/TD] [TD][LEFT]mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server. Versions prior to 2.4.12.2 are vulnerable to Open Redirect. When providing a logout parameter to the redirect URI, the existing code in oidc_validate_redirect_url() does not properly check for URLs that start with /\t, leading to an open redirect. This issue has been patched in version 2.4.12.2. Users unable to upgrade can mitigate the issue by configuring mod_auth_openidc to only allow redirection when the destination matches a given regular expression with OIDCRedirectURLsAllowed.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23527&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-23527]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23527') [MISC]('https://github.com/zmartzone/mod_auth_openidc/security/advisories/GHSA-q6f2-285m-gr53') [MISC]('https://github.com/zmartzone/mod_auth_openidc/blob/v2.4.12.1/auth_openidc.conf#L975-L984')[/TD] [/TR] [TR] [TD][LEFT]weidmueller -- 19_iot_md01_lan_h4_s0011_firmware[/LEFT][/TD] [TD][LEFT]Quanos "SCHEMA ST4" example web templates in version Bootstrap 2019 v2/2021 v1/2022 v1/2022 SP1 v1 or below are prone to JavaScript injection allowing a remote attacker to hijack existing sessions to e.g. other web services in the same environment or execute scripts in the users browser environment. The affected script is '*-schema.js'.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3073&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3073]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3073') [MISC]('https://cert.vde.com/de/advisories/VDE-2022-056/')[/TD] [/TR] [TR] [TD][LEFT]ibm -- cics_tx[/LEFT][/TD] [TD][LEFT]IBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 229461.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-34318&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-34318]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-34318') [MISC]('https://www.ibm.com/support/pages/node/6833188') [MISC]('https://www.ibm.com/support/pages/node/6833186') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/229461')[/TD] [/TR] [TR] [TD][LEFT]arubanetworks -- edgeconnect_enterprise[/LEFT][/TD] [TD][LEFT]A vulnerability within the web-based management interface of Aruba EdgeConnect Enterprise could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37925&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-37925]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37925') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-018.txt')[/TD] [/TR] [TR] [TD][LEFT]hpe -- oneview_global_dashboard[/LEFT][/TD] [TD][LEFT]URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Hewlett Packard Enterprise HPE OneView Global Dashboard (OVGD).[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37927&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-37927]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37927') [MISC]('https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04370en_us')[/TD] [/TR] [TR] [TD][LEFT]niceforyou -- linear_emerge_e3_access_control_firmware[/LEFT][/TD] [TD][LEFT]Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a cross-site scripting (XSS) vulnerability which is chained with a local session fixation. This vulnerability allows attackers to escalate privileges via unspecified vectors.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-38628&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-38628]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-38628') [MISC]('https://github.com/omarhashem123/Security-Research/blob/main/CVE-2022-38628/CVE-2022-38628.txt')[/TD] [/TR] [TR] [TD][LEFT]helloprint -- helloprint[/LEFT][/TD] [TD][LEFT]The Helloprint WordPress plugin before 1.4.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3908&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3908]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3908') [MISC]('https://wpscan.com/vulnerability/c44802a0-8cbe-4386-9523-3b6cb44c6505')[/TD] [/TR] [TR] [TD][LEFT]sap -- netweaver_application_server_java[/LEFT][/TD] [TD][LEFT]Due to insufficient input validation, SAP NetWeaver AS Java (HTTP Provider Service) - version 7.50, allows an unauthenticated attacker to inject a script into a web request header. On successful exploitation, an attacker can view or modify information causing a limited impact on the confidentiality and integrity of the application.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41262&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-41262]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41262') [MISC]('https://launchpad.support.sap.com/#/notes/3262544') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html')[/TD] [/TR] [TR] [TD][LEFT]sap -- commerce_webservices_2.0[/LEFT][/TD] [TD][LEFT]Due to a lack of proper input validation, SAP Commerce Webservices 2.0 (Swagger UI) - versions 1905, 2005, 2105, 2011, 2205, allows malicious inputs from untrusted sources, which can be leveraged by an attacker to execute a DOM Cross-Site Scripting (XSS) attack. As a result, an attacker may be able to steal user tokens and achieve a full account takeover including access to administrative tools in SAP Commerce.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41266&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-41266]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41266') [MISC]('https://launchpad.support.sap.com/#/notes/3248255') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html')[/TD] [/TR] [TR] [TD][LEFT]sap -- sourcing[/LEFT][/TD] [TD][LEFT]Due to improper input sanitization in SAP Sourcing and SAP Contract Lifecycle Management - version 1100, an attacker can redirect a user to a malicious website. In order to perform this attack, the attacker sends an email to the victim with a manipulated link that appears to be a legitimate SAP Sourcing URL, since the victim doesn’t suspect the threat, they click on the link, log in to SAP Sourcing and CLM and at this point, they get redirected to a malicious website.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41273&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-41273]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41273') [MISC]('https://launchpad.support.sap.com/#/notes/3270399') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html')[/TD] [/TR] [TR] [TD][LEFT]sap -- solution_manager[/LEFT][/TD] [TD][LEFT]In SAP Solution Manager (Enterprise Search) - versions 740, and 750, an unauthenticated attacker can generate a link that, if clicked by a logged-in user, can be redirected to a malicious page that could read or modify sensitive information, or expose the user to a phishing attack, with little impact on confidentiality and integrity.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41275&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-41275]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41275') [MISC]('https://launchpad.support.sap.com/#/notes/3271313') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html')[/TD] [/TR] [TR] [TD][LEFT]fs-blog_project -- fs-blog[/LEFT][/TD] [TD][LEFT]A vulnerability was found in zbl1996 FS-Blog and classified as problematic. This issue affects some unknown processing of the component Title Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-215267.[/LEFT][/TD] [TD][CENTER]2022-12-11[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4400&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4400]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4400') [MISC]('https://vuldb.com/?id.215267') [MISC]('https://gitee.com/zbl1996/FS-Blog/issues/I5Y6ZQ')[/TD] [/TR] [TR] [TD][LEFT]redmine -- redmine[/LEFT][/TD] [TD][LEFT]Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization of the blockquote syntax in Textile-formatted fields.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44031&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44031]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44031') [MISC]('https://www.redmine.org/projects/redmine/wiki/Security_Advisories')[/TD] [/TR] [TR] [TD][LEFT]phpmyfaq -- phpmyfaq[/LEFT][/TD] [TD][LEFT]Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.9.[/LEFT][/TD] [TD][CENTER]2022-12-11[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4407&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4407]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4407') [CONFIRM]('https://huntr.dev/bounties/a1649f43-78c9-4927-b313-36911872a84b') [MISC]('https://github.com/thorsten/phpmyfaq/commit/1d73af34bf42764f9f9491c7ba5e9495d70e3ca5')[/TD] [/TR] [TR] [TD][LEFT]nuxt -- framework[/LEFT][/TD] [TD][LEFT]Cross-site Scripting (XSS) - Reflected in GitHub repository nuxt/framework prior to v3.0.0-rc.13.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4413&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4413]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4413') [MISC]('https://github.com/nuxt/framework/commit/253c8f7ee0c0c580c44dedbe9387646264e90a1e') [CONFIRM]('https://huntr.dev/bounties/70ac720d-c932-4ed3-98b1-dd2cbcb90185')[/TD] [/TR] [TR] [TD][LEFT]nuxt -- framework[/LEFT][/TD] [TD][LEFT]Cross-site Scripting (XSS) - DOM in GitHub repository nuxt/framework prior to v3.0.0-rc.13.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4414&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4414]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4414') [CONFIRM]('https://huntr.dev/bounties/131a41e5-c936-4c3f-84fc-e0e1f0e090b5') [MISC]('https://github.com/nuxt/framework/commit/19a2cd14929ca9b55720cb81f71687830a9e59a4')[/TD] [/TR] [TR] [TD][LEFT]rathena -- fluxcp[/LEFT][/TD] [TD][LEFT]A vulnerability was found in rAthena FluxCP. It has been classified as problematic. Affected is an unknown function of the file themes/default/servicedesk/view.php of the component Service Desk Image URL Handler. The manipulation of the argument sslink leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is 8a39b2b2bf28353b3503ff1421862393db15aa7e. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-215304.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4421&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4421]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4421') [MISC]('https://github.com/rathena/FluxCP/commit/8a39b2b2bf28353b3503ff1421862393db15aa7e') [MISC]('https://vuldb.com/?id.215304')[/TD] [/TR] [TR] [TD][LEFT]resque-scheduler_project -- resque-scheduler[/LEFT][/TD] [TD][LEFT]Resque Scheduler version 1.27.4 is vulnerable to Cross-site scripting (XSS). A remote attacker could inject javascript code to the "{schedule_job}" or "args" parameter in /resque/delayed/jobs/{schedule_job}?args={args_id} to execute javascript at client side.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44303&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44303]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44303') [MISC]('https://trungvm.gitbook.io/cves/resque/resque-1.27.4-multiple-reflected-xss-in-resque-schedule-job') [MISC]('http://resque.com')[/TD] [/TR] [TR] [TD][LEFT]ipti -- tag[/LEFT][/TD] [TD][LEFT]A vulnerability was found in ipti br.tag. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 2.13.0 is able to address this issue. The name of the patch is 7e311be22d3a0a1b53e61cb987ba13d681d85f06. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-215431.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4444&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4444]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4444') [MISC]('https://github.com/ipti/br.tag/commit/7e311be22d3a0a1b53e61cb987ba13d681d85f06') [MISC]('https://vuldb.com/?id.215431') [MISC]('https://github.com/ipti/br.tag/pull/131')[/TD] [/TR] [TR] [TD][LEFT]siemens -- plm_help_server[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in PLM Help Server V4.2 (All versions). A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the affected application that could allow an attacker to execute malicious javascript code by tricking users into accessing a malicious link.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44575&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44575]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44575') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-274282.pdf')[/TD] [/TR] [TR] [TD][LEFT]redmine -- redmine[/LEFT][/TD] [TD][LEFT]Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization in Redcloth3 Textile-formatted fields. Depending on the configuration, this may require login as a registered user.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44637&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44637]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44637') [MISC]('https://www.redmine.org/projects/redmine/wiki/Security_Advisories')[/TD] [/TR] [TR] [TD][LEFT]collective.dms.basecontent_project -- collective.dms.basecontent[/LEFT][/TD] [TD][LEFT]A vulnerability, which was classified as problematic, has been found in collective.dms.basecontent 1.7. This issue affects the function renderCell of the file src/collective/dms/basecontent/browser/column.py. The manipulation leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 1.10 is able to address this issue. The name of the patch is 6c4d616fcc771822a14ebae5e23f3f6d96d134bd. It is recommended to upgrade the affected component. The identifier VDB-215813 was assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4495&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4495]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4495') [N/A]('https://vuldb.com/?id.215813') [N/A]('https://github.com/collective/collective.dms.basecontent/releases/tag/1.10') [N/A]('https://github.com/collective/collective.dms.basecontent/commit/6c4d616fcc771822a14ebae5e23f3f6d96d134bd')[/TD] [/TR] [TR] [TD][LEFT]open-emr -- openemr[/LEFT][/TD] [TD][LEFT]Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.0.2.[/LEFT][/TD] [TD][CENTER]2022-12-15[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4502&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4502]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4502') [MISC]('https://github.com/openemr/openemr/commit/37d7ed4855763fc588485f05b2e9cc0944f71879') [CONFIRM]('https://huntr.dev/bounties/5bdef791-6886-4008-b9ba-045cb4524114')[/TD] [/TR] [TR] [TD][LEFT]arris -- nvg443b_firmware[/LEFT][/TD] [TD][LEFT]A cross-site scripting (XSS) vulnerability in Arris NVG443B 9.3.0h3d36 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request sent to /cgi-bin/logs.ha.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45028&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-45028]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45028') [MISC]('https://drive.google.com/file/d/1AHqvciVNMQpUoomFgtctnByewkkr24kB/view') [MISC]('https://seanpesce.blogspot.com/2022/11/unauthenticated-stored-xss-in-arris.html')[/TD] [/TR] [TR] [TD][LEFT]open-emr -- openemr[/LEFT][/TD] [TD][LEFT]Cross-site Scripting (XSS) - Generic in GitHub repository openemr/openemr prior to 7.0.0.2.[/LEFT][/TD] [TD][CENTER]2022-12-15[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4503&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4503]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4503') [MISC]('https://github.com/openemr/openemr/commit/37d7ed4855763fc588485f05b2e9cc0944f71879') [CONFIRM]('https://huntr.dev/bounties/4cba644c-a2f5-4ed7-af5d-f2cab1895e13')[/TD] [/TR] [TR] [TD][LEFT]sens_project -- sens[/LEFT][/TD] [TD][LEFT]SENS v1.0 is vulnerable to Cross Site Scripting (XSS).[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45756&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-45756]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45756') [MISC]('https://github.com/saysky/SENS/issues/17')[/TD] [/TR] [TR] [TD][LEFT]aerocms_project -- aerocms[/LEFT][/TD] [TD][LEFT]AeroCMS v0.0.1 is vulnerable to ClickJacking.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46061&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-46061]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46061') [MISC]('https://github.com/rdyx0/CVE/blob/master/AeroCMS/AeroCMS-v0.0.1-ClickJacking/registration_ClickJacking/registration_ClickJacking.md')[/TD] [/TR] [TR] [TD][LEFT]helmet_store_showroom_project -- helmet_store_showroom[/LEFT][/TD] [TD][LEFT]Helmet Store Showroom 1.0 is vulnerable to Cross Site Scripting (XSS).[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46073&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-46073]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46073') [MISC]('https://www.youtube.com/watch?v=jT09Uiwl0Jo&ab_channel=IkariShinji')[/TD] [/TR] [TR] [TD][LEFT]siemens -- polarion_alm[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in Polarion ALM (All versions). The affected application contains a Host header injection vulnerability that could allow an attacker to spoof a Host header information and redirect users to malicious websites.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46265&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-46265]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46265') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-792594.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- 6gk5204-0ba00-2mb2_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). The integrated web server could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. This can be used by an attacker to trigger a malicious request on the affected device.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46350&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-46350]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46350') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-363821.pdf')[/TD] [/TR] [TR] [TD][LEFT]niceforyou -- linear_emerge_e3_access_control_firmware[/LEFT][/TD] [TD][LEFT]Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter (e.g., to the badging/badge_template_v0.php component). This affects 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46381&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-46381]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46381') [MISC]('https://github.com/omarhashem123/Security-Research/blob/main/CVE-2022-46381/CVE-2022-46381.txt')[/TD] [/TR] [TR] [TD][LEFT]jenkins -- google_login[/LEFT][/TD] [TD][LEFT]Jenkins Google Login Plugin 1.4 through 1.6 (both inclusive) improperly determines that a redirect URL after login is legitimately pointing to Jenkins.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46683&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-46683]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46683') [MISC]('https://www.jenkins.io/security/advisory/2022-12-07/#SECURITY-2967')[/TD] [/TR] [TR] [TD][LEFT]websoft -- websoft_hcm[/LEFT][/TD] [TD][LEFT]Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an unauthenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Reflected XSS.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46905&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-46905]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46905') [MISC]('https://news.websoft.ru/_wt/wiki_base/7175852393019676262')[/TD] [/TR] [TR] [TD][LEFT]sap -- business_objects_business_intelligence_platform[/LEFT][/TD] [TD][LEFT]Under certain conditions, an attacker authenticated as a CMS administrator and with high privileges access to the Network in SAP BusinessObjects Business Intelligence Platform (Monitoring DB) - version 430, can access BOE Monitoring database to retrieve and modify (non-personal) system data which would otherwise be restricted. Also, a potential attack could be used to leave the CMS's scope and impact the database. A successful attack could have a low impact on confidentiality, a high impact on integrity, and a low impact on availability.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-31596&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L')[/CENTER][/TD] [TD][CVE-2022-31596]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-31596') [MISC]('https://launchpad.support.sap.com/#/notes/3213507') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]WordPress is affected by an unauthenticated blind SSRF in the pingback feature. Because of a TOCTOU race condition between the validation checks and the HTTP request, attackers can reach internal hosts that are explicitly forbidden.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][5.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3590&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-3590]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3590') [MISC]('https://wpscan.com/vulnerability/c8814e6e-78b3-4f63-a1d3-6906a84c1f11') [MISC]('https://blog.sonarsource.com/wordpress-core-unauthenticated-blind-ssrf/')[/TD] [/TR] [TR] [TD][LEFT]wptools_project -- wptools[/LEFT][/TD] [TD][LEFT]The WP Tools Increase Maximum Limits, Repair, Server PHP Info, Javascript errors, File Permissions, Transients, Error Log WordPress plugin before 3.43 does not have proper authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscriber to call it and install and activate arbitrary plugins from wordpress.org[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][5.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3881&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-3881]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3881') [MISC]('https://wpscan.com/vulnerability/c2a9cf01-051a-429a-82ca-280885114b5a')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In findAllDeAccounts of AccountsDb.java, there is a possible denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-169762606[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-0934&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2021-0934]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-0934') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In applyKeyguardFlags of NotificationShadeWindowControllerImpl.java, there is a possible way to observe the user's password on a secondary display due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-179725730[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20466&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-20466]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20466') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In SendIncDecRestoreCmdPart2 of NxpMfcReader.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-238177877[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20471&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-20471]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20471') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In setEnabledSetting of PackageManager.java, there is a possible way to get the device into an infinite reboot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-240936919[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20476&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-20476]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20476') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In createNotificationChannel of NotificationManager.java, there is a possible way to make the device unusable and require factory reset due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-240422263[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20482&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-20482]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20482') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In setDataSource of initMediaExtractor.cpp, there is a possibility of arbitrary code execution due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-245242273[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20496&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-20496]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20496') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In loadFromXml of ShortcutPackage.java, there is a possible crash on boot due to an uncaught exception. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-246540168[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20500&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-20500]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20500') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In GetResolvedMethod of entrypoint_utils-inl.h, there is a possible use after free due to a stale cache. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-222166527[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20502&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-20502]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20502') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]linux-loader_project -- linux-loader[/LEFT][/TD] [TD][LEFT]In versions prior to 0.8.1, the linux-loader crate uses the offsets and sizes provided in the ELF headers to determine the offsets to read from. If those offsets point beyond the end of the file this could lead to Virtual Machine Monitors using the [ICODE]linux-loader[/ICODE] crate entering an infinite loop if the ELF header of the kernel they are loading was modified in a malicious manner. This issue has been addressed in 0.8.1. The issue can be mitigated by ensuring that only trusted kernel images are loaded or by verifying that the headers do not point beyond the end of the file.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23523&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-23523]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23523') [MISC]('https://github.com/rust-vmm/linux-loader/pull/125') [MISC]('https://github.com/rust-vmm/linux-loader/security/advisories/GHSA-52h2-m2cf-9jh6')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- aqt1000_firmware[/LEFT][/TD] [TD][LEFT]Denial of service due to reachable assertion in modem while processing filter rule from application client in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-25675&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-25675]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-25675') [CONFIRM]('https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin')[/TD] [/TR] [TR] [TD][LEFT]westerndigital -- my_cloud_os[/LEFT][/TD] [TD][LEFT]Insufficiently Protected Credentials vulnerability in the remote backups application on Western Digital My Cloud devices that could allow an attacker who has gained access to a relevant endpoint to use that information to access protected data. This issue affects: Western Digital My Cloud My Cloud versions prior to 5.25.124 on Linux.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-29839&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-29839]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-29839') [MISC]('https://www.westerndigital.com/support/product-security/wdc-22019-my-cloud-firmware-version-5-25-124')[/TD] [/TR] [TR] [TD][LEFT]linux -- linux_kernel[/LEFT][/TD] [TD][LEFT]An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3104&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-3104]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3104') [MISC]('https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=4a9800c81d2f34afb66b4b42e0330ae8298019a2') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2153062')[/TD] [/TR] [TR] [TD][LEFT]linux -- linux_kernel[/LEFT][/TD] [TD][LEFT]An issue was discovered in the Linux kernel through 5.16-rc6. uapi_finalize in drivers/infiniband/core/uverbs_uapi.c lacks check of kmalloc_array().[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3105&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-3105]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3105') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2153067') [MISC]('https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=7694a7de22c53a312ea98960fcafc6ec62046531')[/TD] [/TR] [TR] [TD][LEFT]linux -- linux_kernel[/LEFT][/TD] [TD][LEFT]An issue was discovered in the Linux kernel through 5.16-rc6. ef100_update_stats in drivers/net/ethernet/sfc/ef100_nic.c lacks check of the return value of kmalloc().[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3106&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-3106]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3106') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2153066') [MISC]('https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=407ecd1bd726f240123f704620d46e285ff30dd9')[/TD] [/TR] [TR] [TD][LEFT]linux -- linux_kernel[/LEFT][/TD] [TD][LEFT]An issue was discovered in the Linux kernel through 5.16-rc6. netvsc_get_ethtool_stats in drivers/net/hyperv/netvsc_drv.c lacks check of the return value of kvmalloc_array() and will cause the null pointer dereference.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3107&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-3107]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3107') [MISC]('https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=886e44c9298a6b428ae046e2fa092ca52e822e6a') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2153060')[/TD] [/TR] [TR] [TD][LEFT]linux -- linux_kernel[/LEFT][/TD] [TD][LEFT]An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup().[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3108&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-3108]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3108') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2153052') [MISC]('https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=abfaf0eee97925905e742aa3b0b72e04a918fa9e')[/TD] [/TR] [TR] [TD][LEFT]linux -- linux_kernel[/LEFT][/TD] [TD][LEFT]An issue was discovered in the Linux kernel through 5.16-rc6. _rtw_init_xmit_priv in drivers/staging/r8188eu/core/rtw_xmit.c lacks check of the return value of rtw_alloc_hwxmits() and will cause the null pointer dereference.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3110&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-3110]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3110') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2153055') [MISC]('https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=f94b47c6bde624d6c07f43054087607c52054a95')[/TD] [/TR] [TR] [TD][LEFT]linux -- linux_kernel[/LEFT][/TD] [TD][LEFT]An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger().[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3111&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-3111]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3111') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2153059') [MISC]('https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=6dee930f6f6776d1e5a7edf542c6863b47d9f078')[/TD] [/TR] [TR] [TD][LEFT]linux -- linux_kernel[/LEFT][/TD] [TD][LEFT]An issue was discovered in the Linux kernel through 5.16-rc6. amvdec_set_canvases in drivers/staging/media/meson/vdec/vdec_helpers.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3112&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-3112]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3112') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2153068') [MISC]('https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=c8c80c996182239ff9b05eda4db50184cf3b2e99')[/TD] [/TR] [TR] [TD][LEFT]linux -- linux_kernel[/LEFT][/TD] [TD][LEFT]An issue was discovered in the Linux kernel through 5.16-rc6. mtk_vcodec_fw_vpu_init in drivers/media/platform/mtk-vcodec/mtk_vcodec_fw_vpu.c lacks check of the return value of devm_kzalloc() and will cause the null pointer dereference.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3113&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-3113]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3113') [MISC]('https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=e25a89f743b18c029bfbe5e1663ae0c7190912b0') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2153053')[/TD] [/TR] [TR] [TD][LEFT]linux -- linux_kernel[/LEFT][/TD] [TD][LEFT]An issue was discovered in the Linux kernel through 5.16-rc6. imx_register_uart_clocks in drivers/clk/imx/clk.c lacks check of the return value of kcalloc() and will cause the null pointer dereference.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3114&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-3114]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3114') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2153054') [MISC]('https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=ed713e2bc093239ccd380c2ce8ae9e4162f5c037')[/TD] [/TR] [TR] [TD][LEFT]linux -- linux_kernel[/LEFT][/TD] [TD][LEFT]An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3115&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-3115]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3115') [MISC]('https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=73c3ed7495c67b8fbdc31cf58e6ca8757df31a33') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2153058')[/TD] [/TR] [TR] [TD][LEFT]vmware -- vcenter_server[/LEFT][/TD] [TD][LEFT]The vCenter Server contains an information disclosure vulnerability due to the logging of credentials in plaintext. A malicious actor with access to a workstation that invoked a vCenter Server Appliance ISO operation (Install/Upgrade/Migrate/Restore) can access plaintext passwords used during that operation.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-31697&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-31697]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-31697') [MISC]('https://www.vmware.com/security/advisories/VMSA-2022-0030.html')[/TD] [/TR] [TR] [TD][LEFT]arubanetworks -- sd-wan[/LEFT][/TD] [TD][LEFT]Due to improper restrictions on XML entities multiple vulnerabilities exist in the command line interface of ArubaOS. A successful exploit could allow an authenticated attacker to retrieve files from the local system or cause the application to consume system resources, resulting in a denial of service condition.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37911&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-37911]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37911') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-016.txt')[/TD] [/TR] [TR] [TD][LEFT]hpe -- sf100_firmware[/LEFT][/TD] [TD][LEFT]Improper Privilege Management vulnerability in Hewlett Packard Enterprise Nimble Storage Hybrid Flash Arrays and Nimble Storage Secondary Flash Arrays.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37929&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-37929]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37929') [MISC]('https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst04360en_us')[/TD] [/TR] [TR] [TD][LEFT]hpe -- sf100_firmware[/LEFT][/TD] [TD][LEFT]A security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays and HPE Nimble Storage Secondary Flash Arrays which could potentially allow local disclosure of sensitive information.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37930&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-37930]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37930') [MISC]('https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst04361en_us')[/TD] [/TR] [TR] [TD][LEFT]daikinlatam -- svmpc2[/LEFT][/TD] [TD][LEFT]Daikin SVMPC1 version 2.1.22 and prior and SVMPC2 version 1.2.3 and prior are vulnerable to attackers with access to the local area network (LAN) to disclose sensitive information stored by the affected product without requiring authentication.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-38355&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-38355]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-38355') [MISC]('https://www.cisa.gov/uscert/ics/advisories/icsa-22-284-02')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-44679.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41074&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-41074]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41074') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41074')[/TD] [/TR] [TR] [TD][LEFT]sap -- solution_manager[/LEFT][/TD] [TD][LEFT]SAP Solution Manager (Diagnostic Agent) - version 7.20, allows an authenticated attacker on Windows system to access a file containing sensitive data which can be used to access a configuration file which contains credentials to access other system files. Successful exploitation can make the attacker access files and systems for which he/she is not authorized.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41261&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-41261]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41261') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html') [MISC]('https://launchpad.support.sap.com/#/notes/3265173')[/TD] [/TR] [TR] [TD][LEFT]siemens -- teamcenter_visualization[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41278&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41278]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41278') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- teamcenter_visualization[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41279&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41279]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41279') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- teamcenter_visualization[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41280&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41280]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41280') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- teamcenter_visualization[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains divide by zero vulnerability when parsing a CGM file. An attacker could leverage this vulnerability to crash the application causing denial of service condition.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41287&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41287]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41287') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- teamcenter_visualization[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains stack exhaustion vulnerability when parsing a CGM file. An attacker could leverage this vulnerability to crash the application causing denial of service condition.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41288&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41288]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41288') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf')[/TD] [/TR] [TR] [TD][LEFT]arcinformatique -- pcvue[/LEFT][/TD] [TD][LEFT]A cleartext storage of sensitive information vulnerability exists in PcVue versions 8.10 through 15.2.3. This could allow an unauthorized user with access the email and short messaging service (SMS) accounts configuration files to discover the associated simple mail transfer protocol (SMTP) account credentials and the SIM card PIN code. Successful exploitation of this vulnerability could allow an unauthorized user access to the underlying email account and SIM card.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4312&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-4312]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4312') [MISC]('https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1171-security-bulletin-2022-7')[/TD] [/TR] [TR] [TD][LEFT]adobe -- illustrator[/LEFT][/TD] [TD][LEFT]Adobe Illustrator versions 26.5.1 (and earlier), and 27.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44498&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-44498]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44498') [MISC]('https://helpx.adobe.com/security/products/illustrator/apsb22-60.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- illustrator[/LEFT][/TD] [TD][LEFT]Adobe Illustrator versions 26.5.1 (and earlier), and 27.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44499&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-44499]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44499') [MISC]('https://helpx.adobe.com/security/products/illustrator/apsb22-60.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- illustrator[/LEFT][/TD] [TD][LEFT]Adobe Illustrator versions 26.5.1 (and earlier), and 27.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44500&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-44500]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44500') [MISC]('https://helpx.adobe.com/security/products/illustrator/apsb22-60.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- illustrator[/LEFT][/TD] [TD][LEFT]Adobe Illustrator versions 26.5.1 (and earlier), and 27.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44502&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-44502]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44502') [MISC]('https://helpx.adobe.com/security/products/illustrator/apsb22-60.html')[/TD] [/TR] [TR] [TD][LEFT]trendmicro -- apex_one[/LEFT][/TD] [TD][LEFT]An Out-of-bounds read vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not the same as CVE-2022-44648.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44647&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-44647]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44647') [MISC]('https://www.zerodayinitiative.com/advisories/ZDI-22-1617/') [MISC]('https://success.trendmicro.com/solution/000291770')[/TD] [/TR] [TR] [TD][LEFT]trendmicro -- apex_one[/LEFT][/TD] [TD][LEFT]An Out-of-bounds read vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not the same as CVE-2022-44647.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44648&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-44648]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44648') [MISC]('https://www.zerodayinitiative.com/advisories/ZDI-22-1618/') [MISC]('https://success.trendmicro.com/solution/000291770')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_10[/LEFT][/TD] [TD][LEFT]Windows Bluetooth Driver Information Disclosure Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44674&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-44674]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44674') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44674')[/TD] [/TR] [TR] [TD][LEFT]azure -- network_watcher_agent[/LEFT][/TD] [TD][LEFT]Azure Network Watcher Agent Security Feature Bypass Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44699&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-44699]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44699') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44699')[/TD] [/TR] [TR] [TD][LEFT]wasm3_project -- wasm3[/LEFT][/TD] [TD][LEFT]wasm3 commit 7890a2097569fde845881e0b352d813573e371f9 was discovered to contain a segmentation fault via the component op_CallIndirect at /m3_exec.h.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44874&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-44874]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44874') [MISC]('https://github.com/wasm3/wasm3/issues/380')[/TD] [/TR] [TR] [TD][LEFT]siemens -- 6gk5204-0ba00-2mb2_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). Specially crafted PROFINET DCP packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2).[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46351&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-46351]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46351') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-363821.pdf')[/TD] [/TR] [TR] [TD][LEFT]arcadyan -- vrv9506jac23_firmware[/LEFT][/TD] [TD][LEFT]Multiple stored cross-site scripting (XSS) vulnerabilities in Arcadyan Wifi routers VRV9506JAC23 allow remote attackers to inject arbitrary web script or HTML via the hostName and domain_name parameters present in the LAN configuration section of the administrative dashboard.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-9419&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2020-9419]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-9419') [MISC]('https://gist.github.com/AsherDLL/03d0762b5a535e300f1121caebe333ce')[/TD] [/TR] [TR] [TD][LEFT]feehi -- feehicms[/LEFT][/TD] [TD][LEFT]File Upload vulnerability in Feehi CMS thru 2.1.1 allows attackers to run arbitrary code via crafted image upload.[/LEFT][/TD] [TD][CENTER]2022-12-15[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-36573&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2021-36573]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-36573') [MISC]('https://github.com/liufee/cms/issues/59')[/TD] [/TR] [TR] [TD][LEFT]ibm -- api_connect[/LEFT][/TD] [TD][LEFT]IBM API Connect V10.0.0.0 through V10.0.5.0, V10.0.1.0 through V10.0.1.7, and V2018.4.1.0 through 2018.4.1.19 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 213212.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-38997&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2021-38997]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-38997') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/213212') [MISC]('https://www.ibm.com/support/pages/node/6842621')[/TD] [/TR] [TR] [TD][LEFT]typo3 -- typo3[/LEFT][/TD] [TD][LEFT]TYPO3 is an open source PHP based web content management system. In versions prior to 10.4.33, 11.5.20, and 12.1.1, When users reset their password using the corresponding password recovery functionality, existing sessions for that particular user account were not revoked. This applied to both frontend user sessions and backend user sessions. This issue is patched in versions 10.4.33, 11.5.20, 12.1.1.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23502&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-23502]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23502') [MISC]('https://github.com/TYPO3/typo3/security/advisories/GHSA-mgj2-q8wp-29rr')[/TD] [/TR] [TR] [TD][LEFT]symantec -- messaging_gateway[/LEFT][/TD] [TD][LEFT]An authenticated user who has the privilege to add/edit annotations on the Content tab, can craft a malicious annotation that can be executed on the annotations page (Annotation Text Column)[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-25629&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-25629]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-25629') [MISC]('https://support.broadcom.com/external/content/SecurityAdvisories/0/21115')[/TD] [/TR] [TR] [TD][LEFT]symantec -- messaging_gateway[/LEFT][/TD] [TD][LEFT]An authenticated user can embed malicious content with XSS into the admin group policy page.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-25630&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-25630]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-25630') [MISC]('https://support.broadcom.com/external/content/SecurityAdvisories/0/21117')[/TD] [/TR] [TR] [TD][LEFT]yiiframework -- gii[/LEFT][/TD] [TD][LEFT]Yii Yii2 Gii through 2.2.4 allows stored XSS by injecting a payload into any field.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-34297&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-34297]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-34297') [MISC]('https://gist.github.com/be4r/b5c48d97ef6726d3ee37f995ee5aac81')[/TD] [/TR] [TR] [TD][LEFT]arubanetworks -- edgeconnect_enterprise[/LEFT][/TD] [TD][LEFT]A vulnerability within the web-based management interface of EdgeConnect Enterprise could allow a remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface by uploading a specially crafted file. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37926&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-37926]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37926') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-018.txt')[/TD] [/TR] [TR] [TD][LEFT]supra-csv-parser_project -- supra-csv-parser[/LEFT][/TD] [TD][LEFT]Cross-site Scripting (XSS) is a client-side code injection attack. The attacker aims to execute malicious scripts in a web browser of the victim by including malicious code in a legitimate web page or web application.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3853&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3853]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3853') [MISC]('https://wpscan.com/vulnerability/c2bc7d23-5bfd-481c-b42b-da7ee80d9514')[/TD] [/TR] [TR] [TD][LEFT]g5theme -- essential_real_estate[/LEFT][/TD] [TD][LEFT]The Essential Real Estate WordPress plugin before 3.9.6 does not sanitize and escapes some parameters, which could allow users with a role as low as Admin to perform Cross-Site Scripting attacks.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3933&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3933]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3933') [MISC]('https://wpscan.com/vulnerability/6395f3f1-5cdf-4c55-920c-accc0201baf4')[/TD] [/TR] [TR] [TD][LEFT]mehanoid -- flat_pm[/LEFT][/TD] [TD][LEFT]The Flat PM WordPress plugin through 2.661 does not sanitize and escapes some parameters, which could allow users with a role as low as Admin to perform Cross-Site Scripting attacks.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3934&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3934]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3934') [MISC]('https://wpscan.com/vulnerability/ab68381f-c4b8-4945-a6a5-1d4d6473b73a')[/TD] [/TR] [TR] [TD][LEFT]collne -- welcart_e-commerce[/LEFT][/TD] [TD][LEFT]The Welcart e-Commerce WordPress plugin before 2.8.4 does not sanitise and escape some parameters, which could allow any authenticated users, such as subscriber to perform Stored Cross-Site Scripting attacks[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3935&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3935]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3935') [MISC]('https://wpscan.com/vulnerability/906c5122-dd6d-494b-b66c-4162e234ea05')[/TD] [/TR] [TR] [TD][LEFT]donation_button_project -- donation_button[/LEFT][/TD] [TD][LEFT]The Donation Button WordPress plugin through 4.0.0 does not sanitize and escapes some parameters, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4005&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4005]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4005') [MISC]('https://wpscan.com/vulnerability/61d5c9b8-5c21-4ab5-b31c-e13ca19ea25c')[/TD] [/TR] [TR] [TD][LEFT]ibm -- cloud_transformation_advisor[/LEFT][/TD] [TD][LEFT]IBM Cloud Transformation Advisor 2.0.1 through 3.3.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 237214.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41299&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-41299]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41299') [MISC]('https://www.ibm.com/support/pages/node/6846257') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/237214')[/TD] [/TR] [TR] [TD][LEFT]tibco -- jasperreports_server[/LEFT][/TD] [TD][LEFT]The Dashboard component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server - Developer Edition, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for Microsoft Azure, and TIBCO JasperReports Server for Microsoft Azure contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute Stored Cross Site Scripting (XSS) on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO JasperReports Server: versions 8.0.2 and below, TIBCO JasperReports Server: version 8.1.0, TIBCO JasperReports Server - Developer Edition: versions 8.1.0 and below, TIBCO JasperReports Server for AWS Marketplace: versions 8.0.2 and below, TIBCO JasperReports Server for AWS Marketplace: version 8.1.0, TIBCO JasperReports Server for Microsoft Azure: versions 8.0.2 and below, and TIBCO JasperReports Server for Microsoft Azure: version 8.1.0.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41563&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-41563]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41563') [CONFIRM]('https://www.tibco.com/services/support/advisories') [CONFIRM]('https://www.tibco.com/support/advisories/2022/12/tibco-security-advisory-december-13-2022-tibco-jasperreports-server-cve-2022-41563')[/TD] [/TR] [TR] [TD][LEFT]oxilab -- image_hover_effects_ultimate[/LEFT][/TD] [TD][LEFT]The Image Hover Effects Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several values that can be added to an Image Hover in versions 9.8.1 to 9.8.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. By default, the plugin only allows administrators access to edit Image Hovers, however, if a site admin makes the plugin's features available to lower privileged users through the 'Who Can Edit?' setting then this can be exploited by those users.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4207&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4207]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4207') [MISC]('https://www.wordfence.com/threat-intel/vulnerabilities/id/f00cdef3-d733-4e85-8099-204ef76096b4') [MISC]('https://github.com/MrOxizen/image-hover-effects-ultimate/commit/4ba784e1a2a0cf02e8b8cbe3db7323735d7dedc9') [MISC]('https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2830197%40image-hover-effects-ultimate&new=2830197%40image-hover-effects-ultimate&sfp_email=&sfph_mail=')[/TD] [/TR] [TR] [TD][LEFT]deltaww -- dx-2100-l1-cn_firmware[/LEFT][/TD] [TD][LEFT]Delta Electronics DX-2100-L1-CN 2.42 is vulnerable to Cross Site Scripting (XSS) via lform/urlfilter.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42141&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-42141]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42141') [MISC]('https://cyberdanube.com/en/en-multiple-vulnerabilities-in-delta-electronics-dx-2100-l1-cn/')[/TD] [/TR] [TR] [TD][LEFT]adobe -- experience_manager[/LEFT][/TD] [TD][LEFT]Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42360&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-42360]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42360') [MISC]('https://helpx.adobe.com/security/products/experience-manager/apsb22-59.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- experience_manager[/LEFT][/TD] [TD][LEFT]Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42367&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-42367]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42367') [MISC]('https://helpx.adobe.com/security/products/experience-manager/apsb22-59.html')[/TD] [/TR] [TR] [TD][LEFT]bt -- baota[/LEFT][/TD] [TD][LEFT]In BAOTA linux panel there exists a stored xss vulnerability attackers can use to obtain sensitive information via the log analysis feature.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4336&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4336]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4336') [MISC]('https://mlux.cc/index.php/archives/100/')[/TD] [/TR] [TR] [TD][LEFT]s-cms -- s-cms[/LEFT][/TD] [TD][LEFT]A vulnerability was found in S-CMS 5.0 Build 20220328. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Contact Information Page. The manipulation of the argument Make a Call leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-215197 was assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4377&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4377]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4377') [N/A]('https://github.com/mengdeyin/main/blob/main/README.md') [N/A]('https://vuldb.com/?id.215197')[/TD] [/TR] [TR] [TD][LEFT]pyrdfa3_project -- pyrdfa3[/LEFT][/TD] [TD][LEFT]** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in RDFlib pyrdfa3 and classified as problematic. This issue affects the function [I]get_option of the file pyRdfa/__init_[/I].py. The manipulation leads to cross site scripting. The attack may be initiated remotely. The name of the patch is ffd1d62dd50d5f4190013b39cedcdfbd81f3ce3e. It is recommended to apply a patch to fix this issue. The identifier VDB-215249 was assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.[/LEFT][/TD] [TD][CENTER]2022-12-10[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4396&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4396]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4396') [N/A]('https://github.com/RDFLib/pyrdfa3/commit/ffd1d62dd50d5f4190013b39cedcdfbd81f3ce3e') [N/A]('https://github.com/RDFLib/pyrdfa3/pull/40') [N/A]('https://vuldb.com/?id.215249')[/TD] [/TR] [TR] [TD][LEFT]csaf_provider_project -- csaf_provider[/LEFT][/TD] [TD][LEFT]The csaf_provider package before 0.8.2 allows XSS via a crafted CSAF document uploaded as text/html. The endpoint upload allows valid CSAF advisories (JSON format) to be uploaded with Content-Type text/html and filenames ending in .html. When subsequently accessed via web browser, these advisories are served and interpreted as HTML pages. Such uploaded advisories can contain JavaScript code that will execute within the browser context of users inspecting the advisory.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43996&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-43996]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43996') [MISC]('https://wid.cert-bund.de/.well-known/csaf/white/2022/bsi-2022-0003.json')[/TD] [/TR] [TR] [TD][LEFT]pallidlight_online_course_selection_system_project -- pallidlight_online_course_selection_system[/LEFT][/TD] [TD][LEFT]A vulnerability was found in pallidlight online-course-selection-system. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-215268.[/LEFT][/TD] [TD][CENTER]2022-12-11[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4401&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4401]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4401') [MISC]('https://vuldb.com/?id.215268') [MISC]('https://gitee.com/pallidlight/online-course-selection-system/issues/I5XNHW')[/TD] [/TR] [TR] [TD][LEFT]phpmyfaq -- phpmyfaq[/LEFT][/TD] [TD][LEFT]Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.9.[/LEFT][/TD] [TD][CENTER]2022-12-11[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4408&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4408]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4408') [CONFIRM]('https://huntr.dev/bounties/2ec4ddd4-de22-4f2d-ba92-3382b452bfea') [MISC]('https://github.com/thorsten/phpmyfaq/commit/e2ea332a2b5e798f2c39203b2489a2dabe831751')[/TD] [/TR] [TR] [TD][LEFT]permalink_manager_lite_project -- permalink_manager_lite[/LEFT][/TD] [TD][LEFT]The Permalink Manager Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including 2.2.20.3 due to improper output escaping on post/page/media titles. This makes it possible for attackers to inject arbitrary web scripts on the permalink-manager page if another plugin or theme is installed on the site that allows lower privileged users with unfiltered_html the ability to modify post/page titles with malicious web scripts.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4410&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4410]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4410') [MISC]('https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2833667%40permalink-manager&new=2833667%40permalink-manager&sfp_email=&sfph_mail=') [MISC]('https://www.wordfence.com/threat-intel/vulnerabilities/id/6cbf9636-9d9d-44d4-b873-8920f2dbb846')[/TD] [/TR] [TR] [TD][LEFT]adobe -- experience_manager[/LEFT][/TD] [TD][LEFT]Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44462&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44462]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44462') [MISC]('https://helpx.adobe.com/security/products/experience-manager/apsb22-59.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- experience_manager[/LEFT][/TD] [TD][LEFT]Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44468&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44468]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44468') [MISC]('https://helpx.adobe.com/security/products/experience-manager/apsb22-59.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- experience_manager[/LEFT][/TD] [TD][LEFT]Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44469&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44469]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44469') [MISC]('https://helpx.adobe.com/security/products/experience-manager/apsb22-59.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- experience_manager[/LEFT][/TD] [TD][LEFT]Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44473&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44473]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44473') [MISC]('https://helpx.adobe.com/security/products/experience-manager/apsb22-59.html')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_10[/LEFT][/TD] [TD][LEFT]Windows SmartScreen Security Feature Bypass Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44698&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L')[/CENTER][/TD] [TD][CVE-2022-44698]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44698') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44698')[/TD] [/TR] [TR] [TD][LEFT]siemens -- simatic_wincc_oa[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in SIMATIC WinCC OA V3.15 (All versions), SIMATIC WinCC OA V3.16 (All versions < V3.16 P035), SIMATIC WinCC OA V3.17 (All versions < V3.17 P024), SIMATIC WinCC OA V3.18 (All versions < V3.18 P014). The affected component allows to inject custom arguments to the Ultralight Client backend application under certain circumstances. This could allow an authenticated remote attacker to inject arbitrary parameters when starting the client via the web interface (e.g., open attacker chosen panels with the attacker's credentials or start a Ctrl script).[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44731&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44731]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44731') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-547714.pdf')[/TD] [/TR] [TR] [TD][LEFT]sens_project -- sens[/LEFT][/TD] [TD][LEFT]SENS v1.0 is vulnerable to Cross Site Scripting (XSS) via com.liuyanzhao.sens.web.controller.admin, getRegister.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45758&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-45758]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45758') [MISC]('https://github.com/saysky/SENS/issues/19')[/TD] [/TR] [TR] [TD][LEFT]alist_project -- alist[/LEFT][/TD] [TD][LEFT]Alist v3.5.1 is vulnerable to Cross Site Scripting (XSS) via the bulletin board.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45970&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-45970]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45970') [MISC]('https://github.com/alist-org/alist/issues/2457')[/TD] [/TR] [TR] [TD][LEFT]jenkins -- checkmarx[/LEFT][/TD] [TD][LEFT]Jenkins Checkmarx Plugin 2022.3.3 and earlier does not escape values returned from the Checkmarx service API before inserting them into HTML reports, resulting in a stored cross-site scripting (XSS) vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46684&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-46684]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46684') [MISC]('https://www.jenkins.io/security/advisory/2022-12-07/#SECURITY-2869')[/TD] [/TR] [TR] [TD][LEFT]jenkins -- custom_build_properties[/LEFT][/TD] [TD][LEFT]Jenkins Custom Build Properties Plugin 2.79.vc095ccc85094 and earlier does not escape property values and build display names on the Custom Build Properties and Build Summary pages, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to set or change these values.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46686&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-46686]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46686') [MISC]('https://www.jenkins.io/security/advisory/2022-12-07/#SECURITY-2810')[/TD] [/TR] [TR] [TD][LEFT]jenkins -- spring_config[/LEFT][/TD] [TD][LEFT]Jenkins Spring Config Plugin 2.0.0 and earlier does not escape build display names shown on the Spring Config view, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to change build display names.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46687&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-46687]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46687') [MISC]('https://www.jenkins.io/security/advisory/2022-12-07/#SECURITY-2814')[/TD] [/TR] [TR] [TD][LEFT]websoft -- websoft_hcm[/LEFT][/TD] [TD][LEFT]Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Stored XSS.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46903&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-46903]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46903') [MISC]('https://news.websoft.ru/_wt/wiki_base/7175851369410989446')[/TD] [/TR] [TR] [TD][LEFT]websoft -- websoft_hcm[/LEFT][/TD] [TD][LEFT]Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Self-XSS.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46904&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-46904]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46904') [MISC]('https://news.websoft.ru/_wt/wiki_base/7175852133775323458')[/TD] [/TR] [TR] [TD][LEFT]websoft -- websoft_hcm[/LEFT][/TD] [TD][LEFT]Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Reflected XSS.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46906&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-46906]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46906') [MISC]('https://news.websoft.ru/_wt/wiki_base/7175852586100985308')[/TD] [/TR] [TR] [TD][LEFT]cisco -- ata_190_firmware[/LEFT][/TD] [TD][LEFT]Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device and cause the LLDP service to restart. These vulnerabilities are due to missing length validation of certain LLDP packet header fields. An attacker could exploit these vulnerabilities by sending a malicious LLDP packet to an affected device. A successful exploit could allow the attacker to execute code on the affected device and cause LLDP to restart unexpectedly, resulting in a denial of service (DoS) condition.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20686&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L')[/CENTER][/TD] [TD][CVE-2022-20686]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20686') [MISC]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ata19x-multivuln-GEZYVvs')[/TD] [/TR] [TR] [TD][LEFT]cisco -- ata_190_firmware[/LEFT][/TD] [TD][LEFT]Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device and cause the LLDP service to restart. These vulnerabilities are due to missing length validation of certain LLDP packet header fields. An attacker could exploit these vulnerabilities by sending a malicious LLDP packet to an affected device. A successful exploit could allow the attacker to execute code on the affected device and cause LLDP to restart unexpectedly, resulting in a denial of service (DoS) condition.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20687&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L')[/CENTER][/TD] [TD][CVE-2022-20687]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20687') [MISC]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ata19x-multivuln-GEZYVvs')[/TD] [/TR] [TR] [TD][LEFT]cisco -- ata_190_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device and cause Cisco Discovery Protocol service to restart. This vulnerability is due to missing length validation of certain Cisco Discovery Protocol packet header fields. An attacker could exploit these vulnerabilities by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to execute code on the affected device and cause Cisco Discovery Protocol to restart unexpectedly, resulting in a DoS condition.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20688&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L')[/CENTER][/TD] [TD][CVE-2022-20688]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20688') [MISC]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ata19x-multivuln-GEZYVvs')[/TD] [/TR] [TR] [TD][LEFT]vmware -- vcenter_server[/LEFT][/TD] [TD][LEFT]The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-31698&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L')[/CENTER][/TD] [TD][CVE-2022-31698]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-31698') [MISC]('https://www.vmware.com/security/advisories/VMSA-2022-0030.html')[/TD] [/TR] [TR] [TD][LEFT]arubanetworks -- sd-wan[/LEFT][/TD] [TD][LEFT]Aruba has identified certain configurations of ArubaOS that can lead to sensitive information disclosure from the configured ESSIDs. The scenarios in which disclosure of potentially sensitive information can occur are complex, and depend on factors beyond the control of attackers.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37909&vector=CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-37909]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37909') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-016.txt')[/TD] [/TR] [TR] [TD][LEFT]updraftplus -- all-in-one_security[/LEFT][/TD] [TD][LEFT]The All-In-One Security (AIOS) WordPress plugin before 5.0.8 is susceptible to IP Spoofing attacks, which can lead to bypassed security features (like IP blocks, rate limiting, brute force protection, and more).[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4097&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4097]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4097') [MISC]('https://wpscan.com/vulnerability/15819d33-7497-4f7d-bbb8-b3ab147806c4')[/TD] [/TR] [TR] [TD][LEFT]funkwhale -- funkwhale[/LEFT][/TD] [TD][LEFT]User invites for Funkwhale v1.2.8 do not permanently expire after being used for signup and can be used again after an account has been deleted.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45292&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-45292]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45292') [MISC]('https://dev.funkwhale.audio/funkwhale/funkwhale/-/issues/1952')[/TD] [/TR] [TR] [TD][LEFT]boa -- boa[/LEFT][/TD] [TD][LEFT]Boa Web Server versions 0.94.13 through 0.94.14 fail to validate the correct security constraint on the HEAD HTTP method allowing everyone to bypass the Basic Authorization mechanism.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45956&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-45956]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45956') [MISC]('https://packetstormsecurity.com/files/169962/Boa-Web-Server-0.94.13-0.94.14-Authentication-Bypass.html')[/TD] [/TR] [TR] [TD][LEFT]siemens -- 6gk5204-0ba00-2mb2_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). The webserver of an affected device is missing specific security headers. This could allow an remote attacker to extract confidential session information under certain circumstances.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46354&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-46354]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46354') [CONFIRM]('https://cert-portal.siemens.com/productcert/pdf/ssa-363821.pdf')[/TD] [/TR] [TR] [TD][LEFT]ibm -- power_system_ac922_\(8335-gtg\)_firmware[/LEFT][/TD] [TD][LEFT]IBM OpenBMC OP910 and OP940 could allow a privileged user to cause a denial of service by uploading or deleting too many CA certificates in a short period of time. IBM X-Force ID: 2226337.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][4.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-22488&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-22488]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-22488') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/226337') [MISC]('https://www.ibm.com/support/pages/node/6840155')[/TD] [/TR] [TR] [TD][LEFT]typo3 -- typo3[/LEFT][/TD] [TD][LEFT]TYPO3 is an open source PHP based web content management system. Versions prior to 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are subject to Sensitive Information Disclosure. Due to the lack of handling user-submitted YAML placeholder expressions in the site configuration backend module, attackers could expose sensitive internal information, such as system configuration or HTTP request messages of other website visitors. A valid backend user account having administrator privileges is needed to exploit this vulnerability. This issue has been patched in versions 9.5.38 ELTS, 10.4.33, 11.5.20, 12.1.1.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER][4.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23504&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-23504]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23504') [MISC]('https://github.com/TYPO3/typo3/security/advisories/GHSA-8w3p-qh3x-6gjr')[/TD] [/TR] [TR] [TD][LEFT]broadcom -- brocade_sannav[/LEFT][/TD] [TD][LEFT]Brocade SANnav before v2.2.1 logs usernames and encoded passwords in debug-enabled logs. The vulnerability could allow an attacker with admin privilege to read sensitive information.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][4.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-33187&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-33187]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-33187') [MISC]('https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2122')[/TD] [/TR] [TR] [TD][LEFT]hcltechsw -- hcl_launch[/LEFT][/TD] [TD][LEFT]HCL Launch could allow a user with administrative privileges, including "Manage Security" permissions, the ability to recover a credential previously saved for performing authenticated LDAP searches.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][4.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42445&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-42445]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42445') [MISC]('https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0101208')[/TD] [/TR] [TR] [TD][LEFT]aerocms_project -- aerocms[/LEFT][/TD] [TD][LEFT]AeroCMS v0.0.1 is vulnerable to SQL Injection via the delete parameter.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][4.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46047&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-46047]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46047') [MISC]('https://github.com/rdyx0/CVE/blob/master/AeroCMS/AeroCMS-v0.0.1-SQLi/categories_delete_sql_injection/categories_delete_sql_injection.md')[/TD] [/TR] [TR] [TD][LEFT]medtronic -- guardian_link_2_transmitter_mmt-7730_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability exists which could allow an unauthorized user to learn aspects of the communication protocol used to pair system components while the pump is being paired with other system components. Exploitation requires nearby wireless signal proximity with the patient and the device; advanced technical knowledge is required for exploitation. Please refer to the Medtronic Product Security Bulletin for guidance[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32537&vector=CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-32537]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32537') [MISC]('https://www.cisa.gov/uscert/ics/advisories/icsma-22-263-01') [MISC]('https://global.medtronic.com/xg-en/product-security/security-bulletins/minimed-600-series-communication-issue.html')[/TD] [/TR] [TR] [TD][LEFT]getyourguide_ticketing_project -- getyourguide_ticketing[/LEFT][/TD] [TD][LEFT]The GetYourGuide Ticketing WordPress plugin before 1.0.4 does not sanitise and escape some parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3609&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3609]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3609') [MISC]('https://wpscan.com/vulnerability/b893cac2-6511-4e2a-9eff-baf0f3cc9d7e')[/TD] [/TR] [TR] [TD][LEFT]livemeshelementor -- addons_for_elementor[/LEFT][/TD] [TD][LEFT]The Livemesh Addons for Elementor WordPress plugin before 7.2.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3862&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3862]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3862') [MISC]('https://wpscan.com/vulnerability/3db9a8f5-3335-4b8d-a067-091cbfed1efc')[/TD] [/TR] [TR] [TD][LEFT]whitestudio -- easy_form_builder[/LEFT][/TD] [TD][LEFT]The Easy Form Builder WordPress plugin before 3.4.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3906&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3906]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3906') [MISC]('https://wpscan.com/vulnerability/fee8652d-cd50-4cb0-b94d-2d124f56af1a')[/TD] [/TR] [TR] [TD][LEFT]automattic -- jetpack_crm[/LEFT][/TD] [TD][LEFT]The Jetpack CRM WordPress plugin before 5.4.3 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3919&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3919]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3919') [MISC]('https://wpscan.com/vulnerability/fe2f1d52-8421-4b46-b829-6953a0472dcb')[/TD] [/TR] [TR] [TD][LEFT]dpdgroup -- woocommerce_shipping[/LEFT][/TD] [TD][LEFT]The WooCommerce Shipping WordPress plugin through 1.2.11 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4000&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4000]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4000') [MISC]('https://wpscan.com/vulnerability/5563c030-bd62-4839-98e8-84bc8191e242')[/TD] [/TR] [TR] [TD][LEFT]webdevocean -- image_hover_effects[/LEFT][/TD] [TD][LEFT]The Image Hover Effects WordPress plugin through 5.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4010&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4010]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4010') [MISC]('https://wpscan.com/vulnerability/bed8c81c-04c7-412d-9563-ce4eb64b7754')[/TD] [/TR] [TR] [TD][LEFT]zkteco -- automatic_data_master_server[/LEFT][/TD] [TD][LEFT]ZKTeco Xiamen Information Technology ZKBio ECO ADMS <=3.1-164 is vulnerable to Cross Site Scripting (XSS).[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44213&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44213]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44213') [MISC]('https://the-it-wonders.blogspot.com/2022/09/zkt-eco-adms-stored-xss.html')[/TD] [/TR] [TR] [TD][LEFT]aerocms_project -- aerocms[/LEFT][/TD] [TD][LEFT]AeroCMS v0.0.1 was discovered to contain a cross-site scripting (XSS) vulnerability via add_post.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comments text field.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46058&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-46058]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46058') [MISC]('https://github.com/rdyx0/CVE/blob/master/AeroCMS/AeroCMS-v0.0.1-XSS/add_post_post_content/add_post_post_content.md')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In updatePublicMode of NotificationLockscreenUserManagerImpl.java, there is a possible way to reveal sensitive notifications on the lockscreen due to an incorrect state transition. This could lead to local information disclosure with physical access required and an app that runs above the lockscreen, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-246301979[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][4.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20497&vector=CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-20497]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20497') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]westerndigital -- my_cloud_os[/LEFT][/TD] [TD][LEFT]Improper Authentication vulnerability in the encrypted volumes and auto mount features of Western Digital My Cloud devices allows insecure direct access to the drive information in the case of a device reset. This issue affects: Western Digital My Cloud My Cloud versions prior to 5.25.124 on Linux.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][4.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-29838&vector=CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-29838]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-29838') [MISC]('https://www.westerndigital.com/support/product-security/wdc-22019-my-cloud-firmware-version-5-25-124')[/TD] [/TR] [TR] [TD][LEFT]adobe -- experience_manager[/LEFT][/TD] [TD][LEFT]Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER][4.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-35694&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-35694]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-35694') [MISC]('https://helpx.adobe.com/security/products/experience-manager/apsb22-59.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- experience_manager[/LEFT][/TD] [TD][LEFT]Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER][4.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-35696&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-35696]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-35696') [MISC]('https://helpx.adobe.com/security/products/experience-manager/apsb22-59.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- experience_manager[/LEFT][/TD] [TD][LEFT]Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER][4.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42366&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-42366]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42366') [MISC]('https://helpx.adobe.com/security/products/experience-manager/apsb22-59.html')[/TD] [/TR] [TR] [TD][LEFT]gym_management_system_project -- gym_management_system[/LEFT][/TD] [TD][LEFT]Gym Management System v0.0.1 is vulnerable to Cross Site Request Forgery (CSRF).[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][4.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46062&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-46062]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46062') [MISC]('https://github.com/rdyx0/CVE/blob/master/Gym%20Management%20System/CSRF/delete_user/delete_user.md')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In writeApplicationRestrictionsLAr of UserManagerService.java, there is a possible overwrite of system files due to a path traversal error. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-239701237[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20449&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-20449]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20449') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In fdt_path_offset_namelen of fdt_ro.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-246465319[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20498&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-20498]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20498') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]enalean -- tuleap[/LEFT][/TD] [TD][LEFT]Tuleap is an Open Source Suite to improve management of software developments and collaboration. In versions prior to 14.2.99.148, Authorizations are not properly verified when accessing MediaWiki standalone resources. Users with read only permissions for pages are able to also edit them. This only affects the MediaWiki standalone plugin. This issue is patched in versions Tuleap Community Edition 14.2.99.148, Tuleap Enterprise Edition 14.2-5, and Tuleap Enterprise Edition 14.1-6.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23473&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-23473]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23473') [MISC]('https://tuleap.net/plugins/tracker/?aid=29645') [MISC]('https://github.com/Enalean/tuleap/security/advisories/GHSA-c7rr-5vmc-rgcw') [MISC]('https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=97cac78302170a883c1d60c9fa6dfd0d95854cb9')[/TD] [/TR] [TR] [TD][LEFT]donation_button_project -- donation_button[/LEFT][/TD] [TD][LEFT]The Donation Button WordPress plugin through 4.0.0 does not properly check for privileges and nonce tokens in its "donation_button_twilio_send_test_sms" AJAX action, which may allow any users with an account on the affected site, like subscribers, to use the plugin's Twilio integration to send SMSes to arbitrary phone numbers.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4004&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4004]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4004') [MISC]('https://wpscan.com/vulnerability/6a3bcfb3-3ede-459d-969f-b7b30dafd098')[/TD] [/TR] [TR] [TD][LEFT]sap -- business_objects_business_intelligence_platform[/LEFT][/TD] [TD][LEFT]Due to a missing authentication check, SAP Business Objects Business Intelligence Platform (Web Intelligence) - versions 420, 430, allows an authenticated non-administrator attacker to modify the data source information for a document that is otherwise restricted. On successful exploitation, the attacker can modify information causing a limited impact on the integrity of the application.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41263&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-41263]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41263') [MISC]('https://launchpad.support.sap.com/#/notes/3249648') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- experience_manager[/LEFT][/TD] [TD][LEFT]Adobe Experience Manager version 6.5.14 (and earlier) is affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to disclose low level confidentiality information. Exploitation of this issue does not require user interaction.[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42351&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-42351]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42351') [MISC]('https://helpx.adobe.com/security/products/experience-manager/apsb22-59.html')[/TD] [/TR] [TR] [TD][LEFT]m-files -- m-files[/LEFT][/TD] [TD][LEFT]Incorrect Privilege Assignment in M-Files Web (Classic) in M-Files before 22.8.11691.0 allows low privilege user to change some configuration.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4264&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4264]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4264') [MISC]('https://www.m-files.com/about/trust-center/security-advisories/cve-2022-4264/')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- edge_chromium[/LEFT][/TD] [TD][LEFT]Microsoft Edge (Chromium-based) Spoofing Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44688&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44688]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44688') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44688')[/TD] [/TR] [TR] [TD][LEFT]open-emr -- openemr[/LEFT][/TD] [TD][LEFT]Improper Access Control in GitHub repository openemr/openemr prior to 7.0.0.2.[/LEFT][/TD] [TD][CENTER]2022-12-15[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4505&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-4505]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4505') [CONFIRM]('https://huntr.dev/bounties/e36ca754-bb9f-4686-ad72-7fb849e97d92') [MISC]('https://github.com/openemr/openemr/commit/235b1910ffe5296187667277d4e197a0c3a9ac33')[/TD] [/TR] [TR] [TD][LEFT]enalean -- tuleap[/LEFT][/TD] [TD][LEFT]Tuleap is an Open Source Suite to improve management of software developments and collaboration. In versions prior to 14.2.99.104, project level authorizations are not properly verified when accessing the project "homepage"/dashboards. Users not authorized to access a project may still be able to get some information provided by the widgets (e.g. number of members, content of the Notes widget...). This issue has been patched in Tuleap Community Edition 14.2.99.104, Tuleap Enterprise Edition 14.2-4, and Tuleap Enterprise Edition 14.1-5.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46160&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-46160]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46160') [MISC]('https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=0910a7b0ce14763e5c388be6ca4bcfd1c675c5d8') [MISC]('https://tuleap.net/plugins/tracker/?aid=29642') [MISC]('https://github.com/Enalean/tuleap/security/advisories/GHSA-hjhc-xqjh-9fv3')[/TD] [/TR] [TR] [TD][LEFT]gitea -- gitea[/LEFT][/TD] [TD][LEFT]In Jenkins Gitea Plugin 1.4.4 and earlier, the implementation of Gitea personal access tokens did not support credentials masking, potentially exposing them through the build log.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46685&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-46685]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46685') [MISC]('https://www.jenkins.io/security/advisory/2022-12-07/#SECURITY-2661')[/TD] [/TR] [/TABLE][/CENTER] [Back to top]('https://us-cert.cisa.gov#top')

Low Vulnerabilities

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD][LEFT]sentry -- sentry[/LEFT][/TD] [TD][LEFT]Sentry is an error tracking and performance monitoring platform. In versions of the sentry python library prior to 22.11.0 an attacker with a known valid invite link could manipulate a cookie to allow the same invite link to be reused on multiple accounts when joining an organization. As a result an attacker with a valid invite link can create multiple users and join an organization they may not have been originally invited to. This issue was patched in version 22.11.0. Sentry SaaS customers do not need to take action. Self-hosted Sentry installs on systems which can not upgrade can disable the invite functionality until they are ready to deploy the patched version by editing their [ICODE]sentry.conf.py[/ICODE] file (usually located at [ICODE]~/.sentry/[/ICODE]).[/LEFT][/TD] [TD][CENTER]2022-12-10[/CENTER][/TD] [TD][CENTER][3.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23485&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-23485]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23485') [MISC]('https://github.com/getsentry/sentry/security/advisories/GHSA-jv85-mqxj-3f9j')[/TD] [/TR] [TR] [TD][LEFT]dragino -- lg01_lora_firmware[/LEFT][/TD] [TD][LEFT]Dragino Lora LG01 18ed40 IoT v4.3.4 was discovered to contain a Cross-Site Request Forgery in the logout page.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER][3.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45228&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-45228]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45228') [MISC]('https://sectrio.com/vulnerability-research/cve-2022-45228/')[/TD] [/TR] [TR] [TD][LEFT]vmware -- esxi[/LEFT][/TD] [TD][LEFT]VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted privileges within a sandbox process may exploit this issue to achieve a partial information disclosure.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-31699&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-31699]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-31699') [MISC]('https://www.vmware.com/security/advisories/VMSA-2022-0030.html')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In sOpAllowSystemRestrictionBypass of AppOpsManager.java, there is a possible leak of location information due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-231496105[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER][2.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20240&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-20240]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20240') [MISC]('https://source.android.com/security/bulletin/2022-12-01')[/TD] [/TR] [/TABLE][/CENTER] [Back to top]('https://us-cert.cisa.gov#top')

Severity Not Yet Assigned

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD][LEFT]pacparser -- pacparser[/LEFT][/TD] [TD][LEFT]A vulnerability classified as problematic was found in pacparser up to 1.3.x. Affected by this vulnerability is the function pacparser_find_proxy of the file src/pacparser.c. The manipulation of the argument url leads to buffer overflow. Attacking locally is a requirement. Upgrading to version 1.4.0 is able to address this issue. The name of the patch is 853e8f45607cb07b877ffd270c63dbcdd5201ad9. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-215443.[/LEFT][/TD] [TD][CENTER]2022-12-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2019-25078]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-25078') [MISC]('https://vuldb.com/?id.215443') [MISC]('https://github.com/manugarg/pacparser/releases/tag/v1.4.0') [MISC]('https://github.com/manugarg/pacparser/commit/853e8f45607cb07b877ffd270c63dbcdd5201ad9') [MISC]('https://github.com/manugarg/pacparser/issues/99')[/TD] [/TR] [TR] [TD][LEFT]zhimengzhe -- ibarn[/LEFT][/TD] [TD][LEFT]File upload vulnerability in function upload in action/Core.class.php in zhimengzhe iBarn 1.5 allows remote attackers to run arbitrary code via avatar upload to index.php.[/LEFT][/TD] [TD][CENTER]2022-12-15[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2020-20588]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-20588') [MISC]('https://github.com/zhimengzhe/iBarn/issues/13')[/TD] [/TR] [TR] [TD][LEFT]netgate -- multiple_products[/LEFT][/TD] [TD][LEFT]Cross Site Scripting (XSS) vulnerability in Netgate pf Sense 2.4.4-Release-p3 and Netgate ACME package 0.6.3 allows remote attackers to to run arbitrary code via the RootFolder field to acme_certificate_edit.php page of the ACME package.[/LEFT][/TD] [TD][CENTER]2022-12-15[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2020-21219]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-21219') [MISC]('https://github.com/pfsense/FreeBSD-ports/commit/a6f443cde51e7fcf17e51f16014d3589253284d8') [MISC]('https://redmine.pfsense.org/issues/9888')[/TD] [/TR] [TR] [TD][LEFT]easywebpack-cli -- easywebpack-cli[/LEFT][/TD] [TD][LEFT]Directory Traversal vulnerability in easywebpack-cli before 4.5.2 allows attackers to obtain sensitive information via crafted GET request.[/LEFT][/TD] [TD][CENTER]2022-12-15[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2020-24855]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-24855') [MISC]('https://github.com/easy-team/easywebpack-cli/issues/25')[/TD] [/TR] [TR] [TD][LEFT]ibm -- spectrum_protect_plus[/LEFT][/TD] [TD][LEFT]IBM Spectrum Protect Plus 10.1.0 through 10.1.12 discloses sensitive information due to unencrypted data being used in the communication flow between Spectrum Protect Plus vSnap and its agents. An attacker could obtain information using main in the middle techniques. IBM X-Force ID: 182106.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2020-4497]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-4497') [MISC]('https://www.ibm.com/support/pages/node/6847627') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/182106')[/TD] [/TR] [TR] [TD][LEFT]apache -- zeppelin[/LEFT][/TD] [TD][LEFT]The improper Input Validation vulnerability in "”Move folder to Trash” feature of Apache Zeppelin allows an attacker to delete the arbitrary files. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-28655]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-28655') [MISC]('https://lists.apache.org/thread/bxs056g3xlsofz0jb3wny9dw4llwptd2')[/TD] [/TR] [TR] [TD][LEFT]sourcecodester -- online_grading_system[/LEFT][/TD] [TD][LEFT]A SQL injection vulnerability in Sourcecodester Online Grading System 1.0 allows remote attackers to execute arbitrary SQL commands via the uname parameter.[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-31650]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-31650') [MISC]('https://www.exploit-db.com/exploits/49493')[/TD] [/TR] [TR] [TD][LEFT]inikulin -- replicator[/LEFT][/TD] [TD][LEFT]A deserialization issue discovered in inikulin replicator before 1.0.4 allows remote attackers to run arbitrary code via the fromSerializable function in TypedArray object.[/LEFT][/TD] [TD][CENTER]2022-12-15[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-33420]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-33420') [MISC]('https://github.com/inikulin/replicator/commit/2c626242fb4a118855262c64b5731b2ce98e521b') [MISC]('https://advisory.checkmarx.net/advisory/CX-2021-4787') [MISC]('https://github.com/inikulin/replicator/pull/17') [MISC]('https://github.com/inikulin/replicator/issues/16')[/TD] [/TR] [TR] [TD][LEFT]hp -- omen_gaming_hub_sdk[/LEFT][/TD] [TD][LEFT]Potential security vulnerabilities have been identified in an OMEN Gaming Hub SDK package which may allow escalation of privilege and/or denial of service. HP is releasing software updates to mitigate the potential vulnerabilities.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-3437]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-3437') [MISC]('https://support.hp.com/us-en/document/ish_4610088-4610112-16/hpsbgn03726')[/TD] [/TR] [TR] [TD][LEFT]solarwinds -- serv-u_ftp_server[/LEFT][/TD] [TD][LEFT]Common encryption key appears to be used across all deployed instances of Serv-U FTP Server. Because of this an encrypted value that is exposed to an attacker can be simply recovered to plaintext.[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-35252]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-35252') [MISC]('https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35252') [MISC]('https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-3-2_release_notes.htm') [MISC]('https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35252')[/TD] [/TR] [TR] [TD][LEFT]feehi_cms -- feehi_cms[/LEFT][/TD] [TD][LEFT]Cross Site Scripting (XSS) vulnerability in Feehi CMS thru 2.1.1 allows attackers to run arbitrary code via the user name field of the login page.[/LEFT][/TD] [TD][CENTER]2022-12-15[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-36572]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-36572') [MISC]('https://github.com/liufee/cms/issues/58')[/TD] [/TR] [TR] [TD][LEFT]hp -- workstation_bios[/LEFT][/TD] [TD][LEFT]A potential security vulnerability has been identified in certain HP Workstation BIOS (UEFI firmware) which may allow arbitrary code execution. HP is releasing firmware mitigations for the potential vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-3661]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-3661') [MISC]('https://support.hp.com/us-en/document/ish_5670997-5671021-16/hpsbhf03770')[/TD] [/TR] [TR] [TD][LEFT]ruoyi -- ruoyi[/LEFT][/TD] [TD][LEFT]Deserialization issue discovered in Ruoyi before 4.6.1 allows remote attackers to run arbitrary code via weak cipher in Shiro framework.[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-38241]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-38241') [MISC]('https://www.du1ge.com/archives/CVE-2021-38241')[/TD] [/TR] [TR] [TD][LEFT]hp -- multiple_products[/LEFT][/TD] [TD][LEFT]A potential security vulnerability has been identified in OMEN Gaming Hub and in HP Command Center which may allow escalation of privilege and/or denial of service. HP has released software updates to mitigate the potential vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-3919]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-3919') [MISC]('https://support.hp.com/us-en/document/ish_5481136-5481162-16/hpsbgn03761')[/TD] [/TR] [TR] [TD][LEFT]hp -- multiple_products[/LEFT][/TD] [TD][LEFT]Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with use of Link-Local Multicast Name Resolution or LLMNR.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-3942]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-3942') [MISC]('https://support.hp.com/us-en/document/ish_5948778-5949142-16/hpsbpi03780')[/TD] [/TR] [TR] [TD][LEFT]seacms -- seacms[/LEFT][/TD] [TD][LEFT]An issue was discovered in /Upload/admin/admin_notify.php in Seacms 11.4 allows attackers to execute arbitrary php code via the notify1 parameter when the action parameter equals set.[/LEFT][/TD] [TD][CENTER]2022-12-15[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-39426]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-39426') [MISC]('https://github.com/seacms-com/seacms/issues/21')[/TD] [/TR] [TR] [TD][LEFT]188jianzhan -- 188jianzhan[/LEFT][/TD] [TD][LEFT]Cross site scripting vulnerability in 188Jianzhan 2.10 allows attackers to execute arbitrary code via the username parameter to /admin/reg.php.[/LEFT][/TD] [TD][CENTER]2022-12-15[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-39427]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-39427') [MISC]('https://github.com/vtime-tech/188Jianzhan/issues/4')[/TD] [/TR] [TR] [TD][LEFT]eyoucms -- eyoucms[/LEFT][/TD] [TD][LEFT]Cross Site Scripting (XSS) vulnerability in Users.php in eyoucms 1.5.4 allows remote attackers to run arbitrary code and gain escalated privilege via the filename for edit_users_head_pic.[/LEFT][/TD] [TD][CENTER]2022-12-15[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-39428]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-39428') [MISC]('https://github.com/eyoucms/eyoucms/issues/14')[/TD] [/TR] [TR] [TD][LEFT]rsfirewall -- rsfirewall[/LEFT][/TD] [TD][LEFT]RSFirewall tries to identify the original IP address by looking at different HTTP headers. A bypass is possible due to the way it is implemented.[/LEFT][/TD] [TD][CENTER]2022-12-15[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-4226]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-4226') [MISC]('https://wpscan.com/vulnerability/c0ed80c8-ebbf-4ed9-b02f-31660097c352')[/TD] [/TR] [TR] [TD][LEFT]chbrown -- rfc6902[/LEFT][/TD] [TD][LEFT]A vulnerability classified as problematic has been found in chbrown rfc6902. This affects an unknown part of the file pointer.ts. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). The exploit has been disclosed to the public and may be used. The name of the patch is c006ce9faa43d31edb34924f1df7b79c137096cf. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-215883.[/LEFT][/TD] [TD][CENTER]2022-12-15[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-4245]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-4245') [N/A]('https://github.com/chbrown/rfc6902/commit/c006ce9faa43d31edb34924f1df7b79c137096cf') [N/A]('https://github.com/chbrown/rfc6902/pull/76') [N/A]('https://vuldb.com/?id.215883')[/TD] [/TR] [TR] [TD][LEFT]roxlukas -- lmeve[/LEFT][/TD] [TD][LEFT]A vulnerability was found in roxlukas LMeve and classified as critical. Affected by this issue is some unknown functionality of the component Login Page. The manipulation of the argument X-Forwarded-For leads to sql injection. The attack may be launched remotely. The name of the patch is 29e1ead3bb1c1fad53b77dfc14534496421c5b5d. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216176.[/LEFT][/TD] [TD][CENTER]2022-12-17[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-4246]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-4246') [N/A]('https://vuldb.com/?id.216176') [N/A]('https://github.com/roxlukas/lmeve/commit/29e1ead3bb1c1fad53b77dfc14534496421c5b5d')[/TD] [/TR] [TR] [TD][LEFT]hp -- jumpstart[/LEFT][/TD] [TD][LEFT]A potential security vulnerability has been identified in the HP Jumpstart software, which might allow escalation of privilege. HP is recommending that customers uninstall HP Jumpstart and use myHP software.[/LEFT][/TD] [TD][CENTER]2022-12-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-1038]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-1038') [MISC]('https://support.hp.com/us-en/document/ish_6189329-6189528-16/hpsbhf03791')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In multiple locations of NfcService.java, there is a possible disclosure of NFC tags due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-199291025[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20199]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20199') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In onCreate of WifiDppConfiguratorActivity.java, there is a possible way for a guest user to add a WiFi configuration due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224772890[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20503]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20503') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In multiple locations of DreamManagerService.java, there is a missing permission check. This could lead to local escalation of privilege and dismissal of system dialogs with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-225878553[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20504]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20504') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In openFile of CallLogProvider.java, there is a possible permission bypass due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitationProduct: AndroidVersions: Android-13Android ID: A-225981754[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20505]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20505') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In onCreate of WifiDialogActivity.java, there is a missing permission check. This could lead to local escalation of privilege from a guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-226133034[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20506]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20506') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In onMulticastListUpdateNotificationReceived of UwbEventManager.java, there is a possible arbitrary code execution due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246649179[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20507]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20507') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In onAttach of ConfigureWifiSettings.java, there is a possible way for a guest user to change WiFi settings due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-218679614[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20508]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20508') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In mapGrantorDescr of MessageQueueBase.h, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-244713317[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20509]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20509') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In getNearbyNotificationStreamingPolicy of DevicePolicyManagerService.java, there is a possible way to learn about the notification streaming policy of other users due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-235822336[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20510]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20510') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In getNearbyAppStreamingPolicy of DevicePolicyManagerService.java, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-235821829[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20511]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20511') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In navigateUpTo of Task.java, there is a possible way to launch an intent handler with a mismatched intent due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-238602879[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20512]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20512') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-244569759[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20513]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20513') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In acquireFabricatedOverlayIterator, nextFabricatedOverlayInfos, and releaseFabricatedOverlayIterator of Idmap2Service.cpp, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-245727875[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20514]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20514') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In onPreferenceClick of AccountTypePreferenceLoader.java, there is a possible way to retrieve protected files from the Settings app due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-220733496[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20515]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20515') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In rw_t3t_act_handle_check_ndef_rsp of rw_t3t.cc, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224002331[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20516]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20516') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In getMessagesByPhoneNumber of MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224769956[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20517]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20517') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In query of MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224770203[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20518]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20518') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android [/LEFT][/TD] [TD][LEFT]In onCreate of AddAppNetworksActivity.java, there is a possible way for a guest user to configure WiFi networks due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224772678[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20519]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20519') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In onCreate of various files, there is a possible tapjacking/overlay attack. This could lead to local escalation of privilege or denial of server with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-227203202[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20520]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20520') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In sdpu_find_most_specific_service_uuid of sdp_utils.cc, there is a possible way to crash Bluetooth due to a missing null check. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-227203684[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20521]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20521') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In getSlice of ProviderModelSlice.java, there is a missing permission check. This could lead to local escalation of privilege from the guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-227470877[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20522]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20522') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In IncFs_GetFilledRangesStartingFrom of incfs.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-228222508[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20523]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20523') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In compose of Vibrator.cpp, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-228523213[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20524]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20524') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In enforceVisualVoicemailPackage of PhoneInterfaceManager.java, there is a possible leak of visual voicemail package name due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-229742768[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20525]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20525') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In CanvasContext::draw of CanvasContext.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-229742774[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20526]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20526') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In HalCoreCallback of halcore.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure from the NFC firmware with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-229994861[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20527]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20527') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In findParam of HevcUtils.cpp there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-230172711[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20528]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20528') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In multiple locations of WifiDialogActivity.java, there is a possible limited lockscreen bypass due to a logic error in the code. This could lead to local escalation of privilege in wifi settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-231583603[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20529]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20529') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In strings.xml, there is a possible permission bypass due to a misleading string. This could lead to remote information disclosure of call logs with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-231585645[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20530]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20530') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In placeCall of TelecomManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-231988638[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20531]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20531') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In getSlice of WifiSlice.java, there is a possible way to connect a new WiFi network from the guest mode due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-232798363[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20533]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20533') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In registerLocalOnlyHotspotSoftApCallback of WifiManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-233605242[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20535]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20535') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In registerBroadcastReceiver of RcsService.java, there is a possible way to change preferred TTY mode due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-235100180[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20536]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20536') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In createDialog of WifiScanModeActivity.java, there is a possible way for a Guest user to enable location-sensitive settings due to a missing permission check. This could lead to local escalation of privilege from the Guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-235601169[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20537]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20537') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In getSmsRoleHolder of RoleService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-235601770[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20538]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20538') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In parameterToHal of Effect.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the audio server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-237291425[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20539]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20539') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In SurfaceFlinger::doDump of SurfaceFlinger.cpp, there is possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-237291506[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20540]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20540') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In phNxpNciHal_ioctl of phNxpNciHal.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-238083126[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20541]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20541') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In multiple locations, there is a possible display crash loop due to improper input validation. This could lead to local denial of service with system execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-238178261[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20543]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20543') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In onOptionsItemSelected of ManageApplications.java, there is a possible bypass of profile owner restrictions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-238745070[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20544]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20544') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In bindArtworkAndColors of MediaControlPanel.java, there is a possible way to crash the phone due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-239368697[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20545]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20545') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In getCurrentConfigImpl of Effect.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-240266798[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20546]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20546') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In multiple functions of AdapterService.java, there is a possible way to manipulate Bluetooth state due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-240301753[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20547]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20547') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In setParameter of EqualizerEffect.cpp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-240919398[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20548]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20548') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In authToken2AidlVec of KeyMintUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-242702451[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20549]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20549') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In Multiple Locations, there is a possibility to launch arbitrary protected activities due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-242845514[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20550]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20550') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In btif_a2dp_sink_command_ready of btif_a2dp_sink.cc, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-243922806[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20552]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20552') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In onCreate of LogAccessDialogActivity.java, there is a possible way to bypass a permission check due to a tapjacking/overlay attack. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-244155265[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20553]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20553') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In removeEventHubDevice of InputDevice.cpp, there is a possible OOB read due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-245770596[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20554]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20554') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In ufdt_get_node_by_path_len of ufdt_convert.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246194233[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20555]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20555') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In launchConfigNewNetworkFragment of NetworkProviderSettings.java, there is a possible way for the guest user to add a new WiFi network due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246301667[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20556]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20556') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In MessageQueueBase of MessageQueueBase.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-247092734[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20557]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20557') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In registerReceivers of DeviceCapabilityListener.java, there is a possible way to change preferred TTY mode due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-236264289[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20558]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20558') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In revokeOwnPermissionsOnKill of PermissionManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-219739967[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20559]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20559') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]Product: AndroidVersions: Android kernelAndroid ID: A-212623833References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20560]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20560') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In TBD of aud_hal_tunnel.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222162870References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20561]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20561') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In various functions of ap_input_processor.c, there is a possible way to record audio during a phone call due to a logic error in the code. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-231630423References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20562]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20562') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In TBD of ufdt_convert, there is a possible out of bounds read due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242067561References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20563]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20563') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In _ufdt_output_strtab_to_fdt of ufdt_convert.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243798789References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20564]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20564') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In l2cap_chan_put of l2cap_core, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-165329981References: Upstream kernel[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20566]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20566') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In pppol2tp_create of l2tp_ppp.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-186777253References: Upstream kernel[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20567]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20567') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In (TBD) of (TBD), there is a possible way to corrupt kernel memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-220738351References: Upstream kernel[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20568]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20568') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In thermal_cooling_device_stats_update of thermal_sysfs.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-229258234References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20569]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20569') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]Product: AndroidVersions: Android kernelAndroid ID: A-230660904References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20570]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20570') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In extract_metadata of dm-android-verity.c, there is a possible way to corrupt kernel memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234030265References: Upstream kernel[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20571]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20571') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In verity_target of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234475629References: Upstream kernel[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20572]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20572') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In sec_sysmmu_info of drm_fw.c, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237582191References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20574]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20574') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In read_ppmpu_info of drm_fw.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237585040References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20575]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20575') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In externalOnRequest of rilapplication.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239701761References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20576]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20576') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In OemSimAuthRequest::encode of wlandata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241762281References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20577]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20577') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In RadioImpl::setGsmBroadcastConfig of ril_service_legacy.cpp, there is a possible stack clash leading to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243509749References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20578]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20578') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In RadioImpl::setCdmaBroadcastConfig of ril_service_legacy.cpp, there is a possible stack clash leading to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243510139References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20579]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20579') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In ufdt_do_one_fixup of ufdt_overlay.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243629453References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20580]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20580') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In the Pixel camera driver, there is a possible use after free due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-245916120References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20581]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20581') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In ppmp_unprotect_mfcfw_buf of drm_fw.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-233645166References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20582]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20582') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In ppmp_unprotect_mfcfw_buf of drm_fw.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege in S-EL1 with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234859169References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20583]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20583') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In page_number of shared_mem.c, there is a possible code execution in secure world due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238366009References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20584]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20584') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In valid_out_of_special_sec_dram_addr of drm_access_control.c, there is a possible EoP due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238716781References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20585]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20585') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In valid_out_of_special_sec_dram_addr of drm_access_control.c, there is a possible EoP due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238718854References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20586]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20586') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In ppmp_validate_wsm of drm_fw.c, there is a possible EoP due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238720411References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20587]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20587') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In sysmmu_map of sysmmu.c, there is a possible EoP due to a precondition check failure. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238785915References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20588]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20588') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In valid_va_secbuf_check of drm_access_control.c, there is a possible ID due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238841928References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20589]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20589') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In valid_va_sec_mfc_check of drm_access_control.c, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238932493References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20590]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20590') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In ppmpu_set of ppmpu.c, there is a possible information disclosure due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238939706References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20591]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20591') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In ppmp_validate_secbuf of drm_fw.c, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238976908References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20592]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20592') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In pop_descriptor_string of BufferDescriptor.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239415809References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20593]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20593') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In updateStart of WirelessCharger.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239567689References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20594]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20594') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In getWpcAuthChallengeResponse of WirelessCharger.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239700137References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20595]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20595') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In sendChunk of WirelessCharger.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239700400References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20596]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20596') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In ppmpu_set of ppmpu.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243480506References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20597]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20597') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In sec_media_protect of media.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege of secure mode MFC Core with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242357514References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20598]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20598') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In Pixel firmware, there is a possible exposure of sensitive memory due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242332706References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20599]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20599') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In TBD of TBD, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239847859References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20600]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20600') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]Product: AndroidVersions: Android kernelAndroid ID: A-204541506References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20601]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20601') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]Product: AndroidVersions: Android kernelAndroid ID: A-211081867References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20602]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20602') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In SetDecompContextDb of RohcDeCompContextOfRbId.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-219265339References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20603]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20603') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In SAECOMM_SetDcnIdForPlmn of SAECOMM_DbManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure from a single device with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-230463606References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20604]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20604') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In SAECOMM_CopyBufferBytes of SAECOMM_Utility.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-231722405References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20605]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20605') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In SAEMM_MiningCodecTableWithMsgIE of SAEMM_RadioMessageCodec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-233230674References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20606]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20606') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In the Pixel cellular firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with LTE authentication needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238914868References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20607]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20607') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In Pixel cellular firmware, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239239246References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20608]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20608') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In Pixel cellular firmware, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239240808References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20609]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20609') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In cellular modem firmware, there is a possible out of bounds read due to a missing bounds check. This could lead to remote code execution with LTE authentication needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-240462530References: N/A[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-20610]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20610') [MISC]('https://source.android.com/security/bulletin/pixel/2022-12-01')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- snapdragon[/LEFT][/TD] [TD][LEFT]Memory corruption in Core due to improper configuration in boot remapper.[/LEFT][/TD] [TD][CENTER]2022-12-15[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-22063]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-22063') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin')[/TD] [/TR] [TR] [TD][LEFT]codex-team -- editor.js[/LEFT][/TD] [TD][LEFT]Editor.js is a block-style editor with clean JSON output. Versions prior to 2.26.0 are vulnerable to Code Injection via pasted input. The processHTML method passes pasted input into wrapper’s innerHTML. This issue is patched in version 2.26.0.[/LEFT][/TD] [TD][CENTER]2022-12-15[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-23474]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23474') [MISC]('https://securitylab.github.com/advisories/GHSL-2022-028_codex-team_editor_js/') [MISC]('https://github.com/codex-team/editor.js/pull/2100')[/TD] [/TR] [TR] [TD][LEFT]bigbluebutton -- bigbluebutton [/LEFT][/TD] [TD][LEFT]BigBlueButton is an open source web conferencing system. Versions prior to 2.4-rc-6 are vulnerable to Insertion of Sensitive Information Into Sent Data. The moderators-only webcams lock setting is not enforced on the backend, which allows an attacker to subscribe to viewers' webcams, even when the lock setting is applied. (The required streamId was being sent to all users even with lock setting applied). This issue is fixed in version 2.4-rc-6. There are no workarounds.[/LEFT][/TD] [TD][CENTER]2022-12-17[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-23488]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23488') [MISC]('https://github.com/bigbluebutton/bigbluebutton/releases/tag/v2.4-rc-6') [MISC]('https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-j5g3-f74q-rvfq')[/TD] [/TR] [TR] [TD][LEFT]bigbluebutton -- bigbluebutton[/LEFT][/TD] [TD][LEFT]BigBlueButton is an open source web conferencing system. Versions prior to 2.4.0 expose sensitive information to Unauthorized Actors. This issue affects meetings with polls, where the attacker is a meeting participant. Subscribing to the current-poll collection does not update the client UI, but does give the attacker access to the contents of the collection, which include the individual poll responses. This issue is patched in version 2.4.0. There are no workarounds.[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-23490]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23490') [MISC]('https://github.com/bigbluebutton/bigbluebutton/releases/tag/v2.4.0') [MISC]('https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-4qgc-xhw5-6qfg')[/TD] [/TR] [TR] [TD][LEFT]informalsystems -- tendermint-rs[/LEFT][/TD] [TD][LEFT]Tendermint is a high-performance blockchain consensus engine for Byzantine fault tolerant applications. Versions prior to 0.28.0 contain a potential attack via Improper Verification of Cryptographic Signature, affecting anyone using the tendermint-light-client and related packages to perform light client verification (e.g. IBC-rs, Hermes). The light client does not check that the chain IDs of the trusted and untrusted headers match, resulting in a possible attack vector where someone who finds a header from an untrusted chain that satisfies all other verification conditions (e.g. enough overlapping validator signatures) could fool a light client. The attack vector is currently theoretical, and no proof-of-concept exists yet to exploit it on live networks. This issue is patched in version 0.28.0. There are no workarounds.[/LEFT][/TD] [TD][CENTER]2022-12-15[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-23507]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23507') [MISC]('https://github.com/informalsystems/tendermint-rs/security/advisories/GHSA-xqqc-c5gw-c5r5')[/TD] [/TR] [TR] [TD][LEFT]flavorjones -- loofah[/LEFT][/TD] [TD][LEFT]Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah < 2.19.1 contains an inefficient regular expression that is susceptible to excessive backtracking when attempting to sanitize certain SVG attributes. This may lead to a denial of service through CPU resource consumption. This issue is patched in version 2.19.1.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-23514]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23514') [MISC]('https://hackerone.com/reports/1684163') [MISC]('https://github.com/flavorjones/loofah/security/advisories/GHSA-486f-hjj9-9vhh')[/TD] [/TR] [TR] [TD][LEFT]flavorjones -- loofah [/LEFT][/TD] [TD][LEFT]Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah >= 2.1.0, < 2.19.1 is vulnerable to cross-site scripting via the image/svg+xml media type in data URIs. This issue is patched in version 2.19.1.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-23515]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23515') [MISC]('https://hackerone.com/reports/1694173') [MISC]('https://github.com/flavorjones/loofah/security/advisories/GHSA-228g-948r-83gx') [MISC]('https://github.com/flavorjones/loofah/issues/101')[/TD] [/TR] [TR] [TD][LEFT]flavorjones -- loofah[/LEFT][/TD] [TD][LEFT]Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah >= 2.2.0, < 2.19.1 uses recursion for sanitizing CDATA sections, making it susceptible to stack exhaustion and raising a SystemStackError exception. This may lead to a denial of service through CPU resource consumption. This issue is patched in version 2.19.1. Users who are unable to upgrade may be able to mitigate this vulnerability by limiting the length of the strings that are sanitized.[/LEFT][/TD] [TD][CENTER]2022-12-14[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-23516]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23516') [MISC]('https://github.com/flavorjones/loofah/security/advisories/GHSA-3x8r-x6xp-q4vm')[/TD] [/TR] [TR] [TD][LEFT]helm -- helm [/LEFT][/TD] [TD][LEFT]Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to Uncontrolled Resource Consumption, resulting in Denial of Service. Input to functions in the [I]strvals[/I] package can cause a stack overflow. In Go, a stack overflow cannot be recovered from. Applications that use functions from the [I]strvals[/I] package in the Helm SDK can have a Denial of Service attack when they use this package and it panics. This issue has been patched in 3.10.3. SDK users can validate strings supplied by users won't create large arrays causing significant memory usage before passing them to the [I]strvals[/I] functions.[/LEFT][/TD] [TD][CENTER]2022-12-15[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-23524]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23524') [MISC]('https://github.com/helm/helm/security/advisories/GHSA-6rx9-889q-vv2r')[/TD] [/TR] [TR] [TD][LEFT]helm -- helm[/LEFT][/TD] [TD][LEFT]Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to NULL Pointer Dereference in the [I]repo_package. The _repo[/I] package contains a handler that processes the index file of a repository. For example, the Helm client adds references to chart repositories where charts are managed. The [I]repo[/I] package parses the index file of the repository and loads it into structures Go can work with. Some index files can cause array data structures to be created causing a memory violation. Applications that use the [I]repo[/I] package in the Helm SDK to parse an index file can suffer a Denial of Service when that input causes a panic that cannot be recovered from. The Helm Client will panic with an index file that causes a memory violation panic. Helm is not a long running service so the panic will not affect future uses of the Helm client. This issue has been patched in 3.10.3. SDK users can validate index files that are correctly formatted before passing them to the [I]repo[/I] functions.[/LEFT][/TD] [TD][CENTER]2022-12-15[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-23525]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23525') [MISC]('https://github.com/helm/helm/commit/638ebffbc2e445156f3978f02fd83d9af1e56f5b') [MISC]('https://github.com/helm/helm/security/advisories/GHSA-53c4-hhmh-vw5q')[/TD] [/TR] [TR] [TD][LEFT]helm -- helm[/LEFT][/TD] [TD][LEFT]Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to NULL Pointer Dereference in the_chartutil_ package that can cause a segmentation violation. The [I]chartutil[/I] package contains a parser that loads a JSON Schema validation file. For example, the Helm client when rendering a chart will validate its values with the schema file. The [I]chartutil[/I] package parses the schema file and loads it into structures Go can work with. Some schema files can cause array data structures to be created causing a memory violation. Applications that use the [I]chartutil[/I] package in the Helm SDK to parse a schema file can suffer a Denial of Service when that input causes a panic that cannot be recovered from. Helm is not a long running service so the panic will not affect future uses of the Helm client. This issue has been patched in 3.10.3. SDK users can validate schema files that are correctly formatted before passing them to the [I]chartutil[/I] functions.[/LEFT][/TD] [TD][CENTER]2022-12-15[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-23526]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23526') [MISC]('https://github.com/helm/helm/security/advisories/GHSA-67fx-wx78-jx33') [MISC]('https://github.com/helm/helm/commit/bafafa8bb1b571b61d7a9528da8d40c307dade3d')[/TD] [/TR] [TR] [TD][LEFT]datadog -- guarddog[/LEFT][/TD] [TD][LEFT]GuardDog is a CLI tool to identify malicious PyPI packages. Versions prior to v0.1.8 are vulnerable to arbitrary file write when scanning a specially-crafted remote PyPI package. Extracting files using shutil.unpack_archive() from a potentially malicious tarball without validating that the destination file path is within the intended destination directory can cause files outside the destination directory to be overwritten. This issue is patched in version 0.1.8. Potential workarounds include using a safer module, like zipfile, and validating the location of the extracted files and discarding those with malicious paths.[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-23530]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23530') [MISC]('https://github.com/DataDog/guarddog/blob/a1d064ceb09d39bb28deb6972bc0a278756ea91f/guarddog/scanners/package_scanner.py#L153..158') [MISC]('https://github.com/DataDog/guarddog/security/advisories/GHSA-78m5-jpmf-ch7v') [MISC]('https://github.com/DataDog/guarddog/commit/37c7d0767ba28f4df46117d478f97652594c491c')[/TD] [/TR] [TR] [TD][LEFT]datadog -- guarddog[/LEFT][/TD] [TD][LEFT]GuardDog is a CLI tool to identify malicious PyPI packages. Versions prior to 0.1.5 are vulnerable to Relative Path Traversal when scanning a specially-crafted local PyPI package. Running GuardDog against a specially-crafted package can allow an attacker to write an arbitrary file on the machine where GuardDog is executed due to a path traversal vulnerability when extracting the .tar.gz file of the package being scanned, which exists by design in the tarfile.TarFile.extractall function. This issue is patched in version 0.1.5.[/LEFT][/TD] [TD][CENTER]2022-12-17[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-23531]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23531') [MISC]('https://github.com/DataDog/guarddog/releases/tag/v0.1.5') [MISC]('https://github.com/DataDog/guarddog/security/advisories/GHSA-rp2v-v467-q9vq') [MISC]('https://github.com/DataDog/guarddog/pull/89/commits/a56aff58264cb6b7855d71b00dc10c39a5dbd306')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.8.1. This is due to insufficient validation of settings on the 'tp_translation' AJAX action which makes it possible for unauthenticated attackers to bypass any restrictions and influence the data shown on the site. Please note this is a separate issue from CVE-2022-2461. Notes from the researcher: When installed Transposh comes with a set of pre-configured options, one of these is the "Who can translate" setting under the "Settings" tab. However, this option is largely ignored, if Transposh has enabled its "autotranslate" feature (it's enabled by default) and the HTTP POST parameter "sr0" is larger than 0. This is caused by a faulty validation in "wp/transposh_db.php."[/LEFT][/TD] [TD][CENTER]2022-12-15[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-2536]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2536') [MISC]('https://www.rcesecurity.com/2022/07/WordPress-Transposh-Exploiting-a-Blind-SQL-Injection-via-XSS/') [MISC]('https://www.exploitalert.com/view-details.html?id=38949') [MISC]('https://plugins.trac.wordpress.org/browser/transposh-translation-filter-for-wordpress/trunk/transposh.php?rev=2682425#L1989') [MISC]('https://packetstormsecurity.com/files/168120/wptransposh1081-authz.txt') [MISC]('https://github.com/MrTuxracer/advisories/blob/master/CVEs/CVE-2022-2536.txt') [MISC]('https://www.wordfence.com/threat-intel/vulnerabilities/id/c774b520-9d9f-4102-8564-49673d5ae1e6') [MISC]('https://www.wordfence.com/vulnerability-advisories-continued/#CVE-2022-2536')[/TD] [/TR] [TR] [TD][LEFT]broadcom -- symantec_identity_governance_and_administration[/LEFT][/TD] [TD][LEFT]An unauthenticated user can access Identity Manager’s management console specific page URLs. However, the system doesn’t allow the user to carry out server side tasks without a valid web session.[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-25626]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-25626') [MISC]('https://support.broadcom.com/external/content/SecurityAdvisories/0/21136')[/TD] [/TR] [TR] [TD][LEFT]broadcom -- symantec_identity_governance_and_administration[/LEFT][/TD] [TD][LEFT]An authenticated administrator who has physical access to the environment can carry out Remote Command Execution on Management Console in Symantec Identity Manager 14.4[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-25627]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-25627') [MISC]('https://support.broadcom.com/external/content/SecurityAdvisories/0/21136')[/TD] [/TR] [TR] [TD][LEFT]broadcom -- symantec_identity_governance_and_administration[/LEFT][/TD] [TD][LEFT]An authenticated user can perform XML eXternal Entity injection in Management Console in Symantec Identity Manager 14.4[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-25628]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-25628') [MISC]('https://support.broadcom.com/external/content/SecurityAdvisories/0/21136')[/TD] [/TR] [TR] [TD][LEFT]cyshield -- multiple_products[/LEFT][/TD] [TD][LEFT]PAX Technology A930 PayDroid 7.1.1 Virgo V04.4.02 20211201 allows root privileged attackers to install an unsigned application by copying the APK to /data/app, setting the appropriate permissions and rebooting the device.[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-26579]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-26579') [MISC]('https://cyshield.com/e077d6c3-adff-49a1-afc3-71e10140f95c')[/TD] [/TR] [TR] [TD][LEFT]cyshield -- multiple_products[/LEFT][/TD] [TD][LEFT]PAX Technology A930 PayDroid 7.1.1 Virgo V04.4.02 20211201 was discovered to be vulnerable to command injection.[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-26580]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-26580') [MISC]('https://cyshield.com/e077d6c3-adff-49a1-afc3-71e10140f95c')[/TD] [/TR] [TR] [TD][LEFT]cyshield -- multiple_products[/LEFT][/TD] [TD][LEFT]The ADB daemon in PAX Technology A930 PayDroid 7.1.1 Virgo V04.4.02 20211201 allows the execution of the systool utility in production mode, allowing unauthenticated attackers to perform privileged actions.[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-26581]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-26581') [MISC]('https://cyshield.com/e077d6c3-adff-49a1-afc3-71e10140f95c')[/TD] [/TR] [TR] [TD][LEFT]cyshield -- multiple_products[/LEFT][/TD] [TD][LEFT]The systool_server in PAX Technology A930 PayDroid 7.1.1 Virgo V04.4.02 20211201 fails to check for dollar signs or backticks in user supplied commands, leading to to arbitrary command execution as root.[/LEFT][/TD] [TD][CENTER]2022-12-16[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-26582]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-26582') [MISC]('https://cyshield.com/e077d6c3-adff-49a1-afc3-71e10140f95c')[/TD] [/TR] [TR] [TD][LEFT]lansweeper -- lansweeper[/LEFT][/TD] [TD][LEFT]A directory traversal vulnerability exists in the TicketTemplateActions.aspx GetTemplateAttachment functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-15[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-27498]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-27498') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2022-1531')[/TD] [/TR] [TR] [TD][LEFT] lansweeper -- lansweeper [/LEFT][/TD] [TD][LEFT]A stored cross-site scripting vulnerability exists in the HdConfigActions.aspx altertextlanguages functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-15[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-28703]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-28703') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2022-1532')[/TD] [/TR] [TR] [TD][LEFT] altair -- hyperview_player [/LEFT][/TD]

[TD][LEFT]Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading to memory corruption.[/LEFT][/TD]
[TD][CENTER]2022-12-13[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-2950
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
altair – hyperview_player
[/LEFT][/TD]

[TD][LEFT]Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to improper validation of array index vulnerability during processing of H3D files. A DWORD value from a PoC file is extracted and used as an index to write to a buffer, leading to memory corruption.[/LEFT][/TD]
[TD][CENTER]2022-12-13[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-2951
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]lansweeper – lansweeper[/LEFT][/TD]
[TD][LEFT]A directory traversal vulnerability exists in the KnowledgebasePageActions.aspx ImportArticles functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-29511
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]lansweeper – lansweeper[/LEFT][/TD]
[TD][LEFT]A directory traversal vulnerability exists in the HelpdeskActions.aspx edittemplate functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can send an HTTP request to trigger this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-29517
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]delta_electronics – dopsoft[/LEFT][/TD]
[TD][LEFT]Out-of-bounds Read vulnerability in Delta Electronics DOPSoft.This issue affects DOPSoft: All Versions.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-2966
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]ffmpeg – ffmpeg[/LEFT][/TD]
[TD][LEFT]An issue was discovered in the FFmpeg through 3.0. vp3_decode_frame in libavcodec/vp3.c lacks check of the return value of av_malloc() and will cause the null pointer dereference, impacting confidentiality and availability.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3109
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
rockwell_automation – multiple_logix_controllers
[/LEFT][/TD]

[TD][LEFT]A vulnerability exists in the Rockwell Automation controllers that allows a malformed CIP request to cause a major non-recoverable fault (MNRF) and a denial-of-service condition (DOS).[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3157
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]rockwell_automation – multiple_products[/LEFT][/TD]
[TD][LEFT]Rockwell Automation was made aware that the webservers of the Micrologix 1100 and 1400 controllers contain a vulnerability that may lead to a denial-of-service condition. The security vulnerability could be exploited by an attacker with network access to the affected systems by sending TCP packets to webserver and closing it abruptly which would cause a denial-of-service condition for the web server application on the device[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3166
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
vmware – multiple_products
[/LEFT][/TD]

[TD][LEFT]VMware Workspace ONE Access and Identity Manager contain an authenticated remote code execution vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2.[/LEFT][/TD]
[TD][CENTER]2022-12-14[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-31700
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
vmware – multiple_products
[/LEFT][/TD]

[TD][LEFT]VMware Workspace ONE Access and Identity Manager contain a broken authentication vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3.[/LEFT][/TD]
[TD][CENTER]2022-12-14[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-31701
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
vmware – multiple_products
[/LEFT][/TD]

[TD][LEFT]VMware ESXi, Workstation, and Fusion contain a heap out-of-bounds write vulnerability in the USB 2.0 controller (EHCI). A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine’s VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.[/LEFT][/TD]
[TD][CENTER]2022-12-14[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-31705
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]vmware – vrealize_operations[/LEFT][/TD]
[TD][LEFT]vRealize Operations (vROps) contains a privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-31707
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]vmware – vrealize_operations[/LEFT][/TD]
[TD][LEFT]vRealize Operations (vROps) contains a broken access control vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.4.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-31708
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
apache – bookkeeper_java_client
[/LEFT][/TD]

[TD][LEFT]The Apache Bookkeeper Java Client (before 4.14.6 and also 4.15.0) does not close the connection to the bookkeeper server when TLS hostname verification fails. This leaves the bookkeeper client vulnerable to a man in the middle attack. The problem affects BookKeeper client prior to versions 4.14.6 and 4.15.1.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-32531
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]lansweeper – lansweeper[/LEFT][/TD]
[TD][LEFT]A directory traversal vulnerability exists in the AssetActions.aspx addDoc functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can send an HTTP request to trigger this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-32573
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]lansweeper – lansweeper[/LEFT][/TD]
[TD][LEFT]A cross-site scripting (xss) sanitization vulnerability bypass exists in the SanitizeHtml functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-32763
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
apple – ios
[/LEFT][/TD]

[TD][LEFT]An issue existed with the file paths used to store website data. The issue was resolved by improving how website data is stored. This issue is fixed in iOS 16. An unauthorized user may be able to access browsing history.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-32833
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, macOS Big Sur 11.6.8. An app may be able to execute arbitrary code with kernel privileges.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-32860
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – ios[/LEFT][/TD]
[TD][LEFT]An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 16. An app may be able to disclose kernel memory.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-32916
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
apple – multiple_products
[/LEFT][/TD]

[TD][LEFT]The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2. An app may be able to execute arbitrary code with kernel privileges.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-32942
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
apple – multiple_products
[/LEFT][/TD]

[TD][LEFT]The issue was addressed with improved bounds checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Shake-to-undo may allow a deleted photo to be re-surfaced without authentication.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-32943
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – macos_ventura[/LEFT][/TD]
[TD][LEFT]An access issue was addressed with additional sandbox restrictions on third-party apps. This issue is fixed in macOS Ventura 13. An app may be able to record audio with paired AirPods.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-32945
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-32948
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]wordpress – wordpress[/LEFT][/TD]
[TD][LEFT]The Corner Ad plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.56. This is due to missing or incorrect nonce validation on its corner_ad_settings_page function. This makes it possible for unauthenticated attackers to trigger the deletion of ads via forged request granted they can trick a site administrator into performing an action such as clicking on a link.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3427
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
emby_server – emby_server
[/LEFT][/TD]

[TD][LEFT]In Emby Server 4.6.7.0, the playlist name field is vulnerable to XSS stored where it is possible to steal the administrator access token and flip or steal the media server administrator account.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-36223
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]hp – multiple_products[/LEFT][/TD]
[TD][LEFT]A potential vulnerability has been identified in the system BIOS for certain HP PC products which may allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-12[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-37018
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]jumpsec – mutiny[/LEFT][/TD]
[TD][LEFT]Mutiny 7.2.0-10788 suffers from Hardcoded root password.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-37832
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
solarwinds – serv-u
[/LEFT][/TD]

[TD][LEFT]This vulnerability happens in the web client versions 15.3.0 to Serv-U 15.3.1. This vulnerability affects the directory creation function.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-38106
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]logrocket – logrocket-oauth2-example[/LEFT][/TD]
[TD][LEFT]logrocket-oauth2-example through 2020-05-27 allows SQL injection via the /auth/register username parameter.[/LEFT][/TD]
[TD][CENTER]2022-12-14[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-38488
MISC
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]micro_focus – groupwise_web[/LEFT][/TD]
[TD][LEFT]A vulnerability has been identified in Micro Focus GroupWise Web in versions prior to 18.4.2. The GW Web component makes a request to the Post Office Agent that contains sensitive information in the query parameters that could be logged by any intervening HTTP proxies.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-38756
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]motorola – mobility_motorola[/LEFT][/TD]
[TD][LEFT]Improper access control of bootloader function was discovered in Motorola Mobility Motorola e20 prior to version RONS31.267-38-8 allows attacker with local access to read partition or RAM data.[/LEFT][/TD]
[TD][CENTER]2022-12-14[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3917
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]wordpress – wordpress[/LEFT][/TD]
[TD][LEFT]The Motors WordPress plugin before 1.4.4 does not properly validate uploaded files for dangerous file types (such as .php) in an AJAX action, allowing an attacker to sign up on a victim’s WordPress instance, upload a malicious PHP file and attempt to launch a brute-force attack to discover the uploaded payload.[/LEFT][/TD]
[TD][CENTER]2022-12-12[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3989
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]feehicms – feehicms[/LEFT][/TD]
[TD][LEFT]Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the username field of the admin log in page.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-40000
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]feehicms – feehicms[/LEFT][/TD]
[TD][LEFT]Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the title field of the create article page.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-40001
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]feehicms – feehicms[/LEFT][/TD]
[TD][LEFT]Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbirtary code via the callback parameter to /cms/notify.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-40002
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]things_board – things_board[/LEFT][/TD]
[TD][LEFT]Cross Site Scripting (XSS) vulnerability in Things Board 3.4.1 allows remote attackers to escalate privilege via crafted URL to the Audit Log.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-40004
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]feehicms – feehicms[/LEFT][/TD]
[TD][LEFT]Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.1.1 allows remote attackers to run arbitrary code via upload of crafted XML file.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-40373
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]satellite_server – satellite_server[/LEFT][/TD]
[TD][LEFT]A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker’s server by modifying the Referer header in an HTTP request of specific resources in the server.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4130
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]netty – netty[/LEFT][/TD]
[TD][LEFT]Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except using a custom HaProxyMessageDecoder.[/LEFT][/TD]
[TD][CENTER]2022-12-12[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41881
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]netty – netty[/LEFT][/TD]
[TD][LEFT]Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, when calling [ICODE]DefaultHttpHeadesr.set[/ICODE] with an iterator of values, header value validation was not performed, allowing malicious header values in the iterator to perform HTTP Response Splitting. This issue has been patched in version 4.1.86.Final. Integrators can work around the issue by changing the [ICODE]DefaultHttpHeaders.set(CharSequence, Iterator<?>)[/ICODE] call, into a [ICODE]remove()[/ICODE] call, and call [ICODE]add()[/ICODE] in a loop over the iterator of values.[/LEFT][/TD]
[TD][CENTER]2022-12-13[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41915
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]bigbluebutton – bigbluebutton[/LEFT][/TD]
[TD][LEFT]BigBlueButton is an open source web conferencing system. Versions prior to 2.4.3, are subject to Insufficient Verification of Data Authenticity, resulting in Denial of Service. An attacker can make a Meteor call to [ICODE]validateAuthToken[/ICODE] using a victim’s userId, meetingId, and an invalid authToken. This forces the victim to leave the conference, because the resulting verification failure is also observed and handled by the victim’s client. The attacker must be a participant in any meeting on the server. This issue is patched in version 2.4.3. There are no workarounds.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41960
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]bigbluebutton – bigbluebutton[/LEFT][/TD]
[TD][LEFT]BigBlueButton is an open source web conferencing system. Versions prior to 2.4-rc-6 are subject to Ineffective user bans. The attacker could register multiple users, and join the meeting with one of them. When that user is banned, they could still join the meeting with the remaining registered users from the same extId. This issue has been fixed by improving permissions such that banning a user removes all users related to their extId, including registered users that have not joined the meeting. This issue is patched in versions 2.4-rc-6 and 2.5-alpha-1. There are no workarounds.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41961
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]bigbluebutton – bigbluebutton[/LEFT][/TD]
[TD][LEFT]BigBlueButton is an open source web conferencing system. Versions prior to 2.4-rc-6, and 2.5-alpha-1 contain Incorrect Authorization for setting emoji status. A user with moderator rights can use the clear status feature to set any emoji status for other users. Moderators should only be able to set none as the status of other users. This issue is patched in 2.4-rc-6 and 2.5-alpha-1There are no workarounds.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41962
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]bigbluebutton – bigbluebutton[/LEFT][/TD]
[TD][LEFT]BigBlueButton is an open source web conferencing system. Versions prior to 2.4.3 contain a whiteboard grace period that exists to handle delayed messages, but this grace period could be used by attackers to take actions in the few seconds after their access is revoked. The attacker must be a meeting participant. This issue is patched in version 2.4.3 an version 2.5-alpha-1[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41963
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]bigbluebutton – bigbluebutton[/LEFT][/TD]
[TD][LEFT]BigBlueButton is an open source web conferencing system. This vulnerability only affects release candidates of BigBlueButton 2.4. The attacker can start a subscription for poll results before starting an anonymous poll, and use this subscription to see individual responses in the anonymous poll. The attacker had to be a meeting presenter. This issue is patched in version 2.4.0. There are no workarounds.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41964
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]contiki-ng – contiki-ng[/LEFT][/TD]
[TD][LEFT]Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Versions prior to 4.9 contain a NULL Pointer Dereference in BLE L2CAP module. The Contiki-NG operating system for IoT devices contains a Bluetooth Low Energy stack. An attacker can inject a packet in this stack, which causes the implementation to dereference a NULL pointer and triggers undefined behavior. More specifically, while processing the L2CAP protocol, the implementation maps an incoming channel ID to its metadata structure. In this structure, state information regarding credits is managed through calls to the function input_l2cap_credit in the module os/net/mac/ble/ble-l2cap.c. Unfortunately, the input_l2cap_credit function does not check that the metadata corresponding to the user-supplied channel ID actually exists, which can lead to the channel variable being set to NULL before a pointer dereferencing operation is performed. The vulnerability has been patched in the “develop” branch of Contiki-NG, and will be included in release 4.9. Users can apply the patch in Contiki-NG pull request #2253 as a workaround until the new package is released.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41972
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]poweriso – poweriso[/LEFT][/TD]
[TD][LEFT]A memory corruption vulnerability exists in the VHD File Format parsing CXSPARSE record functionality of PowerISO PowerISO 8.3. A specially-crafted file can lead to an out-of-bounds write. A victim needs to open a malicious file to trigger this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41992
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]pgadmin – pgadmin[/LEFT][/TD]
[TD][LEFT]The pgAdmin server includes an HTTP API that is intended to be used to validate the path a user selects to external PostgreSQL utilities such as pg_dump and pg_restore. The utility is executed by the server to determine what PostgreSQL version it is from. Versions of pgAdmin prior to 6.17 failed to properly secure this API, which could allow an unauthenticated user to call it with a path of their choosing, such as a UNC path to a server they control on a Windows machine. This would cause an appropriately named executable in the target path to be executed by the pgAdmin server.[/LEFT][/TD]
[TD][CENTER]2022-12-13[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4223
MISC
FEDORA[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In HexString2Value of util.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241231403References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42501
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In FacilityLock::Parse of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241231970References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42502
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In ProtocolMiscBuilder::BuildSetLinkCapaReportCriteria of protocolmiscbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241231983References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42503
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In CallDialReqData::encodeCallNumber of callreqdata.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241232209References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42504
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In ProtocolMiscBuilder::BuildSetSignalReportCriteria of protocolmiscbuilder.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241232492References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42505
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In SimUpdatePbEntry::encode of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241388399References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42506
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In ProtocolSimBuilder::BuildSimUpdatePb3gEntry of protocolsimbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241388774References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42507
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In ProtocolCallBuilder::BuildSendUssd of protocolcallbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241388966References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42508
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In CallDialReqData::encode of callreqdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241544307References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42509
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In StringsRequestData::encode of requestdata.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241762656References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42510
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In EmbmsSessionData::encode of embmsdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241762712References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42511
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In VsimOperationDataExt::encode of vsimdata.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763050References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42512
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In ProtocolEmbmsBuilder::BuildSetSession of protocolembmsbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763204References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42513
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In ProtocolImsBuilder::BuildSetConfig of protocolimsbuilder.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763298References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42514
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In MiscService::DoOemSetRtpPktlossThreshold of miscservice.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763503References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42515
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In ProtocolSimBuilderLegacy::BuildSimGetGbaAuth of protocolsimbuilderlegacy.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763577References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42516
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In MiscService::DoOemSetTcsFci of miscservice.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763682References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42517
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In BroadcastSmsConfigsRequestData::encode of smsdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242536278References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42518
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In CdmaBroadcastSmsConfigsRequestData::encode of cdmasmsdata.cpp, there is a possible stack clash leading to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242540694References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42519
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In ServiceInterface::HandleRequest of serviceinterface.cpp, there is a possible use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242994270References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42520
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In encode of wlandata.cpp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243130019References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42521
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In DoSetCarrierConfig of miscservice.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243130038References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42522
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In fillSetupDataCallInfo_V1_6 of ril_service_1_6.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243376893References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42523
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In sms_GetTpUdlIe of sms_PduCodec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243401445References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42524
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In fillSetupDataCallInfo_V1_6 of ril_service_1_6.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243509750References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42525
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In ConvertUtf8ToUcs2 of radio_hal_utils.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243509880References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42526
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In cd_SsParseMsg of cd_SsCodec.c, there is a possible crash due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-244448906References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42527
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]Product: AndroidVersions: Android kernelAndroid ID: A-235292841References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42529
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In Pixel firmware, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242331893References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42530
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In mmu_map_for_fw of gs_ldfw_load.c, there is a possible mitigation bypass due to Permissive Memory Allocation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-231500967References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42531
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In Pixel firmware, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242332610References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42532
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In trusty_ffa_mem_reclaim of shared-mem-smcall.c, there is a possible privilege escalation due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237838301References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42534
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In a query in MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224770183[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42535
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In phNxpNciHal_core_initialized of phNxpNciHal.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-231445184[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42542
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In fdt_path_offset_namelen of fdt_ro.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-249998113References: N/A[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42543
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]google – android[/LEFT][/TD]
[TD][LEFT]In getView of AddAppNetworksFragment.java, there is a possible way to mislead the user about network add requests due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224545390[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42544
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]An integer overflow was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42805
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.2, macOS Big Sur 11.7.2, macOS Ventura 13. An app may bypass Gatekeeper checks.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42821
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]x.orgx.org[/LEFT][/TD]
[TD][LEFT]A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.[/LEFT][/TD]
[TD][CENTER]2022-12-14[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4283
MISC
MISC
FEDORA
FEDORA[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, watchOS 9.2. A remote user may be able to cause unexpected app termination or arbitrary code execution.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42837
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2. An app may be able to execute arbitrary code with kernel privileges.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42840
MISC
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]A type confusion issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2. Processing a maliciously crafted package may lead to arbitrary code execution.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42841
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. A remote user may be able to cause kernel code execution.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42842
MISC
MISC
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]This issue was addressed with improved data protection. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. A user may be able to view sensitive user information.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42843
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]The issue was addressed with improved memory handling. This issue is fixed in iOS 16.2 and iPadOS 16.2. An app may be able to break out of its sandbox.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42844
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app with root privileges may be able to execute arbitrary code with kernel privileges.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42845
MISC
MISC
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]The issue was addressed with improved memory handling. This issue is fixed in iOS 16.2 and iPadOS 16.2, iOS 15.7.2 and iPadOS 15.7.2. Parsing a maliciously crafted video file may lead to unexpected system termination.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42846
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
apple – macos_ventura
[/LEFT][/TD]

[TD][LEFT]An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.1. An app may be able to execute arbitrary code with kernel privileges.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42847
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]A logic issue was addressed with improved checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, iOS 15.7.2 and iPadOS 15.7.2, tvOS 16.2. An app may be able to execute arbitrary code with kernel privileges.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42848
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]An access issue existed with privileged API calls. This issue was addressed with additional restrictions. This issue is fixed in iOS 16.2 and iPadOS 16.2, tvOS 16.2, watchOS 9.2. A user may be able to elevate privileges.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42849
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]The issue was addressed with improved memory handling. This issue is fixed in iOS 16.2 and iPadOS 16.2. An app may be able to execute arbitrary code with kernel privileges.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42850
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]The issue was addressed with improved memory handling. This issue is fixed in iOS 16.2 and iPadOS 16.2, tvOS 16.2. Parsing a maliciously crafted TIFF file may lead to disclosure of user information.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42851
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]The issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may result in the disclosure of process memory.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42852
MISC
MISC
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – macos_ventura[/LEFT][/TD]
[TD][LEFT]An access issue was addressed with improved access restrictions. This issue is fixed in macOS Ventura 13.1. An app may be able to modify protected parts of the file system.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42853
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.2, macOS Ventura 13.1. An app may be able to disclose kernel memory.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42854
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]A logic issue was addressed with improved state management. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2. An app may be able to use arbitrary entitlements.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42855
MISC
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1..[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42856
MISC
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]Multiple issues were addressed by removing the vulnerable code. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, watchOS 9.2. An app may be able to bypass Privacy preferences.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42859
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]This issue was addressed with improved checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2. An app may be able to break out of its sandbox.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42861
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. An app may be able to bypass Privacy preferences.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42862
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42863
MISC
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]A race condition was addressed with improved state handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42864
MISC
MISC
MISC
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]This issue was addressed by enabling hardened runtime. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. An app may be able to bypass Privacy preferences.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42865
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]The issue was addressed with improved handling of caches. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. An app may be able to read sensitive location information.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42866
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42867
MISC
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
trellix-- endpoint_agent
[/LEFT][/TD]

[TD][LEFT]Improper preservation of permissions vulnerability in Trellix Endpoint Agent (xAgent) prior to V35.31.22 on Windows allows a local user with administrator privileges to bypass the product protection to uninstall the agent via incorrectly applied permissions in the removal protection functionality.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4326
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
beijing_zed-3 – voip_simpliclty_asg
[/LEFT][/TD]

[TD][LEFT]Beijing Zed-3 Technologies Co.,Ltd VoIP simpliclty ASG 8.5.0.17807 (20181130-16:12) is vulnerable to Cross Site Scripting (XSS).[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-44235
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
beijing_zed-3 – voip_simpliclty_asg
[/LEFT][/TD]

[TD][LEFT]Beijing Zed-3 Technologies Co.,Ltd VoIP simpliclty ASG 8.5.0.17807 (20181130-16:12) has a Weak password vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-44236
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]m0ver – bible-online[/LEFT][/TD]
[TD][LEFT]A vulnerability, which was classified as critical, has been found in m0ver bible-online. Affected by this issue is the function query of the file src/main/java/custom/application/search.java of the component Search Handler. The manipulation leads to sql injection. The name of the patch is 6ef0aabfb2d4ccd53fcaa9707781303af357410e. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-215444.[/LEFT][/TD]
[TD][CENTER]2022-12-13[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4454
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]sproctor – php-calendar[/LEFT][/TD]
[TD][LEFT]A vulnerability, which was classified as problematic, was found in sproctor php-calendar. This affects an unknown part of the file index.php. The manipulation of the argument $_SERVER[‘PHP_SELF’] leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is a2941109b42201c19733127ced763e270a357809. It is recommended to apply a patch to fix this issue. The identifier VDB-215445 was assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-13[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4455
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]falling-fruit – falling-fruit[/LEFT][/TD]
[TD][LEFT]A vulnerability has been found in falling-fruit and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. The attack can be initiated remotely. The name of the patch is 15adb8e1ea1f1c3e3d152fc266071f621ef0c621. It is recommended to apply a patch to fix this issue. VDB-215446 is the identifier assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-13[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4456
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]wordpress – wordpress[/LEFT][/TD]
[TD][LEFT]Unauth. SQL Injection vulnerability in Cryptocurrency Widgets Pack Plugin <=1.8.1 on WordPress.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-44588
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]samsung – samsung_tv[/LEFT][/TD]
[TD][LEFT]The Samsung TV (2021 and 2022 model) smart remote control allows attackers to enable microphone access via Bluetooth spoofing when a user is activating remote control by pressing a button. This is fixed in xxx72510, E9172511 for 2021 models, xxxA1000, 4x2A0200 for 2022 models.[/LEFT][/TD]
[TD][CENTER]2022-12-13[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-44636
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]wordpress – wordpress[/LEFT][/TD]
[TD][LEFT]The Mega Addons plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the vc_saving_data function in versions up to, and including, 4.2.7. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to update the plugin’s settings.[/LEFT][/TD]
[TD][CENTER]2022-12-14[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4501
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]codeprojects – expense_tracker[/LEFT][/TD]
[TD][LEFT]A cross-site scripting (XSS) vulnerability in Expense Tracker 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Chat text field.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-45033
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]rainygao – docsys[/LEFT][/TD]
[TD][LEFT]A vulnerability has been found in RainyGao DocSys and classified as critical. Affected by this vulnerability is an unknown functionality of the component com.DocSystem.controller.UserController#getUserImg. The manipulation leads to path traversal: ‘../filedir’. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-215851.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4511
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]european_environment_agency – eionet.contreg[/LEFT][/TD]
[TD][LEFT]A vulnerability, which was classified as problematic, has been found in European Environment Agency eionet.contreg. This issue affects some unknown processing. The manipulation of the argument searchTag/resourceUri leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 2022-06-27T0948 is able to address this issue. The name of the patch is a120c2153e263e62c4db34a06ab96a9f1c6bccb6. It is recommended to upgrade the affected component. The identifier VDB-215885 was assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4513
N/A
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]opencaching_deutschland – oc-server3
[/LEFT][/TD]
[TD][LEFT]A vulnerability, which was classified as problematic, was found in Opencaching Deutschland oc-server3. Affected is an unknown function of the file htdocs/lang/de/ocstyle/varset.inc.php. The manipulation of the argument varvalue leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 4bdd6a0e7b7760cea03b91812cbb80d7b16e3b5f. It is recommended to apply a patch to fix this issue. VDB-215886 is the identifier assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4514
N/A
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]wordpress – wordpress[/LEFT][/TD]
[TD][LEFT]The WP User plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its settings parameters in versions up to, and including, 7.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4519
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]wso2 – carbon-registry
[/LEFT][/TD]
[TD][LEFT]A vulnerability was found in WSO2 carbon-registry up to 4.8.11. It has been rated as problematic. Affected by this issue is some unknown functionality of the file components/registry/org.wso2.carbon.registry.search.ui/src/main/resources/web/search/advancedSearchForm-ajaxprocessor.jsp of the component Advanced Search. The manipulation of the argument mediaType/rightOp/leftOp/rightPropertyValue/leftPropertyValue leads to cross site scripting. The attack may be launched remotely. Upgrading to version 4.8.12 is able to address this issue. The name of the patch is 0c827cc1b14b82d8eb86117ab2e43c34bb91ddb4. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-215900.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4520
N/A
N/A
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]wso2 – carbon-registry[/LEFT][/TD]
[TD][LEFT]A vulnerability classified as problematic has been found in WSO2 carbon-registry up to 4.8.7. This affects an unknown part of the component Request Parameter Handler. The manipulation of the argument parentPath/path/username/path/profile_menu leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 4.8.12 is able to address this issue. The name of the patch is 9f967abfde9317bee2cda469dbc09b57d539f2cc. It is recommended to upgrade the affected component. The identifier VDB-215901 was assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4521
N/A
N/A
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]calendarxp – calendarxp[/LEFT][/TD]
[TD][LEFT]A vulnerability classified as problematic was found in CalendarXP up to 10.0.1. This vulnerability affects unknown code. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 10.0.2 is able to address this issue. The name of the patch is e3715b2228ddefe00113296069969f9e184836da. It is recommended to upgrade the affected component. VDB-215902 is the identifier assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4522
N/A
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]vexim – vexim2[/LEFT][/TD]
[TD][LEFT]A vulnerability, which was classified as problematic, has been found in vexim2. This issue affects some unknown processing. The manipulation leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 21c0a60d12e9d587f905cd084b2c70f9b1592065. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-215903.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4523
N/A
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]roots – soil[/LEFT][/TD]
[TD][LEFT]A vulnerability, which was classified as problematic, was found in Roots soil Plugin up to 4.1.0. Affected is the function language_attributes of the file src/Modules/CleanUpModule.php. The manipulation of the argument language leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 4.1.1 is able to address this issue. The name of the patch is 0c9151e00ab047da253e5cdbfccb204dd423269d. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-215904.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4524
N/A
N/A
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]national_sleep_research_resource – sleepdata.org[/LEFT][/TD]
[TD][LEFT]A vulnerability has been found in National Sleep Research Resource sleepdata.org up to 59.0.0.rc and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 59.0.0 is able to address this issue. The name of the patch is da44a3893b407087829b006d09339780919714cd. It is recommended to upgrade the affected component. The identifier VDB-215905 was assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4525
N/A
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]django-photologue – django-photologue[/LEFT][/TD]
[TD][LEFT]A vulnerability was found in django-photologue up to 3.15.1 and classified as problematic. Affected by this issue is some unknown functionality of the file photologue/templates/photologue/photo_detail.html of the component Default Template Handler. The manipulation of the argument object.caption leads to cross site scripting. The attack may be launched remotely. Upgrading to version 3.16 is able to address this issue. The name of the patch is 960cb060ce5e2964e6d716ff787c72fc18a371e7. It is recommended to apply a patch to fix this issue. VDB-215906 is the identifier assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4526
N/A
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]collective – collective.task[/LEFT][/TD]
[TD][LEFT]A vulnerability was found in collective.task up to 3.0.9. It has been classified as problematic. This affects the function renderCell/AssignedGroupColumn of the file src/collective/task/browser/table.py. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 3.0.10 is able to address this issue. The name of the patch is 1aac7f83fa2c2b41d59ba02748912953461f3fac. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-215907.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4527
N/A
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]exact_software – synergy_enterprise[/LEFT][/TD]
[TD][LEFT]An arbitrary file upload vulnerability in the profile picture upload function of Exact Synergy Enterprise 267 before 267SP13 and Exact Synergy Enterprise 500 before 500SP6 allows attackers to execute arbitrary code via a crafted SVG file.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-45338
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]siemens – teamcenter_and_jt2go[/LEFT][/TD]
[TD][LEFT]A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V13.3 (All versions >= V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.0 (All versions >= V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CCITT_G4Decode.dll contains an out of bounds read vulnerability when parsing a RAS file. An attacker can leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19056)[/LEFT][/TD]
[TD][CENTER]2022-12-13[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-45484
CONFIRM[/TD]
[/TR]
[TR]
[TD][LEFT]wordpress – wordpress[/LEFT][/TD]
[TD][LEFT]The WP Shamsi plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the deactivate() function hooked via init() in versions up to, and including, 4.1.0. This makes it possible for unauthenticated attackers to deactivate arbitrary plugins on the site. This can be used to deactivate security plugins that aids in exploiting other vulnerabilities.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4555
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]alinto – sogo[/LEFT][/TD]
[TD][LEFT]A vulnerability was found in Alinto SOGo up to 5.7.1 and classified as problematic. Affected by this issue is the function _migrateMailIdentities of the file SoObjects/SOGo/SOGoUserDefaults.m of the component Identity Handler. The manipulation of the argument fullName leads to cross site scripting. The attack may be launched remotely. Upgrading to version 5.8.0 is able to address this issue. The name of the patch is efac49ae91a4a325df9931e78e543f707a0f8e5e. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-215960.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4556
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]alinto – sogo[/LEFT][/TD]
[TD][LEFT]A vulnerability was found in Alinto SOGo up to 5.7.1. It has been classified as problematic. This affects an unknown part of the file SoObjects/SOGo/NSString+Utilities.m of the component Folder/Mail Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 5.8.0 is able to address this issue. The name of the patch is 1e0f5f00890f751e84d67be4f139dd7f00faa5f3. It is recommended to upgrade the affected component. The identifier VDB-215961 was assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4558
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]inex – ipx-manager[/LEFT][/TD]
[TD][LEFT]A vulnerability was found in INEX IPX-Manager up to 6.2.0. It has been declared as problematic. This vulnerability affects unknown code of the file resources/views/customer/list.foil.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 6.3.0 is able to address this issue. The name of the patch is bc9b14c6f70cccdb89b559e8bc3a7318bfe9c243. It is recommended to upgrade the affected component. VDB-215962 is the identifier assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4559
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]joget – joget[/LEFT][/TD]
[TD][LEFT]A vulnerability was found in Joget up to 7.0.32. It has been rated as problematic. This issue affects the function getInternalJsCssLib of the file wflow-core/src/main/java/org/joget/plugin/enterprise/UniversalTheme.java of the component wflow-core. The manipulation of the argument key leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 8.0-BETA is able to address this issue. The name of the patch is ecf8be8f6f0cb725c18536ddc726d42a11bdaa1b. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-215963.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4560
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]wikimedia – semanticdrilldown_extension[/LEFT][/TD]
[TD][LEFT]A vulnerability classified as problematic has been found in SemanticDrilldown Extension. Affected is the function printFilterLine of the file includes/specials/SDBrowseDataPage.php of the component GET Parameter Handler. The manipulation of the argument value leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is 6e18cf740a4548166c1d95f6d3a28541d298a3aa. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-215964.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4561
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]freedom_of_the_press – securedrop[/LEFT][/TD]
[TD][LEFT]A vulnerability was found in Freedom of the Press SecureDrop. It has been rated as critical. Affected by this issue is some unknown functionality of the file gpg-agent.conf. The manipulation leads to symlink following. Local access is required to approach this attack. The name of the patch is b0526a06f8ca713cce74b63e00d3730618d89691. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-215972.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4563
N/A
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]university_of_central_florida – materia[/LEFT][/TD]
[TD][LEFT]A vulnerability classified as problematic has been found in University of Central Florida Materia up to 9.0.1-alpha1. This affects the function before of the file fuel/app/classes/controller/api.php of the component API Controller. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Upgrading to version 9.0.2-alpha2 is able to address this issue. The name of the patch is af259115d2e8f17068e61902151ee8a9dbac397b. It is recommended to upgrade the affected component. The identifier VDB-215973 was assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4564
N/A
N/A
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]dromara – hutool[/LEFT][/TD]
[TD][LEFT]A vulnerability classified as problematic was found in Dromara HuTool up to 5.8.10. This vulnerability affects unknown code of the file cn.hutool.core.util.ZipUtil.java. The manipulation leads to resource consumption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 5.8.11 is able to address this issue. It is recommended to upgrade the affected component. VDB-215974 is the identifier assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4565
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]y_project – ruoyi[/LEFT][/TD]
[TD][LEFT]A vulnerability, which was classified as critical, has been found in y_project RuoYi 4.7.5. This issue affects some unknown processing of the file com/ruoyi/generator/controller/GenController. The manipulation leads to sql injection. The name of the patch is 167970e5c4da7bb46217f576dc50622b83f32b40. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-215975.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4566
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]openemr – openemr[/LEFT][/TD]
[TD][LEFT]Improper Access Control in GitHub repository openemr/openemr prior to 7.0.0.2.[/LEFT][/TD]
[TD][CENTER]2022-12-17[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4567
CONFIRM
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]ubi_reader – ubi_reader[/LEFT][/TD]
[TD][LEFT]A vulnerability, which was classified as problematic, has been found in UBI Reader up to 0.8.0. Affected by this issue is the function ubireader_extract_files of the file ubireader/ubifs/output.py of the component UBIFS File Handler. The manipulation leads to path traversal. The attack may be launched remotely. Upgrading to version 0.8.5 is able to address this issue. The name of the patch is d5d68e6b1b9f7070c29df5f67fc060f579ae9139. It is recommended to upgrade the affected component. VDB-216146 is the identifier assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-17[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4572
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]sharp – multifunction_printers[/LEFT][/TD]
[TD][LEFT]Command injection vulnerability in nw_interface.html in SHARP multifunction printers (MFPs)‘s Digital Full-color Multifunctional System 202 or earlier, 120 or earlier, 600 or earlier, 121 or earlier, 500 or earlier, 402 or earlier, 790 or earlier, and Digital Multifunctional System (Monochrome) 200 or earlier, 211 or earlier, 102 or earlier, 453 or earlier, 400 or earlier, 202 or earlier, 602 or earlier, 500 or earlier, 401 or earlier allows remote attackers to execute arbitrary commands via unspecified vectors.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-45796
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]mind-map – mind-map[/LEFT][/TD]
[TD][LEFT]A vulnerability was found in 1j01 mind-map and classified as problematic. This issue affects some unknown processing of the file app.coffee. The manipulation of the argument html leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 9617e6084dfeccd92079ab4d7f439300a4b24394. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216167.[/LEFT][/TD]
[TD][CENTER]2022-12-17[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4581
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]starter-public-edition-4 – starter-public-edition-4[/LEFT][/TD]
[TD][LEFT]A vulnerability was found in starter-public-edition-4 up to 4.6.10. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 4.6.11 is able to address this issue. The name of the patch is 2606983c20f6ea3430ac4b36b3d2e88aafef45da. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216168.[/LEFT][/TD]
[TD][CENTER]2022-12-17[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4582
N/A
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]jlems – jlems[/LEFT][/TD]
[TD][LEFT]A vulnerability was found in jLEMS. It has been declared as critical. Affected by this vulnerability is the function unpackJar of the file src/main/java/org/lemsml/jlems/io/util/JUtil.java. The manipulation leads to path traversal. The attack can be launched remotely. The name of the patch is 8c224637d7d561076364a9e3c2c375daeaf463dc. It is recommended to apply a patch to fix this issue. The identifier VDB-216169 was assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-17[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4583
N/A
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]axiomatic – bento4[/LEFT][/TD]
[TD][LEFT]A vulnerability was found in Axiomatic Bento4. It has been rated as critical. Affected by this issue is some unknown functionality of the component mp42aac. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-216170 is the identifier assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-17[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4584
N/A
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]opencaching_deutschland – oc-server3[/LEFT][/TD]
[TD][LEFT]A vulnerability classified as problematic has been found in Opencaching Deutschland oc-server3. This affects an unknown part of the file htdocs/templates2/ocstyle/start.tpl of the component Cookie Handler. The manipulation of the argument usercountryCode leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is c720f2777a452186c67ef30db3679dd409556544. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216171.[/LEFT][/TD]
[TD][CENTER]2022-12-17[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4585
N/A
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]opencaching_deutschland – oc-server3
[/LEFT][/TD]
[TD][LEFT]A vulnerability classified as problematic was found in Opencaching Deutschland oc-server3. This vulnerability affects unknown code of the file htdocs/templates2/ocstyle/cachelists.tpl of the component Cachelist Handler. The manipulation of the argument name_filter/by_filter leads to cross site scripting. The attack can be initiated remotely. The name of the patch is a9f79c7da78cd24a7ef1d298e6bc86006972ea73. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216172.[/LEFT][/TD]
[TD][CENTER]2022-12-17[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4586
N/A
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]opencaching_deutschland – oc-server3[/LEFT][/TD]
[TD][LEFT]A vulnerability, which was classified as problematic, has been found in Opencaching Deutschland oc-server3. This issue affects some unknown processing of the file htdocs/templates2/ocstyle/login.tpl of the component Login Page. The manipulation of the argument username leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 3296ebd61e7fe49e93b5755d5d7766d6e94a7667. It is recommended to apply a patch to fix this issue. The identifier VDB-216173 was assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-17[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4587
N/A
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]boston_sleep – slice[/LEFT][/TD]
[TD][LEFT]A vulnerability, which was classified as problematic, was found in Boston Sleep slice up to 84.2.0. Affected is an unknown function of the component Layout Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 85.0.0 is able to address this issue. The name of the patch is 6523bb17d889e2ab13d767f38afefdb37083f1d0. It is recommended to upgrade the affected component. VDB-216174 is the identifier assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-17[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4588
N/A
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]cyface – terms_and_conditions_module
[/LEFT][/TD]
[TD][LEFT]A vulnerability has been found in cyface Terms and Conditions Module up to 2.0.10 and classified as problematic. Affected by this vulnerability is the function returnTo of the file termsandconditions/views.py. The manipulation leads to open redirect. The attack can be launched remotely. Upgrading to version 2.0.11 is able to address this issue. The name of the patch is 03396a1c2e0af95e12a45c5faef7e47a4b513e1a. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216175.[/LEFT][/TD]
[TD][CENTER]2022-12-17[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4589
N/A
N/A
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]mschaef – toto[/LEFT][/TD]
[TD][LEFT]A vulnerability was found in mschaef toto up to 1.4.20. It has been classified as problematic. This affects an unknown part of the component Todo List Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.4.21 is able to address this issue. The name of the patch is fdc825ac5249f40683377e8a526a06cdc6870125. It is recommended to upgrade the affected component. The identifier VDB-216177 was assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-17[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4590
N/A
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]mschaef – toto[/LEFT][/TD]
[TD][LEFT]A vulnerability was found in mschaef toto up to 1.4.20. It has been declared as problematic. This vulnerability affects unknown code of the component Email Parameter Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 1.4.21 is able to address this issue. The name of the patch is 1f27f37c1a06f54a76971f70eaa6139dc139bdf9. It is recommended to upgrade the affected component. VDB-216178 is the identifier assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-17[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4591
N/A
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]siemens – multiple_products[/LEFT][/TD]
[TD][LEFT]A vulnerability has been identified in APOGEE PXC Series (BACnet) (All versions < V3.5.5), APOGEE PXC Series (P2 Ethernet) (All versions < V2.8.20), TALON TC Series (BACnet) (All versions < V3.5.5). A low privilege authenticated attacker with network access to the integrated web server could download sensitive information from the device containing user account credentials.[/LEFT][/TD]
[TD][CENTER]2022-12-13[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-45937
CONFIRM[/TD]
[/TR]
[TR]
[TD][LEFT]alist – alist[/LEFT][/TD]
[TD][LEFT]Alist v3.4.0 is vulnerable to Directory Traversal,[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-45969
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]tenda – ac15[/LEFT][/TD]
[TD][LEFT]Tenda AC15 V15.03.06.23 is vulnerable to Buffer Overflow via function formSetClientState.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46109
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]aerocms – aerocms[/LEFT][/TD]
[TD][LEFT]In AeroCms v0.0.1, there is an arbitrary file upload vulnerability at /admin/posts.php?source=edit_post , through which we can upload webshell and control the web server.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46135
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]aerocms – aerocms[/LEFT][/TD]
[TD][LEFT]AeroCMS v0.0.1 is vulnerable to Directory Traversal. The impact is: obtain sensitive information (remote). The component is: AeroCMS v0.0.1.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46137
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]siemens – scalance[/LEFT][/TD]
[TD][LEFT]Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an authenticated attacker to decrypt the contents of the file and retrieve debug information about the system.[/LEFT][/TD]
[TD][CENTER]2022-12-13[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46140
CONFIRM[/TD]
[/TR]
[TR]
[TD][LEFT]siemens – scalance[/LEFT][/TD]
[TD][LEFT]Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords.[/LEFT][/TD]
[TD][CENTER]2022-12-13[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46142
CONFIRM[/TD]
[/TR]
[TR]
[TD][LEFT]siemens – scalance[/LEFT][/TD]
[TD][LEFT]Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially contains previously allocated data.[/LEFT][/TD]
[TD][CENTER]2022-12-13[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46143
CONFIRM[/TD]
[/TR]
[TR]
[TD][LEFT]x.orgx.org[/LEFT][/TD]
[TD][LEFT]A vulnerability was found in X.Org. This security flaw occurs becuase the swap handler for the XTestFakeInput request of the XTest extension may corrupt the stack if GenericEvents with lengths larger than 32 bytes are sent through a the XTestFakeInput request. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. This issue does not affect systems where client and server use the same byte order.[/LEFT][/TD]
[TD][CENTER]2022-12-14[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46340
MISC
MISC
FEDORA
FEDORA[/TD]
[/TR]
[TR]
[TD][LEFT]x.orgx.org[/LEFT][/TD]
[TD][LEFT]A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIPassiveUngrab request accesses out-of-bounds memory when invoked with a high keycode or button code. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.[/LEFT][/TD]
[TD][CENTER]2022-12-14[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46341
MISC
MISC
FEDORA
FEDORA[/TD]
[/TR]
[TR]
[TD][LEFT]x.orgx.org[/LEFT][/TD]
[TD][LEFT]A vulnerability was found in X.Org. This security flaw occurs because the handler for the XvdiSelectVideoNotify request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X se[/LEFT][/TD]
[TD][CENTER]2022-12-14[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46342
MISC
MISC
FEDORA
FEDORA[/TD]
[/TR]
[TR]
[TD][LEFT]x.orgx.org[/LEFT][/TD]
[TD][LEFT]A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.[/LEFT][/TD]
[TD][CENTER]2022-12-14[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46343
MISC
MISC
FEDORA
FEDORA[/TD]
[/TR]
[TR]
[TD][LEFT]x.orgx.org[/LEFT][/TD]
[TD][LEFT]A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIChangeProperty request has a length-validation issues, resulting in out-of-bounds memory reads and potential information disclosure. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.[/LEFT][/TD]
[TD][CENTER]2022-12-14[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46344
MISC
MISC
FEDORA
FEDORA[/TD]
[/TR]
[TR]
[TD][LEFT]mbed_tls – mbed_tls[/LEFT][/TD]
[TD][LEFT]An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses (typically, an untrusted operating system attacking a secure enclave) can recover an RSA private key after observing the victim performing a single private-key operation, if the window size (MBEDTLS_MPI_WINDOW_SIZE) used for the exponentiation is 3 or smaller.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46392
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]mbed_tls – mbed_tls[/LEFT][/TD]
[TD][LEFT]An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap-based buffer overflow and heap-based buffer over-read in DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46393
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]atos – unify[/LEFT][/TD]
[TD][LEFT]A command injection vulnerability has been identified in Atos Unify OpenScape 4000 Assistant and Unify OpenScape 4000 Manager (8 before R2.22.18, 10 before 0.28.13, and 10 R1 before R1.34.4) that may allow an unauthenticated attacker to upload arbitrary files and achieve administrative access to the system.[/LEFT][/TD]
[TD][CENTER]2022-12-13[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46404
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]totolink – a7100ru[/LEFT][/TD]
[TD][LEFT]TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiSignalCfg function.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46631
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]totolink – a7100ru[/LEFT][/TD]
[TD][LEFT]TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiWpsCfg function.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46634
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]rockwell_automation – micrologix_controllers[/LEFT][/TD]
[TD][LEFT]Rockwell Automation was made aware of a vulnerability by a security researcher from Georgia Institute of Technology that the MicroLogix 1100 and 1400 controllers contain a vulnerability that may give an attacker the ability to accomplish remote code execution. The vulnerability is an unauthenticated stored cross-site scripting vulnerability in the embedded webserver. The payload is transferred to the controller over SNMP and is rendered on the homepage of the embedded website.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46670
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]A race condition was addressed with additional validation. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46689
MISC
MISC
MISC
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46690
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]A memory consumption issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46691
MISC
MISC
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]A logic issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may bypass Same Origin Policy.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46692
MISC
MISC
MISC
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing a maliciously crafted file may lead to arbitrary code execution.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46693
MISC
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, iOS 15.7.2 and iPadOS 15.7.2, tvOS 16.2, watchOS 9.2. Parsing a maliciously crafted video file may lead to kernel code execution.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46694
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Visiting a website that frames malicious content may lead to UI spoofing.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46695
MISC
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46696
MISC
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – macos[/LEFT][/TD]
[TD][LEFT]An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.1. An app may be able to execute arbitrary code with kernel privileges.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46697
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – ios_and_ipados[/LEFT][/TD]
[TD][LEFT]A logic issue was addressed with improved checks. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may disclose sensitive user information.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46698
MISC
MISC
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46699
MISC
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46700
MISC
MISC
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]The issue was addressed with improved bounds checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2. Connecting to a malicious NFS server may lead to arbitrary code execution with kernel privileges.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46701
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]apple – multiple_products[/LEFT][/TD]
[TD][LEFT]The issue was addressed with improved memory handling. This issue is fixed in iOS 16.2 and iPadOS 16.2. An app may be able to disclose kernel memory.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46702
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]zabbix – web_service_report_generation[/LEFT][/TD]
[TD][LEFT]Arbitrary file read vulnerability exists in Zabbix Web Service Report Generation, which listens on the port 10053. The service does not have proper validation for URL parameters before reading the files.[/LEFT][/TD]
[TD][CENTER]2022-12-15[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46768
CONFIRM[/TD]
[/TR]
[TR]
[TD][LEFT]apache – zeppelin[/LEFT][/TD]
[TD][LEFT]An Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Apache Zeppelin allows logged-in users to execute arbitrary javascript in other users’ browsers. This issue affects Apache Zeppelin before 0.8.2. Users are recommended to upgrade to a supported version of Zeppelin.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46870
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]netgear – nighthawk[/LEFT][/TD]
[TD][LEFT]The “puhttpsniff” service, which runs by default, is susceptible to command injection due to improperly sanitized user input. An unauthenticated attacker on the same network segment as the router can execute arbitrary commands on the device without authentication.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-47208
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]netgear – nighthawk[/LEFT][/TD]
[TD][LEFT]A support user exists on the device and appears to be a backdoor for Technical Support staff. The default password for this account is “support” and cannot be changed by a user via any normally accessible means.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-47209
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]netgear – nighthawk[/LEFT][/TD]
[TD][LEFT]The default console presented to users over telnet (when enabled) is restricted to a subset of commands. Commands issued at this console, however, appear to be fed directly into a system call or other similar function. This allows any authenticated user to execute arbitrary commands on the device.[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-47210
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]sick – sick_sim2000st[/LEFT][/TD]
[TD][LEFT]Password recovery vulnerability in SICK SIM2000ST Partnumber 2086502 with firmware version <1.13.4 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. This leads to an increase in their privileges on the system and thereby affecting the confidentiality integrity and availability of the system. An attacker can expect repeatable success by exploiting the vulnerability. The recommended solution is to update the firmware to a version >= 1.13.4 as soon as possible (available in SICK Support Portal).[/LEFT][/TD]
[TD][CENTER]2022-12-16[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-47377
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]typo3 – typo3[/LEFT][/TD]
[TD][LEFT]An issue was discovered in the fe_change_pwd (aka Change password for frontend users) extension before 2.0.5, and 3.x before 3.0.3, for TYPO3. The extension fails to revoke existing sessions for the current user when the password has been changed.[/LEFT][/TD]
[TD][CENTER]2022-12-14[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-47406
MISC[/TD]
[/TR]
[/TABLE][/CENTER]
Back to top

This product is provided subject to this Notification and this Privacy & Use policy.

Continue reading…