CISA Bulletins - Vulnerability Summary for the Week of December 5, 2022

system · December 12, 2022, 8:42pm

Original release date: December 12, 2022

High Vulnerabilities

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD][LEFT]activerecord_project -- activerecord[/LEFT][/TD] [TD][LEFT]A possible escalation to RCE vulnerability exists when using YAML serialized columns in Active Record < 7.0.3.1, <6.1.6.1, <6.0.5.1 and <5.2.8.1 which could allow an attacker, that can manipulate data in the database (via means like SQL injection), the ability to escalate to an RCE.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32224&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32224]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32224') [MISC]('https://groups.google.com/g/rubyonrails-security/c/MmFO3LYQE8U') [MISC]('https://github.com/advisories/GHSA-3hhc-qp5v-9p2j')[/TD] [/TR] [TR] [TD][LEFT]algan -- prens_student_information_system[/LEFT][/TD] [TD][LEFT]Algan YazÄ±lÄ±m Prens Student Information System product has an unauthenticated SQL Injection vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2807&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-2807]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2807') [CONFIRM]('https://www.usom.gov.tr/bildirim/tr-22-0708')[/TD] [/TR] [TR] [TD][LEFT]algan -- prens_student_information_system[/LEFT][/TD] [TD][LEFT]Algan Yaz?l?m Prens Student Information System product has an authenticated Insecure Direct Object Reference (IDOR) vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2808&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-2808]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2808') [CONFIRM]('https://www.usom.gov.tr/bildirim/tr-22-0708')[/TD] [/TR] [TR] [TD][LEFT]amentotech -- workreap[/LEFT][/TD] [TD][LEFT]The Workreap WordPress theme before 2.6.3 has a vulnerability with the notifications feature as it's possible to read any user's notification (employer or freelancer) as the notification ID is brute-forceable.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3846&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-3846]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3846') [MISC]('https://wpscan.com/vulnerability/6220c7ef-69a6-49c4-9c56-156b945446af')[/TD] [/TR] [TR] [TD][LEFT]ami -- megarac_sp-x[/LEFT][/TD] [TD][LEFT]MegaRAC Default Credentials Vulnerability[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40242&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40242]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40242') [MISC]('https://eclypsium.com/2022/12/05/supply-chain-vulnerabilities-put-server-ecosystem-at-risk/')[/TD] [/TR] [TR] [TD][LEFT]ami -- megarac_sp-x[/LEFT][/TD] [TD][LEFT]AMI MegaRAC Redfish Arbitrary Code Execution[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40259&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40259]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40259') [MISC]('https://eclypsium.com/2022/12/05/supply-chain-vulnerabilities-put-server-ecosystem-at-risk/')[/TD] [/TR] [TR] [TD][LEFT]ami -- megarac_sp-x[/LEFT][/TD] [TD][LEFT]AMI MegaRAC User Enumeration Vulnerability[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2827&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-2827]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2827') [MISC]('https://eclypsium.com/2022/12/05/supply-chain-vulnerabilities-put-server-ecosystem-at-risk/')[/TD] [/TR] [TR] [TD][LEFT]apache -- camel[/LEFT][/TD] [TD][LEFT]The camel-ldap component allows LDAP Injection when using the filter option. Users are recommended to either move to the Camel-Spring-Ldap component (which is not affected) or upgrade to 3.14.6 or 3.18.4.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45046&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45046]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45046') [CONFIRM]('https://camel.apache.org/security/CVE-2022-45046.html') [MLIST]('http://www.openwall.com/lists/oss-security/2022/12/05/2')[/TD] [/TR] [TR] [TD][LEFT]apache -- tapestry[/LEFT][/TD] [TD][LEFT]** UNSUPPORTED WHEN ASSIGNED ** Apache Tapestry 3.x allows deserialization of untrusted data, leading to remote code execution. This issue is similar to but distinct from CVE-2020-17531, which applies the the (also unsupported) 4.x version line. NOTE: This vulnerability only affects Apache Tapestry version line 3.x, which is no longer supported by the maintainer. Users are recommended to upgrade to a supported version line of Apache Tapestry.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46366&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46366]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46366') [CONFIRM]('https://lists.apache.org/thread/bwn1vjrvz1hq0wbdzj23wz322244swhj') [MLIST]('http://www.openwall.com/lists/oss-security/2022/12/02/1') [MISC]('https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0041/MNDT-2022-0041.md')[/TD] [/TR] [TR] [TD][LEFT]avast -- avast[/LEFT][/TD] [TD][LEFT]A vulnerability within the malware removal functionality of Avast and AVG Antivirus allowed an attacker with write access to the filesystem, to escalate his privileges in certain scenarios. The issue was fixed with Avast and AVG Antivirus version 22.10.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4173&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4173]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4173') [MISC]('https://support.norton.com/sp/static/external/tools/security-advisories.html')[/TD] [/TR] [TR] [TD][LEFT]ayacms_project -- ayacms[/LEFT][/TD] [TD][LEFT]AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE).[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45550&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45550]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45550') [MISC]('https://shimo.im/docs/KrkEVb29pwsxZ6AJ') [MISC]('https://github.com/loadream/AyaCMS/issues/8')[/TD] [/TR] [TR] [TD][LEFT]ayacms_project -- ayacms[/LEFT][/TD] [TD][LEFT]AyaCMS v3.1.2 has an Arbitrary File Upload vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45548&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45548]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45548') [MISC]('https://github.com/loadream/AyaCMS/issues/4')[/TD] [/TR] [TR] [TD][LEFT]background_management_system_project -- background_management_system[/LEFT][/TD] [TD][LEFT]A vulnerability was found in Shaoxing Background Management System. It has been declared as critical. This vulnerability affects unknown code of the file /Default/Bd. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-214774 is the identifier assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-03[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4277&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4277]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4277') [N/A]('https://github.com/Peanut886/Vulnerability/blob/main/SQL%20injection%20exists%20in%20the%20background%20management%20system%20Default%20of%20Shaoxing%20Punctuation%20Electronic%20Technology%20Co.%2C%20LTD.md') [N/A]('https://vuldb.com/?id.214774')[/TD] [/TR] [TR] [TD][LEFT]beappsmobile -- pc_keyboard_wifi\&bluetooth[/LEFT][/TD] [TD][LEFT]PC Keyboard allows remote unauthenticated users to send instructions to the server to execute arbitrary code without any previous authorization or authentication. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45479&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45479]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45479') [MISC]('https://www.synopsys.com/blogs/software-security/cyrc-advisory-remote-code-execution-vulnerabilities-mouse-keyboard-apps/')[/TD] [/TR] [TR] [TD][LEFT]cacti -- cacti[/LEFT][/TD] [TD][LEFT]Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected versions a command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data source was selected for any monitored device. The vulnerability resides in the [ICODE]remote_agent.php[/ICODE] file. This file can be accessed without authentication. This function retrieves the IP address of the client via [ICODE]get_client_addr[/ICODE] and resolves this IP address to the corresponding hostname via [ICODE]gethostbyaddr[/ICODE]. After this, it is verified that an entry within the [ICODE]poller[/ICODE] table exists, where the hostname corresponds to the resolved hostname. If such an entry was found, the function returns [ICODE]true[/ICODE] and the client is authorized. This authorization can be bypassed due to the implementation of the [ICODE]get_client_addr[/ICODE] function. The function is defined in the file [ICODE]lib/functions.php[/ICODE] and checks serval [ICODE]$_SERVER[/ICODE] variables to determine the IP address of the client. The variables beginning with [ICODE]HTTP_[/ICODE] can be arbitrarily set by an attacker. Since there is a default entry in the [ICODE]poller[/ICODE] table with the hostname of the server running Cacti, an attacker can bypass the authentication e.g. by providing the header [ICODE]Forwarded-For: [/ICODE]. This way the function [ICODE]get_client_addr[/ICODE] returns the IP address of the server running Cacti. The following call to [ICODE]gethostbyaddr[/ICODE] will resolve this IP address to the hostname of the server, which will pass the [ICODE]poller[/ICODE] hostname check because of the default entry. After the authorization of the [ICODE]remote_agent.php[/ICODE] file is bypassed, an attacker can trigger different actions. One of these actions is called [ICODE]polldata[/ICODE]. The called function [ICODE]poll_for_data[/ICODE] retrieves a few request parameters and loads the corresponding [ICODE]poller_item[/ICODE] entries from the database. If the [ICODE]action[/ICODE] of a [ICODE]poller_item[/ICODE] equals [ICODE]POLLER_ACTION_SCRIPT_PHP[/ICODE], the function [ICODE]proc_open[/ICODE] is used to execute a PHP script. The attacker-controlled parameter [ICODE]$poller_id[/ICODE] is retrieved via the function [ICODE]get_nfilter_request_var[/ICODE], which allows arbitrary strings. This variable is later inserted into the string passed to [ICODE]proc_open[/ICODE], which leads to a command injection vulnerability. By e.g. providing the [ICODE]poller_id=;id[/ICODE] the [ICODE]id[/ICODE] command is executed. In order to reach the vulnerable call, the attacker must provide a [ICODE]host_id[/ICODE] and [ICODE]local_data_id[/ICODE], where the [ICODE]action[/ICODE] of the corresponding [ICODE]poller_item[/ICODE] is set to [ICODE]POLLER_ACTION_SCRIPT_PHP[/ICODE]. Both of these ids ([ICODE]host_id[/ICODE] and [ICODE]local_data_id[/ICODE]) can easily be bruteforced. The only requirement is that a [ICODE]poller_item[/ICODE] with an [ICODE]POLLER_ACTION_SCRIPT_PHP[/ICODE] action exists. This is very likely on a productive instance because this action is added by some predefined templates like [ICODE]Device - Uptime[/ICODE] or [ICODE]Device - Polling Time[/ICODE]. This command injection vulnerability allows an unauthenticated user to execute arbitrary commands if a [ICODE]poller_item[/ICODE] with the [ICODE]action[/ICODE] type [ICODE]POLLER_ACTION_SCRIPT_PHP[/ICODE] ([ICODE]2[/ICODE]) is configured. The authorization bypass should be prevented by not allowing an attacker to make [ICODE]get_client_addr[/ICODE] (file [ICODE]lib/functions.php[/ICODE]) return an arbitrary IP address. This could be done by not honoring the [ICODE]HTTP_...[/ICODE] [ICODE]$_SERVER[/ICODE] variables. If these should be kept for compatibility reasons it should at least be prevented to fake the IP address of the server running Cacti. This vulnerability has been addressed in both the 1.2.x and 1.3.x release branches with [ICODE]1.2.23[/ICODE] being the first release containing the patch.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46169&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46169]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46169') [MISC]('https://github.com/Cacti/cacti/security/advisories/GHSA-6p93-p743-35gf') [MISC]('https://github.com/Cacti/cacti/commit/b43f13ae7f1e6bfe4e8e56a80a7cd867cf2db52b') [MISC]('https://github.com/Cacti/cacti/commit/a8d59e8fa5f0054aa9c6981b1cbe30ef0e2a0ec9') [MISC]('https://github.com/Cacti/cacti/commit/7f0e16312dd5ce20f93744ef8b9c3b0f1ece2216')[/TD] [/TR] [TR] [TD][LEFT]casbin -- casdoor[/LEFT][/TD] [TD][LEFT]Casdoor before v1.126.1 was discovered to contain an arbitrary file deletion vulnerability via the uploadFile function.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44942&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44942]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44942') [MISC]('https://github.com/casdoor/casdoor/issues/1171')[/TD] [/TR] [TR] [TD][LEFT]clastix -- capsule[/LEFT][/TD] [TD][LEFT]Capsule is a multi-tenancy and policy-based framework for Kubernetes. Prior to version 0.1.3, a ServiceAccount deployed in a Tenant Namespace, when granted with [ICODE]PATCH[/ICODE] capabilities on its own Namespace, is able to edit it and remove the Owner Reference, breaking the reconciliation of the Capsule Operator and removing all the enforcement like Pod Security annotations, Network Policies, Limit Range and Resource Quota items. An attacker could detach the Namespace from a Tenant that is forbidding starting privileged Pods using the Pod Security labels by removing the OwnerReference, removing the enforcement labels, and being able to start privileged containers that would be able to start a generic Kubernetes privilege escalation. Patches have been released for version 0.1.3. No known workarounds are available.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46167&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46167]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46167') [MISC]('https://github.com/clastix/capsule/security/advisories/GHSA-x45c-cvp8-q4fm') [MISC]('https://github.com/clastix/capsule/commit/1df430e71be8c4778c82eca3459978ad7d0b4b7b') [MISC]('https://github.com/clastix/capsule/commit/75525ac19254b0c5111e34d7985e2be7bc8b1ac1') [MISC]('https://github.com/clastix/capsule/releases/tag/v0.1.3')[/TD] [/TR] [TR] [TD][LEFT]clerk -- clerk.io[/LEFT][/TD] [TD][LEFT]The Clerk WordPress plugin before 4.0.0 is affected by time-based attacks in the validation function for all API requests due to the usage of comparison operators to verify API keys against the ones stored in the site options.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3907&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-3907]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3907') [MISC]('https://wpscan.com/vulnerability/7920c1c1-709d-4b1f-ac08-f0a02ddb329c')[/TD] [/TR] [TR] [TD][LEFT]concretecms -- concrete_cms[/LEFT][/TD] [TD][LEFT]ConcreteCMS v9.1.3 was discovered to be vulnerable to Xpath injection attacks. This vulnerability allows attackers to access sensitive XML data via a crafted payload injected into the URL path folder "3".[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46464&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-46464]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46464') [MISC]('https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/concretecms.org/2022/concretecms-9.1.3')[/TD] [/TR] [TR] [TD][LEFT]craftcms -- craft_cms[/LEFT][/TD] [TD][LEFT]All Craft CMS versions between 3.0.0 and 3.7.32 disclose password hashes of users who authenticate using their E-Mail address or username in Anti-CSRF-Tokens. Craft CMS uses a cookie called CRAFT_CSRF_TOKEN and a HTML hidden field called CRAFT_CSRF_TOKEN to avoid Cross Site Request Forgery attacks. The CRAFT_CSRF_TOKEN cookie discloses the password hash in without encoding it whereas the corresponding HTML hidden field discloses the users' password hash in a masked manner, which can be decoded by using public functions of the YII framework.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37783&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-37783]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37783') [MISC]('https://at-trustit.tuv.at/tuev-trust-it-cves/cve-disclosure-of-password-hashes/')[/TD] [/TR] [TR] [TD][LEFT]cybozu -- cybozu_remote_service[/LEFT][/TD] [TD][LEFT]Uncontrolled resource consumption vulnerability in Cybozu Remote Service 4.0.0 to 4.0.3 allows a remote authenticated attacker to consume huge storage space, which may result in a denial-of-service (DoS) condition.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44608&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-44608]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44608') [MISC]('https://cs.cybozu.co.jp/2022/007754.html') [MISC]('https://jvn.jp/en/jp/JVN87895771/index.html')[/TD] [/TR] [TR] [TD][LEFT]d-link -- dhp-w310av_firmware[/LEFT][/TD] [TD][LEFT]D-Link DHP-W310AV 3.10EU was discovered to contain a command injection vulnerability via the System Checks function.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44930&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44930]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44930') [MISC]('https://cyber-guy.gitbook.io/cyber-guys-blog/pocs/cve-2022-44930')[/TD] [/TR] [TR] [TD][LEFT]d-link -- dvg-g5402sp_firmware[/LEFT][/TD] [TD][LEFT]D-Link DVG-G5402SP GE_1.03 was discovered to contain a command injection vulnerability via the Maintenance function.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44928&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44928]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44928') [MISC]('https://cyber-guy.gitbook.io/cyber-guys-blog/pocs/cve-2022-44928')[/TD] [/TR] [TR] [TD][LEFT]d-link -- dvg-g5402sp_firmware[/LEFT][/TD] [TD][LEFT]An access control issue in D-Link DVG-G5402SP GE_1.03 allows unauthenticated attackers to escalate privileges via arbitrarily editing VoIP SIB profiles.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44929&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44929]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44929') [MISC]('https://cyber-guy.gitbook.io/cyber-guys-blog/pocs/cve-2022-44929')[/TD] [/TR] [TR] [TD][LEFT]dottech -- smart_campus_system[/LEFT][/TD] [TD][LEFT]A vulnerability, which was classified as problematic, has been found in Dot Tech Smart Campus System. Affected by this issue is some unknown functionality of the file /services/Card/findUser. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-214778 is the identifier assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-03[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4280&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-4280]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4280') [N/A]('https://github.com/Peanut886/Vulnerability/blob/main/Information%20leakage%20vulnerability%20exists%20in%20findUser%2C%20a%20smart%20campus%20system%20developed%20by%20Dot%20Tech.md') [N/A]('https://vuldb.com/?id.214778')[/TD] [/TR] [TR] [TD][LEFT]duxcms_project -- duxcms[/LEFT][/TD] [TD][LEFT]A vulnerability was found in annyshow DuxCMS 2.1. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-215116.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-36610&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2020-36610]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-36610') [MISC]('https://gitee.com/annyshow/DuxCMS2.1/issues/I183GG') [MISC]('https://vuldb.com/?id.215116')[/TD] [/TR] [TR] [TD][LEFT]elbtide -- advanced_booking_calendar[/LEFT][/TD] [TD][LEFT]Unauth. SQL Injection (SQLi) vulnerability in Advanced Booking Calendar plugin <= 1.7.1 on WordPress.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45822&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45822]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45822') [MISC]('https://patchstack.com/database/vulnerability/advanced-booking-calendar/wordpress-advanced-booking-calendar-plugin-1-7-1-unauth-sql-injection-sqli-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]f5 -- big-iq_centralized_management[/LEFT][/TD] [TD][LEFT]In all versions, BIG-IP and BIG-IQ are vulnerable to cross-site request forgery (CSRF) attacks through iControl SOAP. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41622&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41622]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41622') [MISC]('https://support.f5.com/csp/article/K94221585')[/TD] [/TR] [TR] [TD][LEFT]facepay_project -- facepay[/LEFT][/TD] [TD][LEFT]A vulnerability has been found in Facepay 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /face-recognition-php/facepay-master/camera.php. The manipulation of the argument userId leads to authorization bypass. The attack can be launched remotely. The identifier VDB-214789 was assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4281&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4281]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4281') [N/A]('https://vuldb.com/?id.214789')[/TD] [/TR] [TR] [TD][LEFT]force1rc -- discovery_wifi_u818a_hd\+_fpv_firmware[/LEFT][/TD] [TD][LEFT]Buffer overflow in firmware lewei_cam binary version 2.0.10 in Force 1 Discovery Wifi U818A HD+ FPV Drone allows attacker to gain remote code execution as root user via a specially crafted UDP packet. Please update the Reference section to these links > http://thiscomputer.com/ > https://www.bostoncyber.org/ > https://medium.com/@meekworth/exploiting-the-lw9621-drone-camera-module-773f00081368 [/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40918&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40918]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40918') [MISC]('https://medium.com/@meekworth/exploiting-the-lw9621-drone-camera-module-773f00081368') [MISC]('https://1af95112-6fd8-4c8f-8bd6-c47f8ef7b77a.filesusr.com/ugd/c1f861_51eb0d33d5764efc93e9d5f19c306950.pdf')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortiadc[/LEFT][/TD] [TD][LEFT]An improper neutralization of special elements used in an SQL Command ('SQL Injection') vulnerability in Fortinet FortiADC version 7.1.0, version 7.0.0 through 7.0.2 and version 6.2.4 and below allows an authenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-33875&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-33875]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-33875') [MISC]('https://fortiguard.com/psirt/FG-IR-22-252')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortideceptor[/LEFT][/TD] [TD][LEFT]An insufficient logging [CWE-778] vulnerability in FortiSandbox versions 4.0.0 to 4.0.2, 3.2.0 to 3.2.3 and 3.1.0 to 3.1.5 and FortiDeceptor versions 4.2.0, 4.1.0 through 4.1.1, 4.0.0 through 4.0.2, 3.3.0 through 3.3.3, 3.2.0 through 3.2.2,3.1.0 through 3.1.1 and 3.0.0 through 3.0.2 may allow a remote attacker to repeatedly enter incorrect credentials without causing a log entry, and with no limit on the number of failed authentication attempts.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-30305&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-30305]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-30305') [MISC]('https://fortiguard.com/psirt/FG-IR-21-170')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortiproxy[/LEFT][/TD] [TD][LEFT]An authentication bypass by assumed-immutable data vulnerability [CWE-302] in the FortiOS SSH login component 7.2.0, 7.0.0 through 7.0.7, 6.4.0 through 6.4.9, 6.2 all versions, 6.0 all versions and FortiProxy SSH login component 7.0.0 through 7.0.5, 2.0.0 through 2.0.10, 1.2.0 all versions may allow a remote and unauthenticated attacker to login into the device via sending specially crafted Access-Challenge response from the Radius server.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-35843&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-35843]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-35843') [MISC]('https://fortiguard.com/psirt/FG-IR-22-255')[/TD] [/TR] [TR] [TD][LEFT]franklinfueling -- colibri_firmware[/LEFT][/TD] [TD][LEFT]Franklin Fueling System FFS Colibri 1.9.22.8925 is affected by: File system overwrite. The impact is: File system rewrite (remote). ¶¶ An attacker can overwrite system files like [system.conf] and [passwd], this occurs because the insecure usage of "fopen" system function with the mode "wb" which allows overwriting file if exists. Overwriting files such as passwd, allows an attacker to escalate his privileges by planting backdoor user with root privilege or change root password.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44039&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44039]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44039') [MISC]('https://pastebin.com/raw/64stbsWu')[/TD] [/TR] [TR] [TD][LEFT]fsi -- fs040u_firmware[/LEFT][/TD] [TD][LEFT]Cross-site request forgery (CSRF) vulnerability in +F FS040U software versions v2.3.4 and earlier, +F FS020W software versions v4.0.0 and earlier, +F FS030W software versions v3.3.5 and earlier, and +F FS040W software versions v1.4.1 and earlier allows an adjacent attacker to hijack the authentication of an administrator and user's unintended operations such as to reboot the product and/or reset the configuration to the initial set-up may be performed.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][7.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43470&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43470]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43470') [MISC]('https://www.fsi.co.jp/mobile/plusF/news/22102803.html') [MISC]('https://www.fsi.co.jp/mobile/plusF/news/22102802.html') [MISC]('https://jvn.jp/en/jp/JVN74285622/index.html') [MISC]('https://www.fsi.co.jp/mobile/plusF/news/22102804.html') [MISC]('https://www.fsi.co.jp/mobile/plusF/news/22102801.html')[/TD] [/TR] [TR] [TD][LEFT]galaxyproject -- galaxy[/LEFT][/TD] [TD][LEFT]Galaxy is an open-source platform for data analysis. An arbitrary file read exists in Galaxy 22.01 and Galaxy 22.05 due to the switch to Gunicorn, which can be used to read any file accessible to the operating system user under which Galaxy is running. This vulnerability affects Galaxy 22.01 and higher, after the switch to gunicorn, which serve static contents directly. Additionally, the vulnerability is mitigated when using Nginx or Apache to serve /static/* contents, instead of Galaxy's internal middleware. This issue has been patched in commit [ICODE]e5e6bda4f[/ICODE] and will be included in future releases. Users are advised to manually patch their installations. There are no known workarounds for this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23470&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-23470]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23470') [MISC]('https://github.com/galaxyproject/galaxy/security/advisories/GHSA-grjf-2ghx-q77x') [MISC]('https://github.com/galaxyproject/galaxy/commit/e5e6bda4f014f807ca77ee0cf6af777a55918346')[/TD] [/TR] [TR] [TD][LEFT]ge -- cimplicity[/LEFT][/TD] [TD][LEFT]GE CIMPICITY versions 2022 and prior is vulnerable when data from faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2002&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-2002]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2002') [MISC]('https://www.cisa.gov/uscert/ics/advisories/icsa-22-326-04')[/TD] [/TR] [TR] [TD][LEFT]ge -- cimplicity[/LEFT][/TD] [TD][LEFT]GE CIMPICITY versions 2022 and prior is vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2948&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-2948]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2948') [MISC]('https://www.cisa.gov/uscert/ics/advisories/icsa-22-326-04')[/TD] [/TR] [TR] [TD][LEFT]ge -- cimplicity[/LEFT][/TD] [TD][LEFT]GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2952&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-2952]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2952') [MISC]('https://www.cisa.gov/uscert/ics/advisories/icsa-22-326-04')[/TD] [/TR] [TR] [TD][LEFT]ge -- cimplicity[/LEFT][/TD] [TD][LEFT]GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiRootOptionTable, which could allow an attacker to execute arbitrary code.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3084&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3084]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3084') [MISC]('https://www.cisa.gov/uscert/ics/advisories/icsa-22-326-04')[/TD] [/TR] [TR] [TD][LEFT]ge -- cimplicity[/LEFT][/TD] [TD][LEFT]GE CIMPICITY versions 2022 and prior is vulnerable to an out-of-bounds write, which could allow an attacker to execute arbitrary code.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3092&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3092]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3092') [MISC]('https://www.cisa.gov/uscert/ics/advisories/icsa-22-326-04')[/TD] [/TR] [TR] [TD][LEFT]gitpython_project -- gitpython[/LEFT][/TD] [TD][LEFT]All versions of package gitpython are vulnerable to Remote Code Execution (RCE) due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to git without sufficient sanitization of input arguments.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-24439&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-24439]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-24439') [CONFIRM]('https://security.snyk.io/vuln/SNYK-PYTHON-GITPYTHON-3113858') [CONFIRM]('https://github.com/gitpython-developers/GitPython/blob/bec61576ae75803bc4e60d8de7a629c194313d1c/git/repo/base.py%23L1249')[/TD] [/TR] [TR] [TD][LEFT]goauthentik -- authentik[/LEFT][/TD] [TD][LEFT]authentik is an open-source identity provider. Versions prior to 2022.11.2 and 2022.10.2 are vulnerable to unauthorized user creation and potential account takeover. With the default flows, unauthenticated users can create new accounts in authentik. If a flow exists that allows for email-verified password recovery, this can be used to overwrite the email address of admin accounts and take over their accounts. authentik 2022.11.2 and 2022.10.2 fix this issue. As a workaround, a policy can be created and bound to the [ICODE]default-user-settings-flow flow[/ICODE] with the contents [ICODE]return request.user.is_authenticated[/ICODE].[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46145&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46145]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46145') [MISC]('https://goauthentik.io/docs/releases/2022.11#fixed-in-2022112') [MISC]('https://goauthentik.io/docs/releases/2022.10#fixed-in-2022102') [MISC]('https://github.com/goauthentik/authentik/security/advisories/GHSA-mjfw-54m5-fvjf')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39090&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-39090]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39090') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39091&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-39091]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39091') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39092&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-39092]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39092') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39093&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-39093]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39093') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39094&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-39094]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39094') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39095&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-39095]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39095') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39096&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-39096]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39096') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39097&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-39097]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39097') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39098&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-39098]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39098') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39099&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-39099]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39099') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39100&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-39100]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39100') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39101&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-39101]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39101') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39102&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-39102]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39102') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In UscAIEngine service, there is a missing permission check. This could lead to set up UscAIEngine service with no additional execution privileges needed.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42776&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-42776]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42776') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42777&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-42777]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42777') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In windows manager service, there is a missing permission check. This could lead to set up windows manager service with no additional execution privileges needed.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42778&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-42778]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42778') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Type confusion in V8 in Google Chrome prior to 108.0.5359.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4262&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4262]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4262') [MISC]('https://chromereleases.googleblog.com/2022/12/stable-channel-update-for-desktop.html') [MISC]('https://crbug.com/1394403')[/TD] [/TR] [TR] [TD][LEFT]google -- tensorflow[/LEFT][/TD] [TD][LEFT]TensorFlow is an open source platform for machine learning. The function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. We have patched the issue in GitHub commit a65411a1d69edfb16b25907ffb8f73556ce36bb7. The fix will be included in TensorFlow 2.11.0. We will also cherrypick this commit on TensorFlow 2.8.4, 2.9.3, and 2.10.1.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41902&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41902]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41902') [MISC]('https://github.com/tensorflow/tensorflow/commit/a65411a1d69edfb16b25907ffb8f73556ce36bb7') [MISC]('https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/grappler/utils/functions.cc#L221') [CONFIRM]('https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cg88-rpvp-cjv5')[/TD] [/TR] [TR] [TD][LEFT]google -- tensorflow[/LEFT][/TD] [TD][LEFT]TensorFlow is an open source platform for machine learning. The function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. We have patched the issue in GitHub commit a65411a1d69edfb16b25907ffb8f73556ce36bb7. The fix will be included in TensorFlow 2.11.0. We will also cherrypick this commit on TensorFlow 2.8.4, 2.9.3, and 2.10.1.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41910&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41910]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41910') [MISC]('https://github.com/tensorflow/tensorflow/commit/a65411a1d69edfb16b25907ffb8f73556ce36bb7') [CONFIRM]('https://github.com/tensorflow/tensorflow/security/advisories/GHSA-frqp-wp83-qggv') [MISC]('https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/grappler/utils/functions.cc#L221')[/TD] [/TR] [TR] [TD][LEFT]gpac -- gpac[/LEFT][/TD] [TD][LEFT]GPAC MP4box v2.0.0 was discovered to contain a stack overflow in the smil_parse_time_list parameter at /scenegraph/svg_attributes.c.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45283&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45283]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45283') [MISC]('https://github.com/gpac/gpac/issues/2295')[/TD] [/TR] [TR] [TD][LEFT]hasura -- graphql_engine[/LEFT][/TD] [TD][LEFT]Hasura GraphQL Engine before 2.15.2 mishandles row-level authorization in the Update Many API for Postgres backends. The fixed versions are 2.10.2, 2.11.3, 2.12.1, 2.13.2, 2.14.1, and 2.15.2. (Versions before 2.10.0 are unaffected.)[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46792&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46792]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46792') [MISC]('https://hasura.io/blog/critical-vulnerability-in-hasuras-graphql-engine-v2-10-0/') [MISC]('https://groups.google.com/g/hasura-security-announce/c/kzK-uPAKGUU') [MISC]('https://github.com/hasura/graphql-engine/security/advisories/GHSA-g7mj-g7f4-hgrg')[/TD] [/TR] [TR] [TD][LEFT]haxx -- curl[/LEFT][/TD] [TD][LEFT]When doing HTTP(S) transfers, libcurl might erroneously use the read callback ([ICODE]CURLOPT_READFUNCTION[/ICODE]) to ask for data to send, even when the [ICODE]CURLOPT_POSTFIELDS[/ICODE] option has been set, if the same handle previously was used to issue a [ICODE]PUT[/ICODE] request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent [ICODE]POST[/ICODE] request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32221&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32221]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32221') [MISC]('https://hackerone.com/reports/1704017')[/TD] [/TR] [TR] [TD][LEFT]hope-boot_project -- hope-boot[/LEFT][/TD] [TD][LEFT]hope-boot 1.0.0 has a deserialization vulnerability that can cause Remote Code Execution (RCE).[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44371&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44371]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44371') [MISC]('https://github.com/java-aodeng/hope-boot/issues/83')[/TD] [/TR] [TR] [TD][LEFT]hornerautomation -- rcc972_firmware[/LEFT][/TD] [TD][LEFT]Horner Automation’s RCC 972 with firmware version 15.40 has a static encryption key on the device. This could allow an attacker to perform unauthorized changes to the device, remotely execute arbitrary code, or cause a denial-of-service condition.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2641&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-2641]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2641') [MISC]('https://www.cisa.gov/uscert/ics/advisories/icsa-22-335-02')[/TD] [/TR] [TR] [TD][LEFT]hornerautomation -- rcc972_firmware[/LEFT][/TD] [TD][LEFT]The Config-files of Horner Automation’s RCC 972 with firmware version 15.40 are encrypted with weak XOR encryption vulnerable to reverse engineering. This could allow an attacker to obtain credentials to run services such as File Transfer Protocol (FTP) and Hypertext Transfer Protocol (HTTP).[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2640&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-2640]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2640') [MISC]('https://www.cisa.gov/uscert/ics/advisories/icsa-22-335-02')[/TD] [/TR] [TR] [TD][LEFT]hornerautomation -- rcc972_firmware[/LEFT][/TD] [TD][LEFT]Horner Automation’s RCC 972 firmware version 15.40 contains global variables. This could allow an attacker to read out sensitive values and variable keys from the device.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2642&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-2642]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2642') [MISC]('https://www.cisa.gov/uscert/ics/advisories/icsa-22-335-02')[/TD] [/TR] [TR] [TD][LEFT]house_rental_system_project -- house_rental_system[/LEFT][/TD] [TD][LEFT]A vulnerability, which was classified as critical, was found in House Rental System. Affected is an unknown function of the file /view-property.php. The manipulation of the argument property_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-214770 is the identifier assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-03[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4274&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4274]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4274') [N/A]('https://vuldb.com/?id.214770') [N/A]('https://github.com/nikeshtiwari1/House-Rental-System/issues/6')[/TD] [/TR] [TR] [TD][LEFT]house_rental_system_project -- house_rental_system[/LEFT][/TD] [TD][LEFT]A vulnerability has been found in House Rental System and classified as critical. Affected by this vulnerability is an unknown functionality of the file search-property.php of the component POST Request Handler. The manipulation of the argument search_property leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-214771.[/LEFT][/TD] [TD][CENTER]2022-12-03[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4275&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4275]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4275') [N/A]('https://vuldb.com/?id.214771') [N/A]('https://github.com/nikeshtiwari1/House-Rental-System/issues/7')[/TD] [/TR] [TR] [TD][LEFT]house_rental_system_project -- house_rental_system[/LEFT][/TD] [TD][LEFT]A vulnerability was found in House Rental System and classified as critical. Affected by this issue is some unknown functionality of the file tenant-engine.php of the component POST Request Handler. The manipulation of the argument id_photo leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214772.[/LEFT][/TD] [TD][CENTER]2022-12-03[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4276&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4276]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4276') [N/A]('https://vuldb.com/?id.214772') [N/A]('https://github.com/nikeshtiwari1/House-Rental-System/issues/8')[/TD] [/TR] [TR] [TD][LEFT]human_resource_management_system_project -- human_resource_management_system[/LEFT][/TD] [TD][LEFT]A vulnerability, which was classified as critical, has been found in SourceCodester Human Resource Management System 1.0. This issue affects some unknown processing of the file /hrm/controller/employee.php of the component Content-Type Handler. The manipulation of the argument pfimg leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-214769 was assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-03[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4273&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4273]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4273') [MISC]('https://vuldb.com/?id.214769') [MISC]('https://github.com/leecybersec/bug-report/tree/main/sourcecodester/oretnom23/hrm/bypass-fileupload-rce')[/TD] [/TR] [TR] [TD][LEFT]human_resource_management_system_project -- human_resource_management_system[/LEFT][/TD] [TD][LEFT]A vulnerability was found in SourceCodester Human Resource Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /hrm/employeeadd.php. The manipulation of the argument empid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-214775.[/LEFT][/TD] [TD][CENTER]2022-12-03[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4278&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4278]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4278') [N/A]('https://github.com/leecybersec/bug-report/tree/main/sourcecodester/oretnom23/hrm/employeeadd-sqli') [N/A]('https://vuldb.com/?id.214775')[/TD] [/TR] [TR] [TD][LEFT]ibm -- content_navigator[/LEFT][/TD] [TD][LEFT]IBM Content Navigator 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.10, 3.0.11, and 3.0.12 is vulnerable to missing authorization and could allow an authenticated user to load external plugins and execute code. IBM X-Force ID: 238805.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43581&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43581]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43581') [MISC]('https://www.ibm.com/support/pages/node/6844453') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/238805')[/TD] [/TR] [TR] [TD][LEFT]ibm -- spectrum_scale_container_native_storage_access[/LEFT][/TD] [TD][LEFT]IBM Spectrum Scale 5.1.0.1 through 5.1.4.1 could allow a local attacker to execute arbitrary commands in the container. IBM X-Force ID: 239437.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43867&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43867]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43867') [MISC]('https://www.ibm.com/support/pages/node/6844771') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/239437')[/TD] [/TR] [TR] [TD][LEFT]ibm -- sterling_secure_proxy[/LEFT][/TD] [TD][LEFT]IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 230522.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-34361&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-34361]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-34361') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/230522') [MISC]('https://www.ibm.com/support/pages/node/6844763')[/TD] [/TR] [TR] [TD][LEFT]ilias -- ilias[/LEFT][/TD] [TD][LEFT]ILIAS before 7.16 allows OS Command Injection.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45915&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45915]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45915') [MISC]('https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-ilias-elearning-platform/') [FULLDISC]('http://seclists.org/fulldisclosure/2022/Dec/7') [MISC]('http://packetstormsecurity.com/files/170181/ILIAS-eLearning-7.15-Command-Injection-XSS-LFI-Open-Redirect.html')[/TD] [/TR] [TR] [TD][LEFT]inksplat -- comic_book_management_system[/LEFT][/TD] [TD][LEFT]The Comic Book Management System WordPress plugin before 2.2.0 does not sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Admin.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3856&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3856]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3856') [MISC]('https://bulletin.iese.de/post/comicbookmanagementsystemweeklypicks_2-0-0_1/') [MISC]('https://wpscan.com/vulnerability/c0f5cf61-b3e2-440f-a185-61df360c1192')[/TD] [/TR] [TR] [TD][LEFT]ivanti -- endpoint_manager[/LEFT][/TD] [TD][LEFT]A privilege escalation vulnerability is identified in Ivanti EPM (LANDesk Management Suite) that allows a user to execute commands with elevated privileges.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-27773&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-27773]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-27773') [MISC]('https://forums.ivanti.com/s/article/Security-Advisory-for-Ivanti-Endpoint-Manager-Client-CVE-2022-27773?language=en_US')[/TD] [/TR] [TR] [TD][LEFT]ivanti -- endpoint_manager[/LEFT][/TD] [TD][LEFT]XML Injection with Endpoint Manager 2022. 3 and below causing a download of a malicious file to run and possibly execute to gain unauthorized privileges.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-35259&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-35259]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-35259') [MISC]('https://forums.ivanti.com/s/article/Security-Advisory-for-Ivanti-Endpoint-Manager-Client-CVE-2022-35259?language=en_US')[/TD] [/TR] [TR] [TD][LEFT]joinmastodon -- mastodon[/LEFT][/TD] [TD][LEFT]Mastodon through 4.0.2 allows attackers to cause a denial of service (large Sidekiq pull queue) by creating bot accounts that follow attacker-controlled accounts on certain other servers associated with a wildcard DNS A record, such that there is uncontrolled recursion of attacker-generated messages.[/LEFT][/TD] [TD][CENTER]2022-12-04[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46405&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-46405]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46405') [MISC]('https://hackmd.io/rD9nsTz1QeuPT-erxqjY-A') [MISC]('https://borg.social/notes/98bcoo2t1n')[/TD] [/TR] [TR] [TD][LEFT]jrecms -- springbootcms[/LEFT][/TD] [TD][LEFT]A vulnerability was found in SpringBootCMS and classified as critical. Affected by this issue is some unknown functionality of the component Template Management. The manipulation leads to injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-214790 is the identifier assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4282&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4282]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4282') [MISC]('https://vuldb.com/?id.214790') [MISC]('https://github.com/Ha0Liu/cveAdd/blob/developer/JreCMS%20template%20injection%20vulnerability/JreCMS%20template%20injection%20vulnerability.md')[/TD] [/TR] [TR] [TD][LEFT]kodcloud -- kodexplorer[/LEFT][/TD] [TD][LEFT]Kodexplorer is a chinese language web based file manager and browser based code editor. Versions prior to 4.50 did not prevent unauthenticated users from requesting arbitrary files from the host OS file system. As a result any files available to the host process may be accessed by arbitrary users. This issue has been addressed in version 4.50. Users are advised to upgrade. There are no known workarounds for this issue.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46154&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-46154]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46154') [MISC]('https://github.com/kalcaddle/KodExplorer/security/advisories/GHSA-6f8p-4w5q-j5j2') [MISC]('https://github.com/kalcaddle/KodExplorer/commit/1f7072c0e12150686f10ee8cda82c004f04be98c')[/TD] [/TR] [TR] [TD][LEFT]kujirahand -- nadesiko3[/LEFT][/TD] [TD][LEFT]OS command injection vulnerability in Nadesiko3 (PC Version) v3.3.61 and earlier allows a remote attacker to execute an arbitrary OS command when processing compression and decompression on the product.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41642&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41642]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41642') [MISC]('https://jvn.jp/en/jp/JVN56968681/index.html') [MISC]('https://github.com/kujirahand/nadesiko3/issues/1325') [MISC]('https://github.com/kujirahand/nadesiko3/issues/1347')[/TD] [/TR] [TR] [TD][LEFT]lazy_mouse_project -- lazy_mouse[/LEFT][/TD] [TD][LEFT]Lazy Mouse server enforces weak password requirements and doesn't implement rate limiting, allowing remote unauthenticated users to easily and quickly brute force the PIN and execute arbitrary commands. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45482&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45482]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45482') [MISC]('https://www.synopsys.com/blogs/software-security/cyrc-advisory-remote-code-execution-vulnerabilities-mouse-keyboard-apps/')[/TD] [/TR] [TR] [TD][LEFT]lzmouse -- lazy_mouse[/LEFT][/TD] [TD][LEFT]The default configuration of Lazy Mouse does not require a password, allowing remote unauthenticated users to execute arbitrary code with no prior authorization or authentication. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45481&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45481]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45481') [MISC]('https://www.synopsys.com/blogs/software-security/cyrc-advisory-remote-code-execution-vulnerabilities-mouse-keyboard-apps/')[/TD] [/TR] [TR] [TD][LEFT]maku -- maku-boot[/LEFT][/TD] [TD][LEFT]A vulnerability, which was classified as critical, was found in maku-boot up to 2.2.0. This affects the function doExecute of the file AbstractScheduleJob.java of the component Scheduled Task Handler. The manipulation leads to injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 446eb7294332efca2bfd791bc37281cedac0d0ff. It is recommended to apply a patch to fix this issue. The identifier VDB-215013 was assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4322&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4322]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4322') [N/A]('https://vuldb.com/?id.215013') [N/A]('https://gitee.com/makunet/maku-boot/issues/I5ZUYI') [N/A]('https://gitee.com/makunet/maku-boot/commit/446eb7294332efca2bfd791bc37281cedac0d0ff')[/TD] [/TR] [TR] [TD][LEFT]markdown_preview_enhanced_project -- markdown_preview_enhanced[/LEFT][/TD] [TD][LEFT]Markdown Preview Enhanced v0.6.5 and v0.19.6 for VSCode and Atom was discovered to contain a command injection vulnerability via the PDF file import function.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45025&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45025]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45025') [MISC]('https://github.com/shd101wyy/vscode-markdown-preview-enhanced/issues/639')[/TD] [/TR] [TR] [TD][LEFT]markdown_preview_enhanced_project -- markdown_preview_enhanced[/LEFT][/TD] [TD][LEFT]An issue in Markdown Preview Enhanced v0.6.5 and v0.19.6 for VSCode and Atom allows attackers to execute arbitrary commands during the GFM export process.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45026&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45026]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45026') [MISC]('https://github.com/shd101wyy/vscode-markdown-preview-enhanced/issues/640')[/TD] [/TR] [TR] [TD][LEFT]mikrotik -- routeros[/LEFT][/TD] [TD][LEFT]Mikrotik RouterOs before stable v7.5 was discovered to contain an out-of-bounds read in the hotspot process. This vulnerability allows attackers to execute arbitrary code via a crafted nova message.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45313&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45313]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45313') [MISC]('https://github.com/cq674350529/pocs_slides/blob/master/advisory/MikroTik/CVE-2022-45313/README.md')[/TD] [/TR] [TR] [TD][LEFT]mikrotik -- routeros[/LEFT][/TD] [TD][LEFT]Mikrotik RouterOs before stable v7.6 was discovered to contain an out-of-bounds read in the snmp process. This vulnerability allows attackers to execute arbitrary code via a crafted packet.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45315&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45315]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45315') [MISC]('https://github.com/cq674350529/pocs_slides/blob/master/advisory/MikroTik/CVE-2022-45315/README.md')[/TD] [/TR] [TR] [TD][LEFT]mobatek -- mobaxterm[/LEFT][/TD] [TD][LEFT]When aborting a SFTP connection, MobaXterm before v22.1 sends a hardcoded password to the server. The server treats this as an invalid login attempt which can result in a Denial of Service (DoS) for the user if services like fail2ban are used.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-38337&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-38337]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-38337') [MISC]('https://docs.ssh-mitm.at/vulnerabilities/CVE-2022-38337.html') [MISC]('https://mobaxterm.mobatek.net/download-home-edition.html')[/TD] [/TR] [TR] [TD][LEFT]mobatek -- mobaxterm[/LEFT][/TD] [TD][LEFT]An access control issue in MobaXterm before v22.1 allows attackers to make connections to the server via the SSH or SFTP protocols without authentication.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-38336&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-38336]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-38336') [MISC]('https://docs.ssh-mitm.at/vulnerabilities/CVE-2022-38336.html')[/TD] [/TR] [TR] [TD][LEFT]moxa -- uc-8580-t-lx_firmware[/LEFT][/TD] [TD][LEFT]Cradlepoint IBR600 NCOS versions 6.5.0.160bc2e and prior are vulnerable to shell escape, which enables local attackers with non-superuser credentials to gain full, unrestrictive shell access which may allow an attacker to execute arbitrary code.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3086&vector=CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3086]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3086') [MISC]('https://www.cisa.gov/uscert/ics/advisories/icsa-22-321-02')[/TD] [/TR] [TR] [TD][LEFT]nadesiko3_project -- nadesiko3[/LEFT][/TD] [TD][LEFT]OS command injection vulnerability in Nako3edit, editor component of nadesiko3 (PC Version) v3.3.74 and earlier allows a remote attacker to obtain appkey of the product and execute an arbitrary OS command on the product.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42496&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-42496]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42496') [MISC]('https://jvn.jp/en/jp/JVN56968681/index.html') [MISC]('https://github.com/kujirahand/nadesiko3/issues/1325') [MISC]('https://github.com/kujirahand/nadesiko3/issues/1347')[/TD] [/TR] [TR] [TD][LEFT]nadesiko3_project -- nadesiko3[/LEFT][/TD] [TD][LEFT]Improper check or handling of exceptional conditions vulnerability in Nako3edit, editor component of nadesiko3 (PC Version) v3.3.74 and earlier allows a remote attacker to inject an invalid value to decodeURIComponent of nako3edit, which may lead the server to crash.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41777&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41777]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41777') [MISC]('https://jvn.jp/en/jp/JVN56968681/index.html') [MISC]('https://github.com/kujirahand/nadesiko3/issues/1325') [MISC]('https://github.com/kujirahand/nadesiko3/issues/1347')[/TD] [/TR] [TR] [TD][LEFT]neutrinolabs -- xrdp[/LEFT][/TD] [TD][LEFT]xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in xrdp_login_wnd_create() function. There are no known workarounds for this issue. Users are advised to upgrade.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23468&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-23468]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23468') [MISC]('https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-8c2f-mw8m-qpx6')[/TD] [/TR] [TR] [TD][LEFT]neutrinolabs -- xrdp[/LEFT][/TD] [TD][LEFT]xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in audin_send_open() function. There are no known workarounds for this issue. Users are advised to upgrade.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23477&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-23477]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23477') [MISC]('https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-hqw2-jx2c-wrr2')[/TD] [/TR] [TR] [TD][LEFT]neutrinolabs -- xrdp[/LEFT][/TD] [TD][LEFT]xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Write in xrdp_mm_trans_process_drdynvc_channel_open() function. There are no known workarounds for this issue. Users are advised to upgrade.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23478&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-23478]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23478') [MISC]('https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-2f49-wwpm-78pj')[/TD] [/TR] [TR] [TD][LEFT]neutrinolabs -- xrdp[/LEFT][/TD] [TD][LEFT]xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in xrdp_mm_chan_data_in() function. There are no known workarounds for this issue. Users are advised to upgrade.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23479&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-23479]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23479') [MISC]('https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-pgx2-3fjj-fqqh')[/TD] [/TR] [TR] [TD][LEFT]neutrinolabs -- xrdp[/LEFT][/TD] [TD][LEFT]xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in devredir_proc_client_devlist_announce_req() function. There are no known workarounds for this issue. Users are advised to upgrade.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23480&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-23480]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23480') [MISC]('https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-3jmx-f6hv-95wg')[/TD] [/TR] [TR] [TD][LEFT]neutrinolabs -- xrdp[/LEFT][/TD] [TD][LEFT]xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Integer Overflow in xrdp_mm_process_rail_update_window_text() function. There are no known workarounds for this issue. Users are advised to upgrade.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23484&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-23484]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23484') [MISC]('https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-rqfx-5fv8-q9c6')[/TD] [/TR] [TR] [TD][LEFT]neutrinolabs -- xrdp[/LEFT][/TD] [TD][LEFT]xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in xrdp_caps_process_confirm_active() function. There are no known workarounds for this issue. Users are advised to upgrade.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23481&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-23481]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23481') [MISC]('https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-hm75-9jcg-p7hq')[/TD] [/TR] [TR] [TD][LEFT]neutrinolabs -- xrdp[/LEFT][/TD] [TD][LEFT]xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in xrdp_sec_process_mcs_data_CS_CORE() function. There are no known workarounds for this issue. Users are advised to upgrade.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23482&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-23482]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23482') [MISC]('https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-56pq-2pm9-7fhm')[/TD] [/TR] [TR] [TD][LEFT]neutrinolabs -- xrdp[/LEFT][/TD] [TD][LEFT]xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in libxrdp_send_to_channel() function. There are no known workarounds for this issue. Users are advised to upgrade.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23483&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-23483]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23483') [MISC]('https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-38rw-9ch2-fcxq')[/TD] [/TR] [TR] [TD][LEFT]neutrinolabs -- xrdp[/LEFT][/TD] [TD][LEFT]xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in xrdp_mm_trans_process_drdynvc_channel_close() function. There are no known workarounds for this issue. Users are advised to upgrade.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23493&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-23493]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23493') [MISC]('https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-59wp-3wq6-jh5v')[/TD] [/TR] [TR] [TD][LEFT]nodebb -- nodebb[/LEFT][/TD] [TD][LEFT]NodeBB is an open source Node.js based forum software. Due to a plain object with a prototype being used in socket.io message handling a specially crafted payload can be used to impersonate other users and takeover accounts. This vulnerability has been patched in version 2.6.1. Users are advised to upgrade. Users unable to upgrade may cherry-pick commit [ICODE]48d143921753914da45926cca6370a92ed0c46b8[/ICODE] into their codebase to patch the exploit.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46164&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46164]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46164') [MISC]('https://github.com/NodeBB/NodeBB/commit/48d143921753914da45926cca6370a92ed0c46b8') [MISC]('https://github.com/NodeBB/NodeBB/security/advisories/GHSA-rf3g-v8p5-p675')[/TD] [/TR] [TR] [TD][LEFT]nodejs -- node.js[/LEFT][/TD] [TD][LEFT]The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-35256&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-35256]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-35256') [MISC]('https://hackerone.com/reports/1675191')[/TD] [/TR] [TR] [TD][LEFT]nodejs -- node.js[/LEFT][/TD] [TD][LEFT]A weak randomness in WebCrypto keygen vulnerability exists in Node.js 18 due to a change with EntropySource() in SecretKeyGenTraits::DoKeyGen() in src/crypto/crypto_keygen.cc. There are two problems with this: 1) It does not check the return value, it assumes EntropySource() always succeeds, but it can (and sometimes will) fail. 2) The random data returned byEntropySource() may not be cryptographically strong and therefore not suitable as keying material.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-35255&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-35255]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-35255') [MISC]('https://hackerone.com/reports/1690000')[/TD] [/TR] [TR] [TD][LEFT]nodejs -- node.js[/LEFT][/TD] [TD][LEFT]A OS Command Injection vulnerability exists in Node.js versions <14.21.1, <16.18.1, <18.12.1, <19.0.1 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks.The fix for this issue in https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212 was incomplete and this new CVE is to complete the fix.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43548&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43548]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43548') [MISC]('https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/')[/TD] [/TR] [TR] [TD][LEFT]nokogiri -- nokogiri[/LEFT][/TD] [TD][LEFT]Nokogiri is an open source XML and HTML library for the Ruby programming language. Nokogiri [ICODE]1.13.8[/ICODE] and [ICODE]1.13.9[/ICODE] fail to check the return value from [ICODE]xmlTextReaderExpand[/ICODE] in the method [ICODE]Nokogiri::XML::Reader#attribute_hash[/ICODE]. This can lead to a null pointer exception when invalid markup is being parsed. For applications using [ICODE]XML::Reader[/ICODE] to parse untrusted inputs, this may potentially be a vector for a denial of service attack. Users are advised to upgrade to Nokogiri [ICODE]>= 1.13.10[/ICODE]. Users may be able to search their code for calls to either [ICODE]XML::Reader#attributes[/ICODE] or [ICODE]XML::Reader#attribute_hash[/ICODE] to determine if they are affected.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23476&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-23476]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23476') [MISC]('https://github.com/sparklemotion/nokogiri/commit/9fe0761c47c0d4270d1a5220cfd25de080350d50') [MISC]('https://github.com/sparklemotion/nokogiri/commit/85410e38410f670cbbc8c5b00d07b843caee88ce') [MISC]('https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-qv4q-mr5r-qprj')[/TD] [/TR] [TR] [TD][LEFT]nttdata -- terasoluna_server_framework_for_java_$rich$[/LEFT][/TD] [TD][LEFT]TERASOLUNA Global Framework 1.0.0 (Public review version) and TERASOLUNA Server Framework for Java (Rich) 2.0.0.2 to 2.0.5.1 are vulnerable to a ClassLoader manipulation vulnerability due to using the old version of Spring Framework which contains the vulnerability.The vulnerability is caused by an improper input validation issue in the binding mechanism of Spring MVC. By the application processing a specially crafted file, arbitrary code may be executed with the privileges of the application.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43484&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43484]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43484') [MISC]('http://terasolunaorg.github.io/vulnerability/cve-2022-43484.html') [MISC]('https://jvn.jp/en/jp/JVN54728399/index.html') [MISC]('https://osdn.net/projects/terasoluna/wiki/cve-2022-43484')[/TD] [/TR] [TR] [TD][LEFT]offis -- dcmtk[/LEFT][/TD] [TD][LEFT]DCMTK v3.6.7 was discovered to contain a memory leak via the T_ASC_Association object.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43272&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-43272]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43272') [MISC]('https://github.com/songxpu/bug_report/tree/master/DCMTK/memory_leak_in_3.6.7') [MISC]('https://www.wolai.com/vaVuMxU4gGqFakbzvc9NYw')[/TD] [/TR] [TR] [TD][LEFT]omron -- cx-programmer[/LEFT][/TD] [TD][LEFT]Use-after free vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43508&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43508]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43508') [MISC]('https://jvn.jp/vu/JVNVU92877622/index.html') [MISC]('https://jvn.jp/en/vu/JVNVU92877622/index.html')[/TD] [/TR] [TR] [TD][LEFT]omron -- cx-programmer[/LEFT][/TD] [TD][LEFT]Out-of-bounds write vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43509&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43509]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43509') [MISC]('https://jvn.jp/vu/JVNVU92877622/index.html') [MISC]('https://jvn.jp/en/vu/JVNVU92877622/index.html')[/TD] [/TR] [TR] [TD][LEFT]omron -- cx-programmer[/LEFT][/TD] [TD][LEFT]Stack-based buffer overflow vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43667&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43667]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43667') [MISC]('https://jvn.jp/vu/JVNVU92877622/index.html') [MISC]('https://jvn.jp/en/vu/JVNVU92877622/index.html')[/TD] [/TR] [TR] [TD][LEFT]online_leave_management_system_project -- online_leave_management_system[/LEFT][/TD] [TD][LEFT]Online Leave Management System v1.0 was discovered to contain an arbitrary file upload vulnerability at /leave_system/classes/SystemSettings.php?f=update_settings. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45009&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45009]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45009') [MISC]('https://github.com/realguoxiufeng/bug_report/blob/main/vendors/oretnom23/Online%20Leave%20Management%20System/UPLOAD.md')[/TD] [/TR] [TR] [TD][LEFT]paddlepaddle -- paddlepaddle[/LEFT][/TD] [TD][LEFT]Code injection in paddle.audio.functional.get_window in PaddlePaddle 2.4.0-rc0 allows arbitrary code execution.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46742&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46742]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46742') [MISC]('https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2022-002.md')[/TD] [/TR] [TR] [TD][LEFT]paddlepaddle -- paddlepaddle[/LEFT][/TD] [TD][LEFT]Out-of-bounds read in gather_tree in PaddlePaddle before 2.4.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46741&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-46741]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46741') [MISC]('https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2022-001.md')[/TD] [/TR] [TR] [TD][LEFT]passeo_project -- passeo[/LEFT][/TD] [TD][LEFT]Passeo is an open source python password generator. Versions prior to 1.0.5 rely on the python [ICODE]random[/ICODE] library for random value selection. The python [ICODE]random[/ICODE] library warns that it should not be used for security purposes due to its reliance on a non-cryptographically secure random number generator. As a result a motivated attacker may be able to guess generated passwords. This issue has been addressed in version 1.0.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23472&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-23472]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23472') [MISC]('https://github.com/ArjunSharda/Passeo/security/advisories/GHSA-mhhf-vgwh-fw9h') [MISC]('https://github.com/ArjunSharda/Passeo/commit/8caa798b6bc4647dca59b2376204b6dc6176361a') [MISC]('https://peps.python.org/pep-0506/')[/TD] [/TR] [TR] [TD][LEFT]pdfmake_project -- pdfmake[/LEFT][/TD] [TD][LEFT]pdfmake is an open source client/server side PDF printing in pure JavaScript. In versions up to and including 0.2.5 pdfmake contains an unsafe evaluation of user controlled input. Users of pdfmake are thus subject to arbitrary code execution in the context of the process running the pdfmake code. There are no known fixes for this issue. Users are advised to restrict access to trusted user input.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46161&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46161]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46161') [MISC]('https://securitylab.github.com/advisories/GHSL-2022-068_pdfmake/') [MISC]('https://github.com/bpampuch/pdfmake/blob/802813970ac6de68a0bd0931b74150b33da0dd18/dev-playground/server.js#L32')[/TD] [/TR] [TR] [TD][LEFT]postmagthemes -- postmagthemes_demo_import[/LEFT][/TD] [TD][LEFT]The PostmagThemes Demo Import WordPress plugin through 1.0.7 does not validate the imported file, allowing high-privilege users such as admin to upload arbitrary files (such as PHP) leading to RCE.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-1540&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-1540]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-1540') [MISC]('https://wpscan.com/vulnerability/77a524d8-0b1a-407a-98d2-d8d0ed78fa0f')[/TD] [/TR] [TR] [TD][LEFT]premio -- chaty[/LEFT][/TD] [TD][LEFT]The Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line, WeChat, Email, SMS, Call Button WordPress plugin before 3.0.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3858&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3858]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3858') [MISC]('https://wpscan.com/vulnerability/d251b6c1-602b-4d72-9d6a-bf5d5ec541ec')[/TD] [/TR] [TR] [TD][LEFT]proofpoint -- enterprise_protection[/LEFT][/TD] [TD][LEFT]The Admin Smart Search feature in Proofpoint Enterprise Protection (PPS/PoD) contains a stored cross-site scripting vulnerability that enables an anonymous email sender to gain admin privileges within the user interface. This affects all versions 8.19.0 and below.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][9.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46332&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46332]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46332') [MISC]('https://www.proofpoint.com/security/security-advisories/pfpt-sa-2022-0002')[/TD] [/TR] [TR] [TD][LEFT]proofpoint -- enterprise_protection[/LEFT][/TD] [TD][LEFT]The admin user interface in Proofpoint Enterprise Protection (PPS/PoD) contains a command injection vulnerability that enables an admin to execute commands beyond their allowed scope. This affects all versions 8.19.0 and below.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46333&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46333]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46333') [MISC]('https://www.proofpoint.com/security/security-advisories/pfpt-sa-2022-0003')[/TD] [/TR] [TR] [TD][LEFT]protocol -- libp2p[/LEFT][/TD] [TD][LEFT]libp2p-rust is the official rust language Implementation of the libp2p networking stack. In versions prior to 0.45.1 an attacker node can cause a victim node to allocate a large number of small memory chunks, which can ultimately lead to the victim’s process running out of memory and thus getting killed by its operating system. When executed continuously, this can lead to a denial of service attack, especially relevant on a larger scale when run against more than one node of a libp2p based network. Users are advised to upgrade to [ICODE]libp2p[/ICODE] [ICODE]v0.45.1[/ICODE] or above. Users unable to upgrade should reference the DoS Mitigation page for more information on how to incorporate mitigation strategies, monitor their application, and respond to attacks: https://docs.libp2p.io/reference/dos-mitigation/ .[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23486&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-23486]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23486') [MISC]('https://github.com/libp2p/rust-libp2p/security/advisories/GHSA-jvgw-gccv-q5p8')[/TD] [/TR] [TR] [TD][LEFT]protocol -- libp2p[/LEFT][/TD] [TD][LEFT]js-libp2p is the official javascript Implementation of libp2p networking stack. Versions older than [ICODE]v0.38.0[/ICODE] of js-libp2p are vulnerable to targeted resource exhaustion attacks. These attacks target libp2p’s connection, stream, peer, and memory management. An attacker can cause the allocation of large amounts of memory, ultimately leading to the process getting killed by the host’s operating system. While a connection manager tasked with keeping the number of connections within manageable limits has been part of js-libp2p, this component was designed to handle the regular churn of peers, not a targeted resource exhaustion attack. Users are advised to update their js-libp2p dependency to [ICODE]v0.38.0[/ICODE] or greater. There are no known workarounds for this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23487&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-23487]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23487') [MISC]('https://github.com/libp2p/js-libp2p/security/advisories/GHSA-f44q-634c-jvwv')[/TD] [/TR] [TR] [TD][LEFT]protocol -- libp2p[/LEFT][/TD] [TD][LEFT]go-libp2p is the offical libp2p implementation in the Go programming language. Version [ICODE]0.18.0[/ICODE] and older of go-libp2p are vulnerable to targeted resource exhaustion attacks. These attacks target libp2p’s connection, stream, peer, and memory management. An attacker can cause the allocation of large amounts of memory, ultimately leading to the process getting killed by the host’s operating system. While a connection manager tasked with keeping the number of connections within manageable limits has been part of go-libp2p, this component was designed to handle the regular churn of peers, not a targeted resource exhaustion attack. Users are advised to upgrade their version of go-libp2p to version [ICODE]0.18.1[/ICODE] or newer. Users unable to upgrade may consult the denial of service (dos) mitigation page for more information on how to incorporate mitigation strategies, monitor your application, and respond to attacks.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23492&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-23492]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23492') [MISC]('https://docs.libp2p.io/reference/dos-mitigation/') [MISC]('https://github.com/libp2p/go-libp2p/security/advisories/GHSA-j7qp-mfxf-8xjw') [MISC]('https://github.com/libp2p/go-libp2p/commit/15d7dfbf54264ead8e6f49ca658d79c90635e2de')[/TD] [/TR] [TR] [TD][LEFT]proxmox -- proxmox_mail_gateway[/LEFT][/TD] [TD][LEFT]Proxmox Virtual Environment (PVE) and Proxmox Mail Gateway (PMG) are vulnerable to SSRF when proxying HTTP requests between pve(pmg)proxy and pve(pmg)daemon. An attacker with an unprivileged account can craft an HTTP request to achieve SSRF and file disclosure of any files on the server. Also, in Proxmox Mail Gateway, privilege escalation to the root@pam account is possible if the backup feature has ever been used, because backup files such as pmg-backup_YYYY_MM_DD_*.tgz have 0644 permissions and contain an authkey value. This is fixed in pve-http-server 4.1-3.[/LEFT][/TD] [TD][CENTER]2022-12-04[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-35508&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-35508]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-35508') [MISC]('https://git.proxmox.com/?p=pve-http-server.git;a=commitdiff;h=c2bd69c7b5e9c775f96021cf8ae53da3dbd9029d') [MISC]('https://git.proxmox.com/?p=pve-http-server.git;a=commitdiff;h=580d540ea907ba15f64379c5bb69ecf1a49a875f') [MISC]('https://git.proxmox.com/?p=pve-http-server.git;a=commitdiff;h=e9df8a6e76b2a18f89295a5d92a62177bbf0f762') [MISC]('https://starlabs.sg/blog/2022/12-multiple-vulnerabilites-in-proxmox-ve--proxmox-mail-gateway/')[/TD] [/TR] [TR] [TD][LEFT]proxmox -- proxmox_mail_gateway[/LEFT][/TD] [TD][LEFT]A response-header CRLF injection vulnerability in the Proxmox Virtual Environment (PVE) and Proxmox Mail Gateway (PMG) web interface allows a remote attacker to set cookies for a victim's browser that are longer than the server expects, causing a client-side DoS. This affects Chromium-based browsers because they allow injection of response headers with %0d. This is fixed in pve-http-server 4.1-3.[/LEFT][/TD] [TD][CENTER]2022-12-04[/CENTER][/TD] [TD][CENTER][7.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-35507&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H')[/CENTER][/TD] [TD][CVE-2022-35507]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-35507') [MISC]('https://git.proxmox.com/?p=pve-http-server.git;a=commitdiff;h=936007ae0241811093155000486da171379c23c2') [MISC]('https://starlabs.sg/blog/2022/12-multiple-vulnerabilites-in-proxmox-ve--proxmox-mail-gateway/')[/TD] [/TR] [TR] [TD][LEFT]pulsesecure -- pulse_connect_secure[/LEFT][/TD] [TD][LEFT]An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure (ICS) in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure (IPS) in versions prior to 9.1R17 and 22.3R1, and Ivanti Neurons for Zero-Trust Access in versions prior to 22.3R1.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-35254&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-35254]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-35254') [MISC]('https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA45520/?kA23Z000000GH5OSAW')[/TD] [/TR] [TR] [TD][LEFT]pulsesecure -- pulse_connect_secure[/LEFT][/TD] [TD][LEFT]An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure (ICS) in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure (IPS) in versions prior to 9.1R17 and 22.3R1, and Ivanti Neurons for Zero-Trust Access in versions prior to 22.3R1.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-35258&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-35258]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-35258') [MISC]('https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA45520/?kA23Z000000GH5OSAW')[/TD] [/TR] [TR] [TD][LEFT]pwndoc_project -- pwndoc[/LEFT][/TD] [TD][LEFT]An issue in the /api/audits component of Pwndoc v0.5.3 allows attackers to escalate privileges and execute arbitrary code via uploading a crafted audit file.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45771&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45771]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45771') [MISC]('https://github.com/pwndoc/pwndoc') [MISC]('https://github.com/pwndoc/pwndoc/issues/401')[/TD] [/TR] [TR] [TD][LEFT]py7zr_project -- py7zr[/LEFT][/TD] [TD][LEFT]A directory traversal vulnerability in the SevenZipFile.extractall() function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files via extracting a crafted 7z file.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44900&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-44900]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44900') [MISC]('https://github.com/miurahr/py7zr/commit/1bb43f17515c7f69673a1c88ab9cc72a7bbef406') [MISC]('http://packetstormsecurity.com/files/170127/py7zr-0.20.0-Directory-Traversal.html') [MISC]('https://lessonsec.com/cve/cve-2022-44900/')[/TD] [/TR] [TR] [TD][LEFT]quarkus -- quarkus[/LEFT][/TD] [TD][LEFT]Quarkus CORS filter allows simple GET and POST requests with invalid Origin to proceed. Simple GET or POST requests made with XMLHttpRequest are the ones which have no event listeners registered on the object returned by the XMLHttpRequest upload property and have no ReadableStream object used in the request.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4147&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4147]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4147') [MISC]('https://access.redhat.com/security/cve/CVE-2022-4147')[/TD] [/TR] [TR] [TD][LEFT]rack_project -- rack[/LEFT][/TD] [TD][LEFT]A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][10]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-30123&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-30123]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-30123') [MISC]('https://discuss.rubyonrails.org/t/cve-2022-30123-possible-shell-escape-sequence-injection-vulnerability-in-rack/80728')[/TD] [/TR] [TR] [TD][LEFT]rack_project -- rack[/LEFT][/TD] [TD][LEFT]A possible denial of service vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 in the multipart parsing component of Rack.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-30122&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-30122]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-30122') [MISC]('https://discuss.rubyonrails.org/t/cve-2022-30122-denial-of-service-vulnerability-in-rack-multipart-parsing/80729')[/TD] [/TR] [TR] [TD][LEFT]rackn -- digital_rebar[/LEFT][/TD] [TD][LEFT]RackN Digital Rebar through 4.6.14, 4.7 through 4.7.22, 4.8 through 4.8.5, 4.9 through 4.9.12, and 4.10 through 4.10.8 has exposed a privileged token via a public API endpoint (Incorrect Access Control). The token can be used to escalate privileges within the Digital Rebar system and grant full administrative access.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46383&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46383]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46383') [MISC]('https://docs.rackn.io/en/latest/doc/security/cve_2022_46383.html') [MISC]('https://rackn.com/products/rebar/')[/TD] [/TR] [TR] [TD][LEFT]rackn -- digital_rebar[/LEFT][/TD] [TD][LEFT]RackN Digital Rebar through 4.6.14, 4.7 through 4.7.22, 4.8 through 4.8.5, 4.9 through 4.9.12, and 4.10 through 4.10.8 has Insecure Permissions. After signing into Digital Rebar, users are issued authentication tokens tied to their account to perform actions within Digital Rebar. During the validation process of these tokens, Digital Rebar did not check if the user account still exists. Deleted Digital Rebar users could still use their tokens to perform actions within Digital Rebar.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46382&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46382]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46382') [MISC]('https://rackn.com/products/rebar/')[/TD] [/TR] [TR] [TD][LEFT]redmine -- redmine[/LEFT][/TD] [TD][LEFT]Redmine 5.x before 5.0.4 allows downloading of file attachments of any Issue or any Wiki page due to insufficient permission checks. Depending on the configuration, this may require login as a registered user.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44030&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-44030]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44030') [MISC]('https://www.redmine.org/projects/redmine/wiki/Security_Advisories') [MISC]('https://www.redmine.org/news/139')[/TD] [/TR] [TR] [TD][LEFT]rukovoditel -- rukovoditel[/LEFT][/TD] [TD][LEFT]Rukovoditel v3.2.1 was discovered to contain a SQL injection vulnerability via the heading_field_id parameter.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44945&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44945]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44945') [MISC]('https://github.com/anhdq201/rukovoditel/issues/16') [MISC]('http://rukovoditel.com')[/TD] [/TR] [TR] [TD][LEFT]rukovoditel -- rukovoditel[/LEFT][/TD] [TD][LEFT]Rukovoditel v3.2.1 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability in the component /rukovoditel/index.php?module=users/login. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45020&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:H')[/CENTER][/TD] [TD][CVE-2022-45020]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45020') [MISC]('https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/rukovoditel.net/2022/rukovoditel-3.2.1')[/TD] [/TR] [TR] [TD][LEFT]samsung -- exynos_firmware[/LEFT][/TD] [TD][LEFT]Improper authorization in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to get sensitive information including IMEI via emergency call.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39902&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-39902]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39902') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=12')[/TD] [/TR] [TR] [TD][LEFT]sangoma -- asterisk[/LEFT][/TD] [TD][LEFT]In Sangoma Asterisk through 16.28.0, 17.x and 18.x through 18.14.0, and 19.x through 19.6.0, an incoming Setup message to addons/ooh323c/src/ooq931.c with a malformed Calling or Called Party IE can cause a crash.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37325&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-37325]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37325') [MISC]('https://downloads.asterisk.org/pub/security/AST-2022-007.html')[/TD] [/TR] [TR] [TD][LEFT]sanitization_management_system_project -- sanitization_management_system[/LEFT][/TD] [TD][LEFT]Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/?page=services/view_service&id=.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44393&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44393]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44393') [MISC]('https://github.com/Serces-X/vul_report/blob/main/vendors/oretnom23/Sanitization-Management-System/SQLi-1.md')[/TD] [/TR] [TR] [TD][LEFT]seagate -- stcg2000300_firmware[/LEFT][/TD] [TD][LEFT]The web-management application on Seagate Central NAS STCG2000300, STCG3000300, and STCG4000300 devices allows OS command injection via mv_backend_launch in cirrus/application/helpers/mv_backend_helper.php by leveraging the "start" state and sending a check_device_name request.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-6627&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2020-6627]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-6627') [MISC]('https://www.invictuseurope.com/blog/') [MISC]('https://pentest.blog/advisory-seagate-central-storage-remote-code-execution/') [MISC]('https://github.com/rapid7/metasploit-framework/pull/12844')[/TD] [/TR] [TR] [TD][LEFT]secomea -- gatemanager[/LEFT][/TD] [TD][LEFT]Improper Input Validation of plugin files in Administrator Interface of Secomea GateManager allows a server administrator to inject code into the GateManager interface. This issue affects: Secomea GateManager versions prior to 10.0.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-38123&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-38123]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-38123') [MISC]('https://www.secomea.com/support/cybersecurity-advisory/')[/TD] [/TR] [TR] [TD][LEFT]simple-git_project -- simple-git[/LEFT][/TD] [TD][LEFT]The package simple-git before 3.15.0 are vulnerable to Remote Code Execution (RCE) when enabling the ext transport protocol, which makes it exploitable via clone() method. This vulnerability exists due to an incomplete fix of [CVE-2022-24066](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-2434306).[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-25912&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-25912]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-25912') [CONFIRM]('https://github.com/steveukx/git-js/commit/774648049eb3e628379e292ea172dccaba610504') [CONFIRM]('https://github.com/steveukx/git-js/releases/tag/simple-git%403.15.0') [CONFIRM]('https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3153532') [CONFIRM]('https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-3112221') [CONFIRM]('https://github.com/steveukx/git-js/blob/main/docs/PLUGIN-UNSAFE-ACTIONS.md%23overriding-allowed-protocols')[/TD] [/TR] [TR] [TD][LEFT]simple_phone_book\/directory_web_app_project -- simple_phone_book\/directory_web_app[/LEFT][/TD] [TD][LEFT]Simple Phone Book/Directory Web App v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter at /PhoneBook/edit.php.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45010&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45010]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45010') [MISC]('https://github.com/realguoxiufeng/bug_report/blob/main/vendors/bakhtiar/Simple%20Phone%20book_directory%20Web%20App/SQLi-1.md')[/TD] [/TR] [TR] [TD][LEFT]skycaiji -- skycaiji[/LEFT][/TD] [TD][LEFT]Skycaiji v2.5.1 was discovered to contain a deserialization vulnerability via /SkycaijiApp/admin/controller/Mystore.php.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44351&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44351]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44351') [MISC]('https://github.com/zorlan/skycaiji/issues/46')[/TD] [/TR] [TR] [TD][LEFT]slims -- senayan_library_management_system[/LEFT][/TD] [TD][LEFT]SLiMS 9 Bulian v9.5.0 was discovered to contain a SQL injection vulnerability via the keywords parameter.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45019&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-45019]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45019') [MISC]('https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/slims.web.id/SLIMS-9.5.0')[/TD] [/TR] [TR] [TD][LEFT]stackstorm -- stackstorm[/LEFT][/TD] [TD][LEFT]Improper access control in Key-Value RBAC in StackStorm version 3.7.0 didn't check the permissions in Jinja filters, allowing attackers to access K/V pairs of other users, potentially leading to the exposure of sensitive Information.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44009&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-44009]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44009') [MISC]('https://stackstorm.com/2022/12/v3-8-0-released/')[/TD] [/TR] [TR] [TD][LEFT]swiftterm_project -- swiftterm[/LEFT][/TD] [TD][LEFT]SwiftTerm is a Xterm/VT100 Terminal emulator. Prior to commit a94e6b24d24ce9680ad79884992e1dff8e150a31, an attacker could modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. Version a94e6b24d24ce9680ad79884992e1dff8e150a31 contains a patch for this issue. There are no known workarounds available.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23465&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-23465]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23465') [MISC]('https://github.com/migueldeicaza/SwiftTerm/security/advisories/GHSA-jq43-q8mx-r7mq') [MISC]('https://github.com/migueldeicaza/SwiftTerm/commit/a94e6b24d24ce9680ad79884992e1dff8e150a31')[/TD] [/TR] [TR] [TD][LEFT]syncee -- syncee_-_global_dropshipping[/LEFT][/TD] [TD][LEFT]The Syncee WordPress plugin before 1.0.10 leaks the administrator token that can be used to take over the administrator's account.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3694&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-3694]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3694') [MISC]('https://wpscan.com/vulnerability/ad12bab7-9baf-4646-a93a-0d3286407c1e')[/TD] [/TR] [TR] [TD][LEFT]telepad-app -- telepad[/LEFT][/TD] [TD][LEFT]Telepad allows remote unauthenticated users to send instructions to the server to execute arbitrary code without any previous authorization or authentication. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45477&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45477]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45477') [MISC]('https://www.synopsys.com/blogs/software-security/cyrc-advisory-remote-code-execution-vulnerabilities-mouse-keyboard-apps/')[/TD] [/TR] [TR] [TD][LEFT]telos -- omnia_mpx_node_firmware[/LEFT][/TD] [TD][LEFT]Insecure permissions in Telos Alliance Omnia MPX Node v1.0.0 to v1.4.9 allow attackers to manipulate and access system settings with backdoor account low privilege, this can lead to change hardware settings and execute arbitrary commands in vulnerable system functions that is requires high privilege to access.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45562&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45562]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45562') [MISC]('https://cyber-guy.gitbook.io/cyber-guys-blog/pocs/cve-2022-45562')[/TD] [/TR] [TR] [TD][LEFT]telosalliance -- omnia_mpx_node_firmware[/LEFT][/TD] [TD][LEFT]An unauthenticated command injection vulnerability in the product license validation function of Telos Alliance Omnia MPX Node 1.3.* - 1.4.* allows attackers to execute arbitrary commands via a crafted payload injected into the license input.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43325&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43325]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43325') [MISC]('https://cyber-guy.gitbook.io/cyber-guys-blog/pocs/cve-2022-43325')[/TD] [/TR] [TR] [TD][LEFT]tenda -- a18_firmware[/LEFT][/TD] [TD][LEFT]Tenda A18 v15.13.07.09 was discovered to contain a stack overflow via the security_5g parameter at /goform/WifiBasicSet.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44931&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-44931]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44931') [MISC]('https://github.com/z1r00/IOT_Vul/blob/main/Tenda/A18/formWifiBasicSet/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- a18_firmware[/LEFT][/TD] [TD][LEFT]An access control issue in Tenda A18 v15.13.07.09 allows unauthenticated attackers to access the Telnet service.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44932&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-44932]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44932') [MISC]('https://github.com/z1r00/IOT_Vul/blob/main/Tenda/A18/TendaTelnet/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ac6_firmware[/LEFT][/TD] [TD][LEFT]Tenda AC6V1.0 V15.03.05.19 is vulnerable to Buffer Overflow via formSetMacFilterCfg.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45641&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45641]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45641') [MISC]('https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/formSetMacFilterCfg/formSetMacFilterCfg.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- i21_firmware[/LEFT][/TD] [TD][LEFT]Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/AddSysLogRule.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44362&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44362]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44362') [MISC]('https://github.com/Double-q1015/CVE-vulns/blob/main/Tenda/i21/formAddSysLogRule/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- i21_firmware[/LEFT][/TD] [TD][LEFT]Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setSnmpInfo.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44363&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44363]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44363') [MISC]('https://github.com/Double-q1015/CVE-vulns/blob/main/Tenda/i21/formSetSnmpInfo/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- i21_firmware[/LEFT][/TD] [TD][LEFT]Tenda i21 V1.0.0.14(4656) has a stack overflow vulnerability via /goform/setSysPwd.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44365&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44365]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44365') [MISC]('https://github.com/Double-q1015/CVE-vulns/blob/main/Tenda/i21/formSetSysPwd/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- i21_firmware[/LEFT][/TD] [TD][LEFT]Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setDiagnoseInfo.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44366&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44366]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44366') [MISC]('https://github.com/Double-q1015/CVE-vulns/blob/main/Tenda/i21/formSetDiagnoseInfo/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- i21_firmware[/LEFT][/TD] [TD][LEFT]Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setUplinkInfo.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44367&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44367]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44367') [MISC]('https://github.com/Double-q1015/CVE-vulns/blob/main/Tenda/i21/formSetUplinkInfo/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- i22_firmware[/LEFT][/TD] [TD][LEFT]Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterSet function.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45663&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45663]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45663') [MISC]('https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_i22/formWifiMacFilterSet/formWifiMacFilterSet.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- i22_firmware[/LEFT][/TD] [TD][LEFT]Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDget function.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45664&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45664]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45664') [MISC]('https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_i22/formwrlSSIDget/formWifiMacFilterGet.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- i22_firmware[/LEFT][/TD] [TD][LEFT]Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterGet function.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45669&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45669]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45669') [MISC]('https://github.com/ConfusedChenSir/VulnerabilityProjectRecords/blob/main/formWifiMacFilterGet/formWifiMacFilterGet.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- i22_firmware[/LEFT][/TD] [TD][LEFT]Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the ping1 parameter in the formSetAutoPing function.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45670&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45670]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45670') [MISC]('https://github.com/ConfusedChenSir/VulnerabilityProjectRecords/blob/main/formSetAutoPing_ping1/formSetAutoPing_ping1.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- i22_firmware[/LEFT][/TD] [TD][LEFT]Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the appData parameter in the formSetAppFilterRule function.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45671&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45671]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45671') [MISC]('https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_i22/formSetAppFilterRule/formSetAppFilterRule.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- i22_firmware[/LEFT][/TD] [TD][LEFT]Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the formWx3AuthorizeSet function.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45672&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45672]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45672') [MISC]('https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_i22/formWx3AuthorizeSet/formWx3AuthorizeSet.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- w30e_firmware[/LEFT][/TD] [TD][LEFT]Tenda W30E v1.0.1.25(633) was discovered to contain a command injection vulnerability via the fileNameMit parameter at /goform/delFileName.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45506&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45506]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45506') [MISC]('https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W30E/delFileName/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- w30e_firmware[/LEFT][/TD] [TD][LEFT]Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the cmdinput parameter at /goform/exeCommand.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45505&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45505]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45505') [MISC]('https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W30E/exeCommand/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- w30e_firmware[/LEFT][/TD] [TD][LEFT]Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the editNameMit parameter at /goform/editFileName.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45507&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45507]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45507') [MISC]('https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W30E/editFileName/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- w30e_firmware[/LEFT][/TD] [TD][LEFT]Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the new_account parameter at /goform/editUserName.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45508&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45508]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45508') [MISC]('https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W30E/editUserName/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- w30e_firmware[/LEFT][/TD] [TD][LEFT]Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the account parameter at /goform/addUserName.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45509&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45509]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45509') [MISC]('https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W30E/addUserName/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- w30e_firmware[/LEFT][/TD] [TD][LEFT]Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the mit_ssid_index parameter at /goform/AdvSetWrlsafeset.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45510&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45510]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45510') [MISC]('https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W30E/AdvSetWrlsafeset/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- w30e_firmware[/LEFT][/TD] [TD][LEFT]Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the PPPOEPassword parameter at /goform/QuickIndex.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45511&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45511]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45511') [MISC]('https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W30E/QuickIndex/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- w30e_firmware[/LEFT][/TD] [TD][LEFT]Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/SafeEmailFilter.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45512&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45512]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45512') [MISC]('https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W30E/SafeEmailFilter/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- w30e_firmware[/LEFT][/TD] [TD][LEFT]Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/P2pListFilter.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45513&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45513]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45513') [MISC]('https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W30E/P2pListFilter/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- w30e_firmware[/LEFT][/TD] [TD][LEFT]Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/webExcptypemanFilter.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45514&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45514]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45514') [MISC]('https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W30E/webExcptypemanFilter/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- w30e_firmware[/LEFT][/TD] [TD][LEFT]Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the entries parameter at /goform/addressNat.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45515&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45515]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45515') [MISC]('https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W30E/addressNat/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- w30e_firmware[/LEFT][/TD] [TD][LEFT]Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/NatStaticSetting.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45516&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45516]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45516') [MISC]('https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W30E/NatStaticSetting/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- w30e_firmware[/LEFT][/TD] [TD][LEFT]Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/VirtualSer.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45517&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45517]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45517') [MISC]('https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W30E/VirtualSer/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- w30e_firmware[/LEFT][/TD] [TD][LEFT]Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/SetIpBind.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45518&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45518]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45518') [MISC]('https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W30E/SetIpBind/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- w30e_firmware[/LEFT][/TD] [TD][LEFT]Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the Go parameter at /goform/SafeMacFilter.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45519&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45519]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45519') [MISC]('https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W30E/SafeMacFilter/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- w30e_firmware[/LEFT][/TD] [TD][LEFT]Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/qossetting.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45520&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45520]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45520') [MISC]('https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W30E/qossetting/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- w30e_firmware[/LEFT][/TD] [TD][LEFT]Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/SafeUrlFilter.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45521&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45521]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45521') [MISC]('https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W30E/SafeUrlFilter/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- w30e_firmware[/LEFT][/TD] [TD][LEFT]Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/SafeClientFilter.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45522&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45522]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45522') [MISC]('https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W30E/SafeClientFilter/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- w30e_firmware[/LEFT][/TD] [TD][LEFT]Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/L7Im.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45523&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45523]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45523') [MISC]('https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W30E/L7Im/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- w30e_firmware[/LEFT][/TD] [TD][LEFT]Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the opttype parameter at /goform/IPSECsave.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45524&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45524]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45524') [MISC]('https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W30E/IPSECsave/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- w30e_firmware[/LEFT][/TD] [TD][LEFT]Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the downaction parameter at /goform/CertListInfo.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45525&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45525]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45525') [MISC]('https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W30E/CertListInfo/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- w6-s_firmware[/LEFT][/TD] [TD][LEFT]Tenda W6-S v1.0.0.4(510) was discovered to contain a command injection vulnerability in the tpi_get_ping_output function at /goform/exeCommand.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45497&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45497]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45497') [MISC]('https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W6-S/exeCommand/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- w6-s_firmware[/LEFT][/TD] [TD][LEFT]An issue in the component tpi_systool_handle(0) (/goform/SysToolReboot) of Tenda W6-S v1.0.0.4(510) allows unauthenticated attackers to arbitrarily reboot the device.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45498&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45498]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45498') [MISC]('https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W6-S/SysToolReboot/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- w6-s_firmware[/LEFT][/TD] [TD][LEFT]Tenda W6-S v1.0.0.4(510) was discovered to contain a stack overflow via the wl_radio parameter at /goform/WifiMacFilterGet.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45499&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45499]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45499') [MISC]('https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W6-S/WifiMacFilterGet/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- w6-s_firmware[/LEFT][/TD] [TD][LEFT]Tenda W6-S v1.0.0.4(510) was discovered to contain a stack overflow via the wl_radio parameter at /goform/wifiSSIDset.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45501&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45501]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45501') [MISC]('https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W6-S/wifiSSIDset/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- w6-s_firmware[/LEFT][/TD] [TD][LEFT]Tenda W6-S v1.0.0.4(510) was discovered to contain a stack overflow via the linkEn parameter at /goform/setAutoPing.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45503&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45503]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45503') [MISC]('https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W6-S/setAutoPing/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- w6-s_firmware[/LEFT][/TD] [TD][LEFT]An issue in the component tpi_systool_handle(0) (/goform/SysToolRestoreSet) of Tenda W6-S v1.0.0.4(510) allows unauthenticated attackers to arbitrarily reboot the device.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45504&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45504]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45504') [MISC]('https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W6-S/SysToolRestoreSet/readme.md')[/TD] [/TR] [TR] [TD][LEFT]tendacn -- ac6_firmware[/LEFT][/TD] [TD][LEFT]Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceId parameter in the addWifiMacFilter function.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45643&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45643]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45643') [MISC]('https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/addWifiMacFilter_deviceId/addWifiMacFilter_deviceId.md')[/TD] [/TR] [TR] [TD][LEFT]tendacn -- ac6_firmware[/LEFT][/TD] [TD][LEFT]Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceId parameter in the formSetClientState function.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45644&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45644]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45644') [MISC]('https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/formSetClientState_deviceId/formSetClientState_deviceId.md')[/TD] [/TR] [TR] [TD][LEFT]tendacn -- ac6_firmware[/LEFT][/TD] [TD][LEFT]Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceMac parameter in the addWifiMacFilter function.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45645&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45645]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45645') [MISC]('https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/addWifiMacFilter_deviceMac/addWifiMacFilter_derviceMac.md')[/TD] [/TR] [TR] [TD][LEFT]tendacn -- ac6_firmware[/LEFT][/TD] [TD][LEFT]Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the limitSpeedUp parameter in the formSetClientState function.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45646&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45646]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45646') [MISC]('https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/formSetClientState_limitSpeedUp/formSetClientState_limitSpeed.md')[/TD] [/TR] [TR] [TD][LEFT]tendacn -- ac6_firmware[/LEFT][/TD] [TD][LEFT]Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the limitSpeed parameter in the formSetClientState function.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45647&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45647]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45647') [MISC]('https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/formSetClientState_limitSpeed/formSetClientState_limitSpeed.md')[/TD] [/TR] [TR] [TD][LEFT]tendacn -- ac6_firmware[/LEFT][/TD] [TD][LEFT]Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the devName parameter in the formSetDeviceName function.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45648&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45648]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45648') [MISC]('https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/formSetDeviceName/formSetDeviceName.md')[/TD] [/TR] [TR] [TD][LEFT]tendacn -- ac6_firmware[/LEFT][/TD] [TD][LEFT]Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the endIp parameter in the formSetPPTPServer function.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45649&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45649]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45649') [MISC]('https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/formSetPPTPServer_endIp/formSetPPTPServer_endIp.md')[/TD] [/TR] [TR] [TD][LEFT]tendacn -- ac6_firmware[/LEFT][/TD] [TD][LEFT]Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the firewallEn parameter in the formSetFirewallCfg function.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45650&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45650]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45650') [MISC]('https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/formSetFirewallCfg/formSetFirewallCfg.md')[/TD] [/TR] [TR] [TD][LEFT]tendacn -- ac6_firmware[/LEFT][/TD] [TD][LEFT]Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the list parameter in the formSetVirtualSer function.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45651&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45651]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45651') [MISC]('https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/formSetVirtualSer/formSetVirtualSer.md')[/TD] [/TR] [TR] [TD][LEFT]tendacn -- ac6_firmware[/LEFT][/TD] [TD][LEFT]Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the startIp parameter in the formSetPPTPServer function.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45652&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45652]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45652') [MISC]('https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/formSetPPTPServer_startIp/formSetPPTPServer_startIp.md')[/TD] [/TR] [TR] [TD][LEFT]tendacn -- ac6_firmware[/LEFT][/TD] [TD][LEFT]Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the page parameter in the fromNatStaticSetting function.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45653&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45653]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45653') [MISC]('https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/fromNatStaticSetting/fromNatStaticSetting_page.md')[/TD] [/TR] [TR] [TD][LEFT]tendacn -- ac6_firmware[/LEFT][/TD] [TD][LEFT]Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the ssid parameter in the form_fast_setting_wifi_set function.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45654&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45654]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45654') [MISC]('https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/form_fast_setting_wifi_set_ssid/form_fast_setting_wifi_set_ssid.md')[/TD] [/TR] [TR] [TD][LEFT]tendacn -- ac6_firmware[/LEFT][/TD] [TD][LEFT]Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the timeZone parameter in the form_fast_setting_wifi_set function.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45655&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45655]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45655') [MISC]('https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/form_fast_setting_wifi_set_timeZone/form_fast_setting_wifi_set_timeZone.md')[/TD] [/TR] [TR] [TD][LEFT]tendacn -- ac6_firmware[/LEFT][/TD] [TD][LEFT]Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the fromSetSysTime function.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45656&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45656]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45656') [MISC]('https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/fromSetSysTime/fromSetSysTime.md')[/TD] [/TR] [TR] [TD][LEFT]tendacn -- ac6_firmware[/LEFT][/TD] [TD][LEFT]Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45657&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45657]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45657') [MISC]('https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/fromSetIpMacBind/fromSetIpMacBind.md')[/TD] [/TR] [TR] [TD][LEFT]tendacn -- ac6_firmware[/LEFT][/TD] [TD][LEFT]Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the schedEndTime parameter in the setSchedWifi function.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45658&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45658]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45658') [MISC]('https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/setSchedWifi_schedEndTime/setSchedWifi_schedEndTime.md')[/TD] [/TR] [TR] [TD][LEFT]tendacn -- ac6_firmware[/LEFT][/TD] [TD][LEFT]Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the wpapsk_crypto parameter in the fromSetWirelessRepeat function.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45659&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45659]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45659') [MISC]('https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/fromSetWirelessRepeat/fromSetWirelessRepeat.md')[/TD] [/TR] [TR] [TD][LEFT]tendacn -- ac6_firmware[/LEFT][/TD] [TD][LEFT]Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the schedStartTime parameter in the setSchedWifi function.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45660&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45660]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45660') [MISC]('https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/setSchedWifi_schedStartTime/setSchedWifi_schedStartTime.md')[/TD] [/TR] [TR] [TD][LEFT]tendacn -- ac6_firmware[/LEFT][/TD] [TD][LEFT]Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the setSmartPowerManagement function.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45661&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45661]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45661') [MISC]('https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/setSmartPowerManagement/setSmartPowerManagement.md')[/TD] [/TR] [TR] [TD][LEFT]thinkphp -- thinkphp[/LEFT][/TD] [TD][LEFT]Thinkphp 5.1.41 and 5.0.24 has a code logic error which causes file upload getshell.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44289&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44289]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44289') [MISC]('https://github.com/top-think/framework/issues/2772')[/TD] [/TR] [TR] [TD][LEFT]tibco -- nimbus[/LEFT][/TD] [TD][LEFT]The Web Client component of TIBCO Software Inc.'s TIBCO Nimbus contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to exploit an open redirect on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO Nimbus: version 10.5.0.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][9.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41559&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-41559]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41559') [CONFIRM]('https://www.tibco.com/services/support/advisories')[/TD] [/TR] [TR] [TD][LEFT]ui -- edgemax_edgerouter_firmware[/LEFT][/TD] [TD][LEFT]A remote code execution vulnerability in EdgeRouters (Version 2.0.9-hotfix.4 and earlier) allows a malicious actor with an operator account to run arbitrary administrator commands.This vulnerability is fixed in Version 2.0.9-hotfix.5 and later.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43553&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43553]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43553') [MISC]('https://community.ui.com/releases/Security-Advisory-Bulletin-026-026/07697c65-30b3-4c06-a158-35e06534480d')[/TD] [/TR] [TR] [TD][LEFT]unimo -- udr-ja1604_firmware[/LEFT][/TD] [TD][LEFT]Hidden functionality vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71x10.1.107112.43A and earlier allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43464&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43464]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43464') [MISC]('http://www.unimo.co.jp/table_notice/index.php?act=1&resid=1666831567-004418') [MISC]('https://jvn.jp/en/vu/JVNVU94514762/index.html')[/TD] [/TR] [TR] [TD][LEFT]unimo -- udr-ja1604_firmware[/LEFT][/TD] [TD][LEFT]OS command injection vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71x10.1.107112.43A and earlier allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44606&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44606]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44606') [MISC]('http://www.unimo.co.jp/table_notice/index.php?act=1&resid=1666831567-004418') [MISC]('https://jvn.jp/en/vu/JVNVU94514762/index.html')[/TD] [/TR] [TR] [TD][LEFT]unimo -- udr-ja1604_firmware[/LEFT][/TD] [TD][LEFT]Improper authentication vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71x10.1.107112.43A and earlier allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44620&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44620]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44620') [MISC]('http://www.unimo.co.jp/table_notice/index.php?act=1&resid=1666831567-004418') [MISC]('https://jvn.jp/en/vu/JVNVU94514762/index.html')[/TD] [/TR] [TR] [TD][LEFT]veeam -- veeam_backup_for_google_cloud[/LEFT][/TD] [TD][LEFT]Improper authentication in Veeam Backup for Google Cloud v1.0 and v3.0 allows attackers to bypass authentication mechanisms.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43549&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43549]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43549') [MISC]('https://www.veeam.com/kb4374')[/TD] [/TR] [TR] [TD][LEFT]veritas -- netbackup_flex_scale_appliance[/LEFT][/TD] [TD][LEFT]An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. Unauthenticated remote command execution can occur via the management portal.[/LEFT][/TD] [TD][CENTER]2022-12-04[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46414&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46414]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46414') [MISC]('https://www.veritas.com/content/support/en_US/security/VTS22-019#issue1')[/TD] [/TR] [TR] [TD][LEFT]veritas -- netbackup_flex_scale_appliance[/LEFT][/TD] [TD][LEFT]An issue was discovered in Veritas NetBackup Flex Scale through 3.0. An attacker with non-root privileges may escalate privileges to root by using specific commands.[/LEFT][/TD] [TD][CENTER]2022-12-04[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46410&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46410]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46410') [MISC]('https://www.veritas.com/content/support/en_US/security/VTS22-019#issue5')[/TD] [/TR] [TR] [TD][LEFT]veritas -- netbackup_flex_scale_appliance[/LEFT][/TD] [TD][LEFT]An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. A default password is persisted after installation and may be discovered and used to escalate privileges.[/LEFT][/TD] [TD][CENTER]2022-12-04[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46411&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46411]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46411') [MISC]('https://www.veritas.com/content/support/en_US/security/VTS22-019#issue3')[/TD] [/TR] [TR] [TD][LEFT]veritas -- netbackup_flex_scale_appliance[/LEFT][/TD] [TD][LEFT]An issue was discovered in Veritas NetBackup Flex Scale through 3.0. A non-privileged user may escape a restricted shell and execute privileged commands.[/LEFT][/TD] [TD][CENTER]2022-12-04[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46412&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46412]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46412') [MISC]('https://www.veritas.com/content/support/en_US/security/VTS22-019#issue4')[/TD] [/TR] [TR] [TD][LEFT]veritas -- netbackup_flex_scale_appliance[/LEFT][/TD] [TD][LEFT]An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. Authenticated remote command execution can occur via the management portal.[/LEFT][/TD] [TD][CENTER]2022-12-04[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46413&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-46413]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46413') [MISC]('https://www.veritas.com/content/support/en_US/security/VTS22-019#issue2')[/TD] [/TR] [TR] [TD][LEFT]videolan -- vlc_media_player[/LEFT][/TD] [TD][LEFT]An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41325&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41325]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41325') [MISC]('https://www.videolan.org/security/sb-vlc3018.html') [MISC]('https://www.synacktiv.com/sites/default/files/2022-11/vlc_vnc_int_overflow-CVE-2022-41325.pdf') [MISC]('https://twitter.com/0xMitsurugi') [DEBIAN]('https://www.debian.org/security/2022/dsa-5297')[/TD] [/TR] [TR] [TD][LEFT]vim -- vim[/LEFT][/TD] [TD][LEFT]Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0742.[/LEFT][/TD] [TD][CENTER]2022-12-03[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3491&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3491]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3491') [CONFIRM]('https://huntr.dev/bounties/6e6e05c2-2cf7-4aa5-a817-a62007bf92cb') [MISC]('https://github.com/vim/vim/commit/3558afe9e9e904cabb8475392d859f2d2fc21041')[/TD] [/TR] [TR] [TD][LEFT]vim -- vim[/LEFT][/TD] [TD][LEFT]Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3520&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3520]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3520') [MISC]('https://github.com/vim/vim/commit/36343ae0fb7247e060abfd35fb8e4337b33abb4b') [CONFIRM]('https://huntr.dev/bounties/c1db3b70-f4fe-481f-8a24-0b1449c94246')[/TD] [/TR] [TR] [TD][LEFT]vim -- vim[/LEFT][/TD] [TD][LEFT]Use After Free in GitHub repository vim/vim prior to 9.0.0789.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3591&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3591]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3591') [MISC]('https://github.com/vim/vim/commit/8f3c3c6cd044e3b5bf08dbfa3b3f04bb3f711bad') [CONFIRM]('https://huntr.dev/bounties/a5a998c2-4b07-47a7-91be-dbc1886b3921')[/TD] [/TR] [TR] [TD][LEFT]vim -- vim[/LEFT][/TD] [TD][LEFT]Use After Free in GitHub repository vim/vim prior to 9.0.0882.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4292&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4292]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4292') [CONFIRM]('https://huntr.dev/bounties/da3d4c47-e57a-451e-993d-9df0ed31f57b') [MISC]('https://github.com/vim/vim/commit/c3d27ada14acd02db357f2d16347acc22cb17e93')[/TD] [/TR] [TR] [TD][LEFT]warehouse_management_system_project -- warehouse_management_system[/LEFT][/TD] [TD][LEFT]A vulnerability, which was classified as critical, has been found in FeMiner wms. Affected by this issue is some unknown functionality of the file /product/savenewproduct.php?flag=1. The manipulation of the argument upfile leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214760.[/LEFT][/TD] [TD][CENTER]2022-12-03[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4272&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4272]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4272') [MISC]('https://vuldb.com/?id.214760') [MISC]('https://github.com/FeMiner/wms/issues/14')[/TD] [/TR] [TR] [TD][LEFT]webtareas_project -- webtareas[/LEFT][/TD] [TD][LEFT]webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in deleteapprovalstages.php.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44290&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44290]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44290') [MISC]('http://webtareas.com') [MISC]('https://github.com/anhdq201/webtareas/issues/2')[/TD] [/TR] [TR] [TD][LEFT]webtareas_project -- webtareas[/LEFT][/TD] [TD][LEFT]webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in phasesets.php.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44291&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44291]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44291') [MISC]('http://webtareas.com') [MISC]('https://github.com/anhdq201/webtareas/issues/1')[/TD] [/TR] [TR] [TD][LEFT]wordpress_popular_posts_project -- wordpress_popular_posts[/LEFT][/TD] [TD][LEFT]External initialization of trusted variables or data stores vulnerability exists in WordPress Popular Posts 6.0.5 and earlier, therefore the vulnerable product accepts untrusted external inputs to update certain internal variables. As a result, the number of views for an article may be manipulated through a crafted input.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43468&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-43468]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43468') [MISC]('https://github.com/cabrerahector/wordpress-popular-posts/') [MISC]('https://jvn.jp/en/jp/JVN13927745/index.html') [MISC]('https://wordpress.org/plugins/wordpress-popular-posts/')[/TD] [/TR] [TR] [TD][LEFT]wp-ecommerce -- easy_wp_smtp[/LEFT][/TD] [TD][LEFT]Auth. Remote Code Execution vulnerability in Easy WP SMTP plugin <= 1.5.1 on WordPress.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42699&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-42699]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42699') [MISC]('https://patchstack.com/database/vulnerability/easy-wp-smtp/wordpress-easy-wp-smtp-plugin-1-5-1-auth-remote-code-execution-rce-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wp-ecommerce -- easy_wp_smtp[/LEFT][/TD] [TD][LEFT]Auth. Path Traversal vulnerability in Easy WP SMTP plugin <= 1.5.1 at WordPress.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45829&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45829]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45829') [MISC]('https://patchstack.com/database/vulnerability/easy-wp-smtp/wordpress-easy-wp-smtp-plugin-1-5-1-auth-arbitrary-file-deletion-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wp_csv_exporter_project -- wp_csv_exporter[/LEFT][/TD] [TD][LEFT]The WP CSV Exporter WordPress plugin before 1.3.7 does not properly sanitise and escape some parameters before using them in a SQL statement, allowing high privilege users such as admin to perform SQL injection attacks[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3249&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3249]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3249') [MISC]('https://wpscan.com/vulnerability/6503da78-a2bf-4b4c-b56d-21c8c55b076e')[/TD] [/TR] [TR] [TD][LEFT]xjd2020 -- fastcms[/LEFT][/TD] [TD][LEFT]A vulnerability was found in FastCMS. It has been rated as critical. This issue affects some unknown processing of the file /template/edit of the component Template Handler. The manipulation leads to injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-214901 was assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4300&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4300]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4300') [N/A]('https://vuldb.com/?id.214901') [N/A]('https://github.com/Ha0Liu/cveAdd/blob/developer/fastcms%E6%A8%A1%E7%89%88%E6%B3%A8%E5%85%A5/fastcms%20template%20injection%20vulnerability.md') [MISC]('https://github.com/Ha0Liu/cveAdd/blob/developer/fastcms????/fastcms%20template%20injection%20vulnerability.md')[/TD] [/TR] [TR] [TD][LEFT]yithemes -- yith_woocommerce_gift_cards[/LEFT][/TD] [TD][LEFT]Unauth. Arbitrary File Upload vulnerability in YITH WooCommerce Gift Cards premium plugin <= 3.19.0 on WordPress.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45359&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45359]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45359') [MISC]('https://patchstack.com/database/vulnerability/yith-woocommerce-gift-cards-premium/wordpress-yith-woocommerce-gift-cards-premium-plugin-3-19-0-unauth-arbitrary-file-upload-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]zabbix -- frontend[/LEFT][/TD] [TD][LEFT]Zabbix Frontend provides a feature that allows admins to maintain the installation and ensure that only certain IP addresses can access it. In this way, any user will not be able to access the Zabbix Frontend while it is being maintained and possible sensitive data will be prevented from being disclosed. An attacker can bypass this protection and access the instance using IP address not listed in the defined range.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43515&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43515]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43515') [MISC]('https://support.zabbix.com/browse/ZBX-22050')[/TD] [/TR] [TR] [TD][LEFT]zabbix -- zabbix[/LEFT][/TD] [TD][LEFT]A Firewall Rule which allows all incoming TCP connections to all programs from any source and to all ports is created in Windows Firewall after Zabbix agent installation (MSI)[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43516&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43516]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43516') [MISC]('https://support.zabbix.com/browse/ZBX-22002')[/TD] [/TR] [TR] [TD][LEFT]zimbra -- collaboration[/LEFT][/TD] [TD][LEFT]An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. Remote code execution can occur through ClientUploader by an authenticated admin user. An authenticated admin user can upload files through the ClientUploader utility, and traverse to any other directory for remote code execution.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45912&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45912]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45912') [MISC]('https://gist.github.com/Threonic/e90c85e11e1ac925ff57783988779e76')[/TD] [/TR] [TR] [TD][LEFT]zkteco -- zktime[/LEFT][/TD] [TD][LEFT]A default username and password for an administrator account was discovered in ZKTeco ZKTime 10.0 through 11.1.0, builds 20180901, 20190510.1, 20200309.3, 20200930, 20201231, and 20210220.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-39434&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2021-39434]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-39434') [MISC]('https://www.cnvd.org.cn/flaw/show/CNVD-2018-26041')[/TD] [/TR] [/TABLE][/CENTER] [Back to top]('https://us-cert.cisa.gov#top')

Medium Vulnerabilities

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD][LEFT]2kblater -- 2kb_amazon_affiliates_store[/LEFT][/TD] [TD][LEFT]Reflected Cross-Site Scripting (XSS) vulnerability in 2kb Amazon Affiliates Store plugin <=2.1.5 on WordPress.[/LEFT][/TD] [TD][CENTER]2022-12-04[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40968&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-40968]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40968') [MISC]('https://patchstack.com/database/vulnerability/2kb-amazon-affiliates-store/wordpress-2kb-amazon-affiliates-store-plugin-2-1-5-auth-stored-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]add_comments_project -- add_comments[/LEFT][/TD] [TD][LEFT]The Add Comments WordPress plugin through 1.0.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3909&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3909]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3909') [MISC]('https://wpscan.com/vulnerability/8d57a534-7630-491a-a0fd-90430f85ae78')[/TD] [/TR] [TR] [TD][LEFT]addonspress -- advanced_import[/LEFT][/TD] [TD][LEFT]The Advanced Import WordPress plugin before 1.3.8 does not have CSRF check when installing and activating plugins, which could allow attackers to make a logged in admin install arbitrary plugins from WordPress.org, and activate arbitrary ones from the blog via CSRF attacks[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3677&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-3677]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3677') [MISC]('https://wpscan.com/vulnerability/5a7c6367-a3e6-4411-8865-2a9dbc9f1450')[/TD] [/TR] [TR] [TD][LEFT]advanced_wp_columns_project -- advanced_wp_columns[/LEFT][/TD] [TD][LEFT]The Advanced WP Columns WordPress plugin through 2.0.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3426&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3426]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3426') [MISC]('https://wpscan.com/vulnerability/bc90594e-1018-494a-b473-6416e274c59f')[/TD] [/TR] [TR] [TD][LEFT]apache -- commons_net[/LEFT][/TD] [TD][LEFT]Prior to Apache Commons Net 3.9.0, Net's FTP client trusts the host from PASV response by default. A malicious server can redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This may lead to leakage of information about services running on the private network of the client. The default in version 3.9.0 is now false to ignore such hosts, as cURL does. See https://issues.apache.org/jira/browse/NET-711 .[/LEFT][/TD] [TD][CENTER]2022-12-03[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-37533&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2021-37533]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-37533') [CONFIRM]('https://lists.apache.org/thread/o6yn9r9x6s94v97264hmgol1sf48mvx7') [MLIST]('http://www.openwall.com/lists/oss-security/2022/12/03/1')[/TD] [/TR] [TR] [TD][LEFT]auto\/taxi_stand_management_system_project -- auto\/taxi_stand_management_system[/LEFT][/TD] [TD][LEFT]AutoTaxi Stand Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component search.php.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43369&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-43369]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43369') [MISC]('https://phpgurukul.com/auto-taxi-stand-management-system-using-php-and-mysql/') [MISC]('https://github.com/sudoninja-noob/CVE-2022-43369/blob/main/CVE-2022-43369')[/TD] [/TR] [TR] [TD][LEFT]awstats -- awstats[/LEFT][/TD] [TD][LEFT]AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks.[/LEFT][/TD] [TD][CENTER]2022-12-04[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46391&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-46391]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46391') [MISC]('https://github.com/eldy/AWStats/pull/226') [MLIST]('https://lists.debian.org/debian-lts-announce/2022/12/msg00010.html')[/TD] [/TR] [TR] [TD][LEFT]bd -- bodyguard_999-603_firmware[/LEFT][/TD] [TD][LEFT]The BD BodyGuard™ infusion pumps specified allow for access through the RS-232 (serial) port interface. If exploited, threat actors with physical access, specialized equipment and knowledge may be able to configure or disable the pump. No electronic protected health information (ePHI), protected health information (PHI) or personally identifiable information (PII) is stored in the pump.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43557&vector=CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H')[/CENTER][/TD] [TD][CVE-2022-43557]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43557') [MISC]('https://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-bodyguard-pumps-rs-232-interface-vulnerability')[/TD] [/TR] [TR] [TD][LEFT]beappsmobile -- pc_keyboard_wifi_\&_bluetooth[/LEFT][/TD] [TD][LEFT]PC Keyboard WiFi & Bluetooth allows an attacker (in a man-in-the-middle position between the server and a connected device) to see all data (including keypresses) in cleartext. CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][5.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45480&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-45480]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45480') [MISC]('https://www.synopsys.com/blogs/software-security/cyrc-advisory-remote-code-execution-vulnerabilities-mouse-keyboard-apps/')[/TD] [/TR] [TR] [TD][LEFT]beetl-bbs_project -- beetl-bbs[/LEFT][/TD] [TD][LEFT]A vulnerability was found in xiandafu beetl-bbs. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file WebUtils.java. The manipulation of the argument user leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-215107.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4347&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4347]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4347') [N/A]('https://gitee.com/xiandafu/beetl-bbs/issues/I5XD5O') [N/A]('https://vuldb.com/?id.215107')[/TD] [/TR] [TR] [TD][LEFT]book_store_management_system_project -- book_store_management_system[/LEFT][/TD] [TD][LEFT]A cross-site scripting (XSS) vulnerability in Book Store Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter under the Add New System User module.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45215&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-45215]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45215') [MISC]('https://www.sourcecodester.com/php/15748/book-store-management-system-project-using-php-codeigniter-3-free-source-code.html') [MISC]('https://github.com/Rajeshwar40/CVE/blob/main/CVE-2022-45215')[/TD] [/TR] [TR] [TD][LEFT]book_store_management_system_project -- book_store_management_system[/LEFT][/TD] [TD][LEFT]A cross-site scripting (XSS) vulnerability in Book Store Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Level parameter under the Add New System User module.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45217&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-45217]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45217') [MISC]('https://github.com/sudoninja-noob/CVE-2022-45217/blob/main/CVE-2022-45217') [MISC]('https://www.sourcecodester.com/php/15748/book-store-management-system-project-using-php-codeigniter-3-free-source-code.html')[/TD] [/TR] [TR] [TD][LEFT]clicshopping -- clicshopping_v3[/LEFT][/TD] [TD][LEFT]A cross-site scripting (XSS) vulnerability in ClicShopping_V3 v3.402 allows attackers to execute arbitrary web scripts or HTML via a crafted URL parameter.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45769&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-45769]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45769') [MISC]('https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/clicshopping.org/2022/ClicShopping_V3')[/TD] [/TR] [TR] [TD][LEFT]concretecms -- concrete_cms[/LEFT][/TD] [TD][LEFT]Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to XSS in the text input field since the result dashboard page output is not sanitized. The Concrete CMS security team has ranked this 4.2 with CVSS v3.1 vector AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N Thanks @_akbar_jafarli_ for reporting. Remediate by updating to Concrete CMS 8.5.10 and Concrete CMS 9.1.3.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43556&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-43556]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43556') [MISC]('https://documentation.concretecms.org/developers/introduction/version-history/8510-release-notes') [MISC]('https://documentation.concretecms.org/developers/introduction/version-history/913-release-notes') [MISC]('https://www.concretecms.org/about/project-news/security/concrete-cms-security-advisory-2022-10-31')[/TD] [/TR] [TR] [TD][LEFT]contest-gallery -- contest_gallery[/LEFT][/TD] [TD][LEFT]Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Contest Gallery plugin <= 13.1.0.9 on WordPress.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45848&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-45848]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45848') [MISC]('https://patchstack.com/database/vulnerability/contest-gallery/wordpress-contest-gallery-plugin-13-1-0-9-unauth-stored-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]crowdstrike -- falcon[/LEFT][/TD] [TD][LEFT]CrowdStrike Falcon 6.44.15806 allows an administrative attacker to uninstall Falcon Sensor, bypassing the intended protection mechanism in which uninstallation requires possessing a one-time token. (The sensor is managed at the kernel level.)[/LEFT][/TD] [TD][CENTER]2022-12-04[/CENTER][/TD] [TD][CENTER][4.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44721&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-44721]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44721') [MISC]('https://github.com/purplededa/CVE-2022-44721-CsFalconUninstaller')[/TD] [/TR] [TR] [TD][LEFT]dev4press -- gd_bbpress_attachments[/LEFT][/TD] [TD][LEFT]Auth. Stored Cross-Site Scripting (XSS) vulnerability in GD bbPress Attachments plugin <= 4.3.1 on WordPress.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45816&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-45816]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45816') [MISC]('https://patchstack.com/database/vulnerability/gd-bbpress-attachments/wordpress-gd-bbpress-attachments-plugin-4-3-1-auth-stored-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]discourse -- discourse[/LEFT][/TD] [TD][LEFT]Discourse is an open-source discussion platform. In version 2.8.13 and prior on the [ICODE]stable[/ICODE] branch and version 2.9.0.beta14 and prior on the [ICODE]beta[/ICODE] and [ICODE]tests-passed[/ICODE] branches, any authenticated user can create an unlisted topic. These topics, which are not readily available to other users, can take up unnecessary site resources. A patch for this issue is available in the [ICODE]main[/ICODE] branch of Discourse. There are no known workarounds available.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46159&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L')[/CENTER][/TD] [TD][CVE-2022-46159]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46159') [MISC]('https://github.com/discourse/discourse/security/advisories/GHSA-qf99-xpx6-hgxp') [MISC]('https://github.com/discourse/discourse/commit/0ce38bd7bce862db251b882613ab7053ca777382')[/TD] [/TR] [TR] [TD][LEFT]duxcms_project -- duxcms[/LEFT][/TD] [TD][LEFT]A vulnerability was found in annyshow DuxCMS 2.1. It has been classified as problematic. This affects an unknown part of the file admin.php&r=article/AdminContent/edit of the component Article Handler. The manipulation of the argument content leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-215115.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-36609&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2020-36609]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-36609') [MISC]('https://gitee.com/annyshow/DuxCMS2.1/issues/I183GG') [MISC]('https://vuldb.com/?id.215115')[/TD] [/TR] [TR] [TD][LEFT]ecommerce-website_project -- ecommerce-website[/LEFT][/TD] [TD][LEFT]A cross-site scripting (XSS) vulnerability in the component /signup_script.php of Ecommerce-Website v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the eMail parameter.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45990&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-45990]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45990') [MISC]('https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/winston-dsouza/ecommerce-website')[/TD] [/TR] [TR] [TD][LEFT]elbtide -- advanced_booking_calendar[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Advanced Booking Calendar plugin <= 1.7.1 on WordPress.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45824&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-45824]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45824') [MISC]('https://patchstack.com/database/vulnerability/advanced-booking-calendar/wordpress-advanced-booking-calendar-plugin-1-7-1-multiple-cross-site-scripting-csrf-vulnerabilities?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]enhancesoft -- osticket[/LEFT][/TD] [TD][LEFT]Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to 1.16.4.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4271&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4271]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4271') [CONFIRM]('https://huntr.dev/bounties/a11c922f-255a-412a-aa87-7f3bd7121599') [MISC]('https://github.com/osticket/osticket/commit/5213ff138c6be6144a6692376ac0803a42eca168')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortiadc[/LEFT][/TD] [TD][LEFT]Multiple instances of improper input validation vulnerability in Fortinet FortiADC version 7.1.0, version 7.0.0 through 7.0.2 and version 6.2.4 and below allows an authenticated attacker to retrieve files with specific extension from the underlying Linux system via crafted HTTP requests.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-33876&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-33876]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-33876') [MISC]('https://fortiguard.com/psirt/FG-IR-22-253')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortios[/LEFT][/TD] [TD][LEFT]A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiOS 6.0.7 - 6.0.15, 6.2.2 - 6.2.12, 6.4.0 - 6.4.9 and 7.0.0 - 7.0.3 allows a privileged attacker to execute unauthorized code or commands via storing malicious payloads in replacement messages.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40680&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-40680]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40680') [MISC]('https://fortiguard.com/psirt/FG-IR-21-248')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortisoar[/LEFT][/TD] [TD][LEFT]Improper neutralization of input during web page generation [CWE-79] in FortiSOAR 7.0.0 through 7.0.3 and 7.2.0 may allow an authenticated attacker to inject HTML tags via input fields of various components within FortiSOAR.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-38379&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-38379]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-38379') [MISC]('https://fortiguard.com/psirt/FG-IR-22-220')[/TD] [/TR] [TR] [TD][LEFT]fsi -- fs040u_firmware[/LEFT][/TD] [TD][LEFT]Plaintext storage of a password vulnerability exists in +F FS040U software versions v2.3.4 and earlier, which may allow an attacker to obtain the login password of +F FS040U and log in to the management console.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][4.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43442&vector=CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-43442]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43442') [MISC]('https://www.fsi.co.jp/mobile/plusF/news/22102803.html') [MISC]('https://www.fsi.co.jp/mobile/plusF/news/22102802.html') [MISC]('https://jvn.jp/en/jp/JVN74285622/index.html') [MISC]('https://www.fsi.co.jp/mobile/plusF/news/22102804.html') [MISC]('https://www.fsi.co.jp/mobile/plusF/news/22102801.html')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446207; Issue ID: ALPS07446207.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32594&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32594]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32594') [MISC]('https://corp.mediatek.com/product-security-bulletin/December-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446213; Issue ID: ALPS07446213.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32596&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32596]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32596') [MISC]('https://corp.mediatek.com/product-security-bulletin/December-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446228; Issue ID: ALPS07446228.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32597&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32597]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32597') [MISC]('https://corp.mediatek.com/product-security-bulletin/December-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446228; Issue ID: ALPS07446228.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32598&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32598]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32598') [MISC]('https://corp.mediatek.com/product-security-bulletin/December-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In keyinstall, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07439659; Issue ID: ALPS07439659.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32619&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32619]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32619') [MISC]('https://corp.mediatek.com/product-security-bulletin/December-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In mpu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07541753; Issue ID: ALPS07541753.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32620&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32620]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32620') [MISC]('https://corp.mediatek.com/product-security-bulletin/December-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In gz, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363786; Issue ID: ALPS07363786.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32622&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32622]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32622') [MISC]('https://corp.mediatek.com/product-security-bulletin/December-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In throttling, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07405923; Issue ID: ALPS07405923.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32624&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32624]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32624') [MISC]('https://corp.mediatek.com/product-security-bulletin/December-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In display, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07326216; Issue ID: ALPS07326216.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32625&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32625]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32625') [MISC]('https://corp.mediatek.com/product-security-bulletin/December-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In display, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07326239; Issue ID: ALPS07326239.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32626&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32626]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32626') [MISC]('https://corp.mediatek.com/product-security-bulletin/December-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310780; Issue ID: ALPS07310780.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32628&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32628]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32628') [MISC]('https://corp.mediatek.com/product-security-bulletin/December-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310774; Issue ID: ALPS07310774.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32629&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32629]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32629') [MISC]('https://corp.mediatek.com/product-security-bulletin/December-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In throttling, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07405966; Issue ID: ALPS07405966.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32630&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32630]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32630') [MISC]('https://corp.mediatek.com/product-security-bulletin/December-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In Wi-Fi, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453613; Issue ID: ALPS07453613.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32631&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32631]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32631') [MISC]('https://corp.mediatek.com/product-security-bulletin/December-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In Wi-Fi, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441630; Issue ID: ALPS07441630.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32632&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32632]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32632') [MISC]('https://corp.mediatek.com/product-security-bulletin/December-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In Wi-Fi, there is a possible memory access violation due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441637; Issue ID: ALPS07441637.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32633&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32633]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32633') [MISC]('https://corp.mediatek.com/product-security-bulletin/December-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In ccci, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138646; Issue ID: ALPS07138646.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32634&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32634]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32634') [MISC]('https://corp.mediatek.com/product-security-bulletin/December-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In isp, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310829; Issue ID: ALPS07310829.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32621&vector=CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32621]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32621') [MISC]('https://corp.mediatek.com/product-security-bulletin/December-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39106&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-39106]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39106') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In face detect driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39129&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-39129]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39129') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In face detect driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39130&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-39130]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39130') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In camera driver, there is a possible memory corruption due to improper locking. This could lead to local denial of service in kernel.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39131&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-39131]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39131') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39132&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-39132]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39132') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39133&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-39133]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39133') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]Exposure of Sensitive Information vulnerability in kernel prior to SMR Dec-2022 Release 1 allows attackers to access the kernel address information via log.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39897&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-39897]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39897') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=12')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]Implicit intent hijacking vulnerability in Telecom application prior to SMR Dec-2022 Release 1 allows attacker to access sensitive information via implicit intent.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39905&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-39905]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39905') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=12')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In npu driver, there is a memory corruption due to a use after free. This could lead to local denial of service in kernel.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42754&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-42754]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42754') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42755&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-42755]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42755') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In sensor driver, there is a possible buffer overflow due to a missing bounds check. This could lead to local denial of service in kernel.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42756&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-42756]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42756') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42759&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-42759]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42759') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42760&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-42760]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42760') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42761&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-42761]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42761') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42762&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-42762]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42762') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42763&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-42763]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42763') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42764&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-42764]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42764') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42765&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-42765]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42765') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In wlan driver, there is a possible missing permission check, This could lead to local information disclosure.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42766&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-42766]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42766') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42772&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-42772]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42772') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42773&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-42773]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42773') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42774&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-42774]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42774') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In camera driver, there is a possible memory corruption due to improper locking. This could lead to local denial of service in kernel.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42775&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-42775]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42775') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42779&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-42779]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42779') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42780&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-42780]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42780') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42781&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-42781]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42781') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In wlan driver, there is a possible missing permission check, This could lead to local information disclosure.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42782&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-42782]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42782') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In audio driver, there is a use after free due to a race condition. This could lead to local denial of service in kernel.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][4.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39134&vector=CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-39134]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39134') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In wlan driver, there is a race condition, This could lead to local denial of service in wlan services.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][4.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42770&vector=CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-42770]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42770') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In wlan driver, there is a race condition, This could lead to local denial of service in wlan services.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][4.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42771&vector=CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-42771]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42771') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42768&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L')[/CENTER][/TD] [TD][CVE-2022-42768]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42768') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]haxx -- curl[/LEFT][/TD] [TD][LEFT]curl can be told to parse a [ICODE].netrc[/ICODE] file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause a segfault or similar, but circumstances might also cause different outcomes.If a malicious user can provide a custom netrc file to an application or otherwise affect its contents, this flaw could be used as denial-of-service.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-35260&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-35260]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-35260') [MISC]('https://hackerone.com/reports/1721098')[/TD] [/TR] [TR] [TD][LEFT]human_resource_management_system_project -- human_resource_management_system[/LEFT][/TD] [TD][LEFT]A vulnerability classified as problematic has been found in SourceCodester Human Resource Management System 1.0. Affected is an unknown function of the file /hrm/employeeview.php. The manipulation of the argument search leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214776.[/LEFT][/TD] [TD][CENTER]2022-12-03[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4279&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4279]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4279') [N/A]('https://github.com/leecybersec/bug-report/tree/main/sourcecodester/oretnom23/hrm/employee-view-xss') [N/A]('https://vuldb.com/?id.214776')[/TD] [/TR] [TR] [TD][LEFT]ibm -- business_automation_workflow[/LEFT][/TD] [TD][LEFT]IBM Business Process Manager 21.0.1 through 21.0.3.1, 20.0.0.1 through 20.0.0.2 19.0.0.1 through 19.0.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 65687.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41735&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-41735]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41735') [MISC]('https://www.ibm.com/support/pages/node/6845496') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/237809')[/TD] [/TR] [TR] [TD][LEFT]ilias -- ilias[/LEFT][/TD] [TD][LEFT]ILIAS before 7.16 allows External Control of File Name or Path.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45918&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-45918]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45918') [MISC]('https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-ilias-elearning-platform/') [FULLDISC]('http://seclists.org/fulldisclosure/2022/Dec/7') [MISC]('http://packetstormsecurity.com/files/170181/ILIAS-eLearning-7.15-Command-Injection-XSS-LFI-Open-Redirect.html')[/TD] [/TR] [TR] [TD][LEFT]ilias -- ilias[/LEFT][/TD] [TD][LEFT]ILIAS before 7.16 has an Open Redirect.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45917&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-45917]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45917') [MISC]('https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-ilias-elearning-platform/') [FULLDISC]('http://seclists.org/fulldisclosure/2022/Dec/7') [MISC]('http://packetstormsecurity.com/files/170181/ILIAS-eLearning-7.15-Command-Injection-XSS-LFI-Open-Redirect.html')[/TD] [/TR] [TR] [TD][LEFT]ilias -- ilias[/LEFT][/TD] [TD][LEFT]ILIAS before 7.16 allows XSS.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45916&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-45916]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45916') [MISC]('https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-ilias-elearning-platform/') [FULLDISC]('http://seclists.org/fulldisclosure/2022/Dec/7') [MISC]('http://packetstormsecurity.com/files/170181/ILIAS-eLearning-7.15-Command-Injection-XSS-LFI-Open-Redirect.html')[/TD] [/TR] [TR] [TD][LEFT]ivanti -- endpoint_manager[/LEFT][/TD] [TD][LEFT]ZTE OTCP product is impacted by a permission and access control vulnerability. Due to improper permission settings, an attacker with high permissions could use this vulnerability to maliciously delete and modify files.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23143&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-23143]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23143') [MISC]('https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1026164')[/TD] [/TR] [TR] [TD][LEFT]kibokolabs -- chained_quiz[/LEFT][/TD] [TD][LEFT]The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'datef' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4208&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4208]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4208') [MISC]('https://gist.github.com/Xib3rR4dAr/417a11bcb9b8da28cfe5ba1c17c44d0e') [MISC]('https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2824193%40chained-quiz&new=2824193%40chained-quiz&sfp_email=&sfph_mail=') [MISC]('https://www.wordfence.com/vulnerability-advisories-continued/#CVE-2022-4208')[/TD] [/TR] [TR] [TD][LEFT]kibokolabs -- chained_quiz[/LEFT][/TD] [TD][LEFT]The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'pointsf' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4209&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4209]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4209') [MISC]('https://gist.github.com/Xib3rR4dAr/417a11bcb9b8da28cfe5ba1c17c44d0e') [MISC]('https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2824193%40chained-quiz&new=2824193%40chained-quiz&sfp_email=&sfph_mail=') [MISC]('https://www.wordfence.com/vulnerability-advisories-continued/#CVE-2022-4209')[/TD] [/TR] [TR] [TD][LEFT]kibokolabs -- chained_quiz[/LEFT][/TD] [TD][LEFT]The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'dnf' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4210&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4210]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4210') [MISC]('https://gist.github.com/Xib3rR4dAr/417a11bcb9b8da28cfe5ba1c17c44d0e') [MISC]('https://www.wordfence.com/vulnerability-advisories-continued/#CVE-2022-4210') [MISC]('https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2824193%40chained-quiz&new=2824193%40chained-quiz&sfp_email=&sfph_mail=')[/TD] [/TR] [TR] [TD][LEFT]kibokolabs -- chained_quiz[/LEFT][/TD] [TD][LEFT]The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'emailf' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4211&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4211]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4211') [MISC]('https://gist.github.com/Xib3rR4dAr/417a11bcb9b8da28cfe5ba1c17c44d0e') [MISC]('https://www.wordfence.com/vulnerability-advisories-continued/#CVE-2022-4211') [MISC]('https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2824193%40chained-quiz&new=2824193%40chained-quiz&sfp_email=&sfph_mail=')[/TD] [/TR] [TR] [TD][LEFT]kibokolabs -- chained_quiz[/LEFT][/TD] [TD][LEFT]The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'ipf' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4212&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4212]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4212') [MISC]('https://gist.github.com/Xib3rR4dAr/417a11bcb9b8da28cfe5ba1c17c44d0e') [MISC]('https://www.wordfence.com/vulnerability-advisories-continued/#CVE-2022-4212') [MISC]('https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2824193%40chained-quiz&new=2824193%40chained-quiz&sfp_email=&sfph_mail=')[/TD] [/TR] [TR] [TD][LEFT]kibokolabs -- chained_quiz[/LEFT][/TD] [TD][LEFT]The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'dn' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4213&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4213]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4213') [MISC]('https://www.wordfence.com/vulnerability-advisories-continued/#CVE-2022-4213') [MISC]('https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2825368%40chained-quiz&new=2825368%40chained-quiz&sfp_email=&sfph_mail=')[/TD] [/TR] [TR] [TD][LEFT]kibokolabs -- chained_quiz[/LEFT][/TD] [TD][LEFT]The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'ip' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4214&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4214]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4214') [MISC]('https://gist.github.com/Xib3rR4dAr/417a11bcb9b8da28cfe5ba1c17c44d0e') [MISC]('https://www.wordfence.com/vulnerability-advisories-continued/#CVE-2022-4214') [MISC]('https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2826500%40chained-quiz&new=2826500%40chained-quiz&sfp_email=&sfph_mail=')[/TD] [/TR] [TR] [TD][LEFT]kibokolabs -- chained_quiz[/LEFT][/TD] [TD][LEFT]The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'date' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4215&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4215]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4215') [MISC]('https://gist.github.com/Xib3rR4dAr/417a11bcb9b8da28cfe5ba1c17c44d0e') [MISC]('https://www.wordfence.com/vulnerability-advisories-continued/#CVE-2022-4215') [MISC]('https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2826500%40chained-quiz&new=2826500%40chained-quiz&sfp_email=&sfph_mail=')[/TD] [/TR] [TR] [TD][LEFT]kibokolabs -- chained_quiz[/LEFT][/TD] [TD][LEFT]The Chained Quiz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'facebook_appid' parameter in versions up to, and including, 1.3.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrative privileges to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4216&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4216]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4216') [MISC]('https://gist.github.com/Xib3rR4dAr/417a11bcb9b8da28cfe5ba1c17c44d0e') [MISC]('https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2825368%40chained-quiz&new=2825368%40chained-quiz&sfp_email=&sfph_mail=') [MISC]('https://www.wordfence.com/vulnerability-advisories-continued/#CVE-2022-4216') [MISC]('https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2825114%40chained-quiz&new=2825114%40chained-quiz&sfp_email=&sfph_mail=')[/TD] [/TR] [TR] [TD][LEFT]kibokolabs -- chained_quiz[/LEFT][/TD] [TD][LEFT]The Chained Quiz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'api_key' parameter in versions up to, and including, 1.3.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrative privileges to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4217&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4217]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4217') [MISC]('https://gist.github.com/Xib3rR4dAr/417a11bcb9b8da28cfe5ba1c17c44d0e') [MISC]('https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2825368%40chained-quiz&new=2825368%40chained-quiz&sfp_email=&sfph_mail=') [MISC]('https://plugins.trac.wordpress.org/changeset/2824193') [MISC]('https://www.wordfence.com/vulnerability-advisories-continued/#CVE-2022-4217')[/TD] [/TR] [TR] [TD][LEFT]kibokolabs -- chained_quiz[/LEFT][/TD] [TD][LEFT]The Chained Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.2.4. This is due to missing nonce validation on the list_quizzes() function. This makes it possible for unauthenticated attackers to delete quizzes and copy quizzes via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4218&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4218]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4218') [MISC]('https://gist.github.com/Xib3rR4dAr/417a11bcb9b8da28cfe5ba1c17c44d0e') [MISC]('https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2826623%40chained-quiz&new=2826623%40chained-quiz&sfp_email=&sfph_mail=') [MISC]('https://www.wordfence.com/vulnerability-advisories-continued/#CVE-2022-4218')[/TD] [/TR] [TR] [TD][LEFT]kibokolabs -- chained_quiz[/LEFT][/TD] [TD][LEFT]The Chained Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.2.4. This is due to missing nonce validation on the manage() function. This makes it possible for unauthenticated attackers to delete submitted quiz responses via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4219&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4219]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4219') [MISC]('https://gist.github.com/Xib3rR4dAr/417a11bcb9b8da28cfe5ba1c17c44d0e') [MISC]('https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2826623%40chained-quiz&new=2826623%40chained-quiz&sfp_email=&sfph_mail=') [MISC]('https://www.wordfence.com/vulnerability-advisories-continued/#CVE-2022-4219')[/TD] [/TR] [TR] [TD][LEFT]kibokolabs -- chained_quiz[/LEFT][/TD] [TD][LEFT]The Chained Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.2.4. This is due to missing nonce validation on the list_questions() function. This makes it possible for unauthenticated attackers to delete questions from quizzes via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4220&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4220]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4220') [MISC]('https://gist.github.com/Xib3rR4dAr/417a11bcb9b8da28cfe5ba1c17c44d0e') [MISC]('https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2826623%40chained-quiz&new=2826623%40chained-quiz&sfp_email=&sfph_mail=') [MISC]('https://www.wordfence.com/vulnerability-advisories-continued/#CVE-2022-4220') [MISC]('https://plugins.trac.wordpress.org/browser/chained-quiz/trunk/controllers/questions.php#L73')[/TD] [/TR] [TR] [TD][LEFT]kwoksys -- information_server[/LEFT][/TD] [TD][LEFT]An XML external entity (XXE) injection vulnerability in Kwoksys Kwok Information Server before v2.9.5.SP31 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][4.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45326&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-45326]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45326') [MISC]('https://www.navsec.net/2022/11/12/kwoksys-xxe.html') [MISC]('http://www.kwoksys.com/wiki/index.php?title=Release_Notes')[/TD] [/TR] [TR] [TD][LEFT]kyocera -- taskalfa_7550ci_firmware[/LEFT][/TD] [TD][LEFT]Session information easily guessable vulnerability exists in Kyocera Document Solutions MFPs and printers, which may allow a network-adjacent attacker to log in to the product by spoofing a user with guessed session information. Affected products/versions are as follows: TASKalfa 7550ci/6550ci, TASKalfa 5550ci/4550ci/3550ci/3050ci, TASKalfa 255c/205c, TASKalfa 256ci/206ci, ECOSYS M6526cdn/M6526cidn, FS-C2126MFP/C2126MFP+/C2026MFP/C2026MFP+, TASKalfa 8000i/6500i, TASKalfa 5500i/4500i/3500i, TASKalfa 305/255, TASKalfa 306i/256i, LS-3140MFP/3140MFP+/3640MFP, ECOSYS M2535dn, LS-1135MFP/1035MFP, LS-C8650DN/C8600DN, ECOSYS P6026cdn, FS-C5250DN, LS-4300DN/4200DN/2100DN, ECOSYS P4040dn, ECOSYS P2135dn, and FS-1370DN.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41798&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-41798]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41798') [MISC]('https://www.kyoceradocumentsolutions.co.jp/support/information/info_20221101.html') [MISC]('https://jvn.jp/en/jp/JVN46345126/index.html') [MISC]('https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2022-11-01.html')[/TD] [/TR] [TR] [TD][LEFT]kyocera -- taskalfa_7550ci_firmware[/LEFT][/TD] [TD][LEFT]Missing authorization vulnerability exists in Kyocera Document Solutions MFPs and printers, which may allow a network-adjacent attacker to alter the product settings without authentication by sending a specially crafted request. Affected products/versions are as follows: TASKalfa 7550ci/6550ci, TASKalfa 5550ci/4550ci/3550ci/3050ci, TASKalfa 255c/205c, TASKalfa 256ci/206ci, ECOSYS M6526cdn/M6526cidn, FS-C2126MFP/C2126MFP+/C2026MFP/C2026MFP+, TASKalfa 8000i/6500i, TASKalfa 5500i/4500i/3500i, TASKalfa 305/255, TASKalfa 306i/256i, LS-3140MFP/3140MFP+/3640MFP, ECOSYS M2535dn, LS-1135MFP/1035MFP, LS-C8650DN/C8600DN, ECOSYS P6026cdn, FS-C5250DN, LS-4300DN/4200DN/2100DN, ECOSYS P4040dn, ECOSYS P2135dn, and FS-1370DN.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41807&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-41807]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41807') [MISC]('https://www.kyoceradocumentsolutions.co.jp/support/information/info_20221101.html') [MISC]('https://jvn.jp/en/jp/JVN46345126/index.html') [MISC]('https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2022-11-01.html')[/TD] [/TR] [TR] [TD][LEFT]kyocera -- taskalfa_7550ci_firmware[/LEFT][/TD] [TD][LEFT]Stored cross-site scripting vulnerability in Kyocera Document Solutions MFPs and printers allows a remote authenticated attacker with an administrative privilege to inject arbitrary script. Affected products/versions are as follows: TASKalfa 7550ci/6550ci, TASKalfa 5550ci/4550ci/3550ci/3050ci, TASKalfa 255c/205c, TASKalfa 256ci/206ci, ECOSYS M6526cdn/M6526cidn, FS-C2126MFP/C2126MFP+/C2026MFP/C2026MFP+, TASKalfa 8000i/6500i, TASKalfa 5500i/4500i/3500i, TASKalfa 305/255, TASKalfa 306i/256i, LS-3140MFP/3140MFP+/3640MFP, ECOSYS M2535dn, LS-1135MFP/1035MFP, LS-C8650DN/C8600DN, ECOSYS P6026cdn, FS-C5250DN, LS-4300DN/4200DN/2100DN, ECOSYS P4040dn, ECOSYS P2135dn, and FS-1370DN.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41830&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-41830]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41830') [MISC]('https://www.kyoceradocumentsolutions.co.jp/support/information/info_20221101.html') [MISC]('https://jvn.jp/en/jp/JVN46345126/index.html') [MISC]('https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2022-11-01.html')[/TD] [/TR] [TR] [TD][LEFT]lazy_mouse_project -- lazy_mouse[/LEFT][/TD] [TD][LEFT]Lazy Mouse allows an attacker (in a man in the middle position between the server and a connected device) to see all data (including keypresses) in cleartext. CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][5.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45483&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-45483]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45483') [MISC]('https://www.synopsys.com/blogs/software-security/cyrc-advisory-remote-code-execution-vulnerabilities-mouse-keyboard-apps/')[/TD] [/TR] [TR] [TD][LEFT]linux -- linux_kernel[/LEFT][/TD] [TD][LEFT]A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action "mirred") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in use (TCP or SCTP) does a retransmission, resulting in a denial of service condition.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4269&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-4269]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4269') [MISC]('https://lore.kernel.org/netdev/33dc43f587ec1388ba456b4915c75f02a8aae226.1663945716.git.dcaratti@redhat.com/')[/TD] [/TR] [TR] [TD][LEFT]mingsoft -- mcms[/LEFT][/TD] [TD][LEFT]A vulnerability, which was classified as problematic, was found in Mingsoft MCMS 5.2.8. Affected is an unknown function of the file search.do. The manipulation of the argument content_title leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-215112.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4350&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4350]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4350') [MISC]('https://vuldb.com/?id.215112') [MISC]('https://gitee.com/mingSoft/MCMS/issues/I5MT8Y')[/TD] [/TR] [TR] [TD][LEFT]oceanwp -- sticky_header[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Oceanwp sticky header plugin <= 1.0.8 on WordPress.[/LEFT][/TD] [TD][CENTER]2022-12-04[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-35730&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-35730]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-35730') [MISC]('https://patchstack.com/database/vulnerability/sticky-header-oceanwp/wordpress-oceanwp-sticky-header-plugin-1-0-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]online_leave_management_system_project -- online_leave_management_system[/LEFT][/TD] [TD][LEFT]Online Leave Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the component /leave_system/admin/?page=maintenance/department. This vulnerability allows attackers to execute arbitrary web scripts or HTML via crafted payload injected into the Name field under the Create New module.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45008&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-45008]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45008') [MISC]('https://github.com/realguoxiufeng/bug_report/blob/main/vendors/oretnom23/Online%20Leave%20Management%20System/XSS-1.md')[/TD] [/TR] [TR] [TD][LEFT]openrazer_project -- openrazer[/LEFT][/TD] [TD][LEFT]OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. Using a modified USB device an attacker can leak stack addresses of the [ICODE]razer_attr_read_dpi_stages[/ICODE], potentially bypassing KASLR. To exploit this vulnerability an attacker would need to access to a users keyboard or mouse or would need to convince a user to use a modified device. The issue has been patched in v3.5.1. Users are advised to upgrade and should be reminded not to plug in unknown USB devices.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][4.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23467&vector=CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-23467]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23467') [MISC]('https://github.com/openrazer/openrazer/security/advisories/GHSA-39hg-jvc9-fg7h') [MISC]('https://github.com/openrazer/openrazer/commit/33aa7f07d54ae066f201c6d298cb4a2181cb90e6')[/TD] [/TR] [TR] [TD][LEFT]pinterest -- querybook[/LEFT][/TD] [TD][LEFT]Querybook is an open source data querying UI. In affected versions user provided data is not escaped in the error field of the auth callback url in [ICODE]querybook/server/app/auth/oauth_auth.py[/ICODE] and [ICODE]querybook/server/app/auth/okta_auth.py[/ICODE]. This may allow attackers to perform reflected cross site scripting (XSS) if Content Security Policy (CSP) is not enabled or [ICODE]unsafe-inline[/ICODE] is allowed. Users are advised to upgrade to the latest, patched version of querybook (version 3.14.2 or greater). Users unable to upgrade may enable CSP and not allow unsafe-inline or manually escape query parameters in a reverse proxy.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46151&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-46151]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46151') [MISC]('https://github.com/pinterest/querybook/security/advisories/GHSA-mrrw-9wf7-xq6w') [MISC]('https://github.com/pinterest/querybook/commit/88a7f10495bf5ed1a556ade51a2f2794e403c063')[/TD] [/TR] [TR] [TD][LEFT]pwn_project -- pwn[/LEFT][/TD] [TD][LEFT]A vulnerability classified as problematic has been found in CTF-hacker pwn. This affects an unknown part of the file delete.html. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-215109 was assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][6.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4349&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-4349]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4349') [N/A]('https://vuldb.com/?id.215109') [N/A]('https://gitee.com/CTF-hacker/pwn/issues/I5WAAB')[/TD] [/TR] [TR] [TD][LEFT]rapidscada -- rapid_scada[/LEFT][/TD] [TD][LEFT]Rapid Software LLC Rapid SCADA 5.8.4 is vulnerable to Cross Site Scripting (XSS).[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44153&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44153]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44153') [MISC]('https://nitroteam.kz/index.php?action=researches&slug=CVE-2022-44153-Rapid-SCADA-ru')[/TD] [/TR] [TR] [TD][LEFT]ricoh -- aficio_sp_4210n_firmware[/LEFT][/TD] [TD][LEFT]Cross-site scripting vulnerability in Aficio SP 4210N firmware versions prior to Web Support 1.05 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37406&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-37406]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37406') [MISC]('https://jvn.jp/en/jp/JVN24659622/index.html') [MISC]('https://support.ricoh.com/bb/html/dr_ut_e/rc3/model/sp42/sp42.htm') [MISC]('https://support.ricoh.com/bbv2/html/dr_ut_d/ipsio/history/w/bb/pub_j/dr_ut_d/4101044/4101044791/V101/5236968/redirect_CLUTool_DOM/history.htm')[/TD] [/TR] [TR] [TD][LEFT]rukovoditel -- rukovoditel[/LEFT][/TD] [TD][LEFT]Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add Announcement function at /index.php?module=help_pages/pages&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44944&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44944]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44944') [MISC]('https://github.com/anhdq201/rukovoditel/issues/14') [MISC]('http://rukovoditel.com')[/TD] [/TR] [TR] [TD][LEFT]rukovoditel -- rukovoditel[/LEFT][/TD] [TD][LEFT]Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add Page function at /index.php?module=help_pages/pages&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44946&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44946]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44946') [MISC]('https://github.com/anhdq201/rukovoditel/issues/15') [MISC]('http://rukovoditel.com')[/TD] [/TR] [TR] [TD][LEFT]rukovoditel -- rukovoditel[/LEFT][/TD] [TD][LEFT]Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Highlight Row feature at /index.php?module=entities/listing_types&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Note field after clicking "Add".[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44947&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44947]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44947') [MISC]('https://github.com/anhdq201/rukovoditel/issues/13') [MISC]('http://rukovoditel.com')[/TD] [/TR] [TR] [TD][LEFT]rukovoditel -- rukovoditel[/LEFT][/TD] [TD][LEFT]Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Entities Group feature at/index.php?module=entities/entities_groups. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field after clicking "Add".[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44948&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44948]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44948') [MISC]('https://github.com/anhdq201/rukovoditel/issues/8') [MISC]('http://rukovoditel.com')[/TD] [/TR] [TR] [TD][LEFT]rukovoditel -- rukovoditel[/LEFT][/TD] [TD][LEFT]Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add New Field function at /index.php?module=entities/fields&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Short Name field.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44949&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44949]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44949') [MISC]('https://github.com/anhdq201/rukovoditel/issues/12') [MISC]('http://rukovoditel.com')[/TD] [/TR] [TR] [TD][LEFT]rukovoditel -- rukovoditel[/LEFT][/TD] [TD][LEFT]Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add New Field function at /index.php?module=entities/fields&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44950&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44950]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44950') [MISC]('http://rukovoditel.com') [MISC]('https://github.com/anhdq201/rukovoditel/issues/10')[/TD] [/TR] [TR] [TD][LEFT]rukovoditel -- rukovoditel[/LEFT][/TD] [TD][LEFT]Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add New Form tab function at /index.php?module=entities/forms&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44951&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44951]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44951') [MISC]('https://github.com/anhdq201/rukovoditel/issues/11') [MISC]('http://rukovoditel.com')[/TD] [/TR] [TR] [TD][LEFT]rukovoditel -- rukovoditel[/LEFT][/TD] [TD][LEFT]Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in /index.php?module=configuration/application. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Copyright Text field after clicking "Add".[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44952&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44952]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44952') [MISC]('https://github.com/anhdq201/rukovoditel/issues/9') [MISC]('http://rukovoditel.com')[/TD] [/TR] [TR] [TD][LEFT]ruoyi -- ruoyi-cloud[/LEFT][/TD] [TD][LEFT]A vulnerability was found in y_project RuoYi-Cloud. It has been rated as problematic. Affected by this issue is some unknown functionality of the component JSON Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-215108.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4348&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-4348]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4348') [N/A]('https://gitee.com/y_project/RuoYi-Cloud/issues/I5IRC8') [N/A]('https://vuldb.com/?id.215108')[/TD] [/TR] [TR] [TD][LEFT]salonbookingsystem -- salon_booking_system[/LEFT][/TD] [TD][LEFT]Cross-site scripting vulnerability in Salon booking system versions prior to 7.9 allows a remote unauthenticated attacker to inject an arbitrary script.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43487&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-43487]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43487') [MISC]('https://www.salonbookingsystem.com/') [MISC]('https://wordpress.org/plugins/salon-booking-system/') [MISC]('https://jvn.jp/en/jp/JVN59663854/index.html')[/TD] [/TR] [TR] [TD][LEFT]sangoma -- asterisk[/LEFT][/TD] [TD][LEFT]An issue was discovered in Sangoma Asterisk through 16.28, 17 and 18 through 18.14, 19 through 19.6, and certified through 18.9-cert1. GetConfig, via Asterisk Manager Interface, allows a connected application to access files outside of the asterisk configuration directory, aka Directory Traversal.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][4.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42706&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-42706]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42706') [MISC]('https://downloads.asterisk.org/pub/security/AST-2022-009.html')[/TD] [/TR] [TR] [TD][LEFT]sangoma -- certified_asterisk[/LEFT][/TD] [TD][LEFT]A use-after-free in res_pjsip_pubsub.c in Sangoma Asterisk 16.28, 18.14, 19.6, and certified/18.9-cert2 may allow a remote authenticated attacker to crash Asterisk (denial of service) by performing activity on a subscription via a reliable transport at the same time that Asterisk is also performing activity on that subscription.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42705&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-42705]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42705') [MISC]('https://downloads.asterisk.org/pub/security/AST-2022-008.html')[/TD] [/TR] [TR] [TD][LEFT]ss-proj -- shirasagi[/LEFT][/TD] [TD][LEFT]Open redirect vulnerability in SHIRASAGI v1.14.4 to v1.15.0 allows a remote unauthenticated attacker to redirect users to an arbitrary web site and conduct a phishing attack.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43479&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-43479]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43479') [MISC]('https://jvn.jp/en/jp/JVN86350682/index.html') [MISC]('https://www.ss-proj.org/support/928.html') [MISC]('https://www.ss-proj.org/') [MISC]('https://github.com/shirasagi/shirasagi')[/TD] [/TR] [TR] [TD][LEFT]ss-proj -- shirasagi[/LEFT][/TD] [TD][LEFT]Stored cross-site scripting vulnerability in SHIRASAGI versions prior to v1.16.2 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43499&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-43499]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43499') [MISC]('https://jvn.jp/en/jp/JVN86350682/index.html') [MISC]('https://www.ss-proj.org/support/928.html') [MISC]('https://www.ss-proj.org/') [MISC]('https://github.com/shirasagi/shirasagi')[/TD] [/TR] [TR] [TD][LEFT]stackstorm -- stackstorm[/LEFT][/TD] [TD][LEFT]Cross-site scripting (XSS) vulnerability in the Web UI of StackStorm versions prior to 3.8.0 allowed logged in users with write access to pack rules to inject arbitrary script or HTML that may be executed in Web UI for other logged in users.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43706&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-43706]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43706') [MISC]('https://stackstorm.com/2022/12/v3-8-0-released/')[/TD] [/TR] [TR] [TD][LEFT]telegram -- telegram[/LEFT][/TD] [TD][LEFT]** DISPUTED ** Telegram Web 15.3.1 allows XSS via a certain payload derived from a Target Corporation website. NOTE: some third parties have been unable to discern any relationship between the Pastebin information and a possible XSS finding.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43363&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-43363]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43363') [MISC]('https://pastebin.com/72MRwNXW') [MISC]('https://bugs.telegram.org/c/17831')[/TD] [/TR] [TR] [TD][LEFT]telepad-app -- telepad[/LEFT][/TD] [TD][LEFT]Telepad allows an attacker (in a man-in-the-middle position between the server and a connected device) to see all data (including keypresses) in cleartext. CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][5.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45478&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-45478]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45478') [MISC]('https://www.synopsys.com/blogs/software-security/cyrc-advisory-remote-code-execution-vulnerabilities-mouse-keyboard-apps/')[/TD] [/TR] [TR] [TD][LEFT]teler_project -- teler[/LEFT][/TD] [TD][LEFT]teler is an real-time intrusion detection and threat alert dashboard. teler prior to version 2.0.0-rc.4 is vulnerable to DOM-based cross-site scripting (XSS) in the teler dashboard. When teler requests messages from the event stream on the [ICODE]/events[/ICODE] endpoint, the log data displayed on the dashboard are not sanitized. This only affects authenticated users and can only be exploited based on detected threats if the log contains a DOM scripting payload. This vulnerability has been fixed on version [ICODE]v2.0.0-rc.4[/ICODE]. Users are advised to upgrade. There are no known workarounds for this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23466&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-23466]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23466') [MISC]('https://github.com/kitabisa/teler/commit/20f59eda2420ac64e29f199a61230a0abc875e8e') [MISC]('https://github.com/kitabisa/teler/security/advisories/GHSA-xr7p-8q82-878q')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ac6_firmware[/LEFT][/TD] [TD][LEFT]Tenda AC6V1.0 V15.03.05.19 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45673&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45673]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45673') [MISC]('https://github.com/ConfusedChenSir/VulnerabilityProjectRecords/blob/main/fromSysToolRestoreSet/fromSysToolRestoreSet.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ac6_firmware[/LEFT][/TD] [TD][LEFT]Tenda AC6V1.0 V15.03.05.19 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45674&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45674]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45674') [MISC]('https://github.com/ConfusedChenSir/VulnerabilityProjectRecords/blob/main/fromSysToolReboot/fromSysToolReboot.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- i22_firmware[/LEFT][/TD] [TD][LEFT]Tenda i22 V1.0.0.3(4687) is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45667&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45667]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45667') [MISC]('https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_i22/fromSysToolRestoreSet/fromSysToolRestoreSet.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- i22_firmware[/LEFT][/TD] [TD][LEFT]Tenda i22 V1.0.0.3(4687) is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45668&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45668]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45668') [MISC]('https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_i22/fromSysToolReboot/fromSysToolReboot.md')[/TD] [/TR] [TR] [TD][LEFT]themeum -- wp_page_builder[/LEFT][/TD] [TD][LEFT]The WP Page Builder WordPress plugin through 1.2.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3830&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3830]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3830') [MISC]('https://wpscan.com/vulnerability/98b2321d-fb66-4e02-9906-63af7b08d647')[/TD] [/TR] [TR] [TD][LEFT]tibco -- nimbus[/LEFT][/TD] [TD][LEFT]The Statement Set Upload via the Web Client component of TIBCO Software Inc.'s TIBCO Nimbus contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute a Denial of Service Attack on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO Nimbus: version 10.5.0.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41560&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41560]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41560') [CONFIRM]('https://www.tibco.com/services/support/advisories')[/TD] [/TR] [TR] [TD][LEFT]tomexam -- tomexam[/LEFT][/TD] [TD][LEFT]Cross Site Scripting (XSS) vulnerability in TomExam 3.0 via p_name parameter to list.thtml.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-34181&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2021-34181]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-34181') [MISC]('https://www.cnblogs.com/mrhonest/p/16949304.html')[/TD] [/TR] [TR] [TD][LEFT]tp-link -- re3000_firmware[/LEFT][/TD] [TD][LEFT]tdpServer of TP-Link RE300 V1 improperly processes its input, which may allow an attacker to cause a denial-of-service (DoS) condition of the product's OneMesh function.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41783&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41783]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41783') [MISC]('https://www.tp-link.com/en/support/download/re300/v1/#Firmware') [MISC]('https://jvn.jp/en/jp/JVN29657972/index.html')[/TD] [/TR] [TR] [TD][LEFT]tp-link -- tl-wr740n_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability classified as problematic has been found in TP-Link TL-WR740N. Affected is an unknown function of the component ARP Handler. The manipulation leads to resource consumption. The attack needs to be done within the local network. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214812.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4296&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-4296]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4296') [MISC]('https://vuldb.com/?id.214812') [MISC]('https://www.youtube.com/watch?v=D--fb-cesmA')[/TD] [/TR] [TR] [TD][LEFT]user_registration_\&[I]user_management_system_project -- user_registration[/I]\&_user_management_system[/LEFT][/TD] [TD][LEFT]Phpgurukul User Registration & User Management System v3.0 was discovered to contain multiple stored cross-site scripting (XSS) vulnerabilities via the firstname and lastname parameters of the registration form & login pages.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43097&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-43097]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43097') [MISC]('https://github.com/nibin-m/CVE-2022-43097')[/TD] [/TR] [TR] [TD][LEFT]vim -- vim[/LEFT][/TD] [TD][LEFT]Floating Point Comparison with Incorrect Operator in GitHub repository vim/vim prior to 9.0.0804.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4293&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-4293]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4293') [CONFIRM]('https://huntr.dev/bounties/385a835f-6e33-4d00-acce-ac99f3939143') [MISC]('https://github.com/vim/vim/commit/cdef1cefa2a440911c727558562f83ed9b00e16b')[/TD] [/TR] [TR] [TD][LEFT]webtareas_project -- webtareas[/LEFT][/TD] [TD][LEFT]webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /linkedcontent/listfiles.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field after clicking "Add".[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44953&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44953]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44953') [MISC]('https://github.com/anhdq201/webtareas/issues/8') [MISC]('http://webtareas.com')[/TD] [/TR] [TR] [TD][LEFT]webtareas_project -- webtareas[/LEFT][/TD] [TD][LEFT]webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /contacts/listcontacts.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Last Name field after clicking "Add".[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44954&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44954]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44954') [MISC]('https://github.com/anhdq201/webtareas/issues/10') [MISC]('http://webtareas.com')[/TD] [/TR] [TR] [TD][LEFT]webtareas_project -- webtareas[/LEFT][/TD] [TD][LEFT]webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the Chat function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Messages field.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44955&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44955]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44955') [MISC]('http://webtareas.com') [MISC]('https://github.com/anhdq201/webtareas/issues/5')[/TD] [/TR] [TR] [TD][LEFT]webtareas_project -- webtareas[/LEFT][/TD] [TD][LEFT]webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /projects/listprojects.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44956&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44956]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44956') [MISC]('http://webtareas.com') [MISC]('https://github.com/anhdq201/webtareas/issues/3')[/TD] [/TR] [TR] [TD][LEFT]webtareas_project -- webtareas[/LEFT][/TD] [TD][LEFT]webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /clients/listclients.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44957&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44957]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44957') [MISC]('http://webtareas.com') [MISC]('https://github.com/anhdq201/webtareas/issues/11')[/TD] [/TR] [TR] [TD][LEFT]webtareas_project -- webtareas[/LEFT][/TD] [TD][LEFT]webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /meetings/listmeetings.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44959&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44959]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44959') [MISC]('http://webtareas.com') [MISC]('https://github.com/anhdq201/webtareas/issues/6')[/TD] [/TR] [TR] [TD][LEFT]webtareas_project -- webtareas[/LEFT][/TD] [TD][LEFT]webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /general/search.php?searchtype=simple. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search field.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44960&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44960]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44960') [MISC]('http://webtareas.com') [MISC]('https://github.com/anhdq201/webtareas/issues/4')[/TD] [/TR] [TR] [TD][LEFT]webtareas_project -- webtareas[/LEFT][/TD] [TD][LEFT]webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /forums/editforum.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44961&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44961]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44961') [MISC]('https://github.com/anhdq201/webtareas/issues/7') [MISC]('http://webtareas.com')[/TD] [/TR] [TR] [TD][LEFT]webtareas_project -- webtareas[/LEFT][/TD] [TD][LEFT]webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /calendar/viewcalendar.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Subject field.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44962&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44962]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44962') [MISC]('http://webtareas.com') [MISC]('https://github.com/anhdq201/webtareas/issues/12')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-site scripting vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to inject an arbitrary script .[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43497&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-43497]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43497') [MISC]('https://wordpress.org/news/2022/10/wordpress-6-0-3-security-release/') [MISC]('https://jvn.jp/en/jp/JVN09409909/index.html') [MISC]('https://wordpress.org/download/')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-site scripting vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to inject an arbitrary script .[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43500&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-43500]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43500') [MISC]('https://wordpress.org/news/2022/10/wordpress-6-0-3-security-release/') [MISC]('https://jvn.jp/en/jp/JVN09409909/index.html') [MISC]('https://wordpress.org/download/')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Improper authentication vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to obtain the email address of the user who posted a blog using the WordPress Post by Email Feature.[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43504&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-43504]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43504') [MISC]('https://wordpress.org/news/2022/10/wordpress-6-0-3-security-release/') [MISC]('https://jvn.jp/en/jp/JVN09409909/index.html') [MISC]('https://wordpress.org/download/')[/TD] [/TR] [TR] [TD][LEFT]wp-ecommerce -- easy_wp_smtp[/LEFT][/TD] [TD][LEFT]Auth. Path Traversal vulnerability in Easy WP SMTP plugin <= 1.5.1 on WordPress.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45833&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-45833]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45833') [MISC]('https://patchstack.com/database/vulnerability/easy-wp-smtp/wordpress-easy-wp-smtp-plugin-1-5-1-auth-arbitrary-file-read-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wp-oauth -- wp_oauth_server[/LEFT][/TD] [TD][LEFT]The WP OAuth Server (OAuth Authentication) WordPress plugin before 3.4.2 does not have CSRF check when regenerating secrets, which could allow attackers to make logged in admins regenerate the secret of an arbitrary client given they know the client ID[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3926&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-3926]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3926') [MISC]('https://wpscan.com/vulnerability/e1fcde2a-91a5-40cb-876b-884f01c80336')[/TD] [/TR] [TR] [TD][LEFT]wp-oauth -- wp_oauth_server[/LEFT][/TD] [TD][LEFT]The WP OAuth Server (OAuth Authentication) WordPress plugin before 4.2.2 does not sanitize and escape Client IDs, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3892&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3892]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3892') [MISC]('https://wpscan.com/vulnerability/33dddaec-a32a-4fce-89d6-164565be13e1')[/TD] [/TR] [TR] [TD][LEFT]wpmanage -- uji_countdown[/LEFT][/TD] [TD][LEFT]The Uji Countdown WordPress plugin through 2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3837&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3837]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3837') [MISC]('https://wpscan.com/vulnerability/8554ca79-5a4b-49df-a75f-5faa4136bb8c')[/TD] [/TR] [TR] [TD][LEFT]wpupper_share_buttons_project -- wpupper_share_buttons[/LEFT][/TD] [TD][LEFT]The WPUpper Share Buttons WordPress plugin through 3.42 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).[/LEFT][/TD] [TD][CENTER]2022-12-05[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3838&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3838]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3838') [MISC]('https://wpscan.com/vulnerability/2dc82bd7-651f-4af0-ad2a-c20a38eea0d0')[/TD] [/TR] [TR] [TD][LEFT]xylusthemes -- wp_smart_import[/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Xylus Themes WP Smart Import plugin <= 1.0.2 on WordPress.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40209&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-40209]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40209') [MISC]('https://patchstack.com/database/vulnerability/wp-smart-import/wordpress-importer-plugin-1-0-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]zyxel -- atp800_firmware[/LEFT][/TD] [TD][LEFT]A cross-site scripting (XSS) vulnerability in the CGI program of Zyxel ZyWALL/USG series firmware versions 4.30 through 4.72, VPN series firmware versions 4.30 through 5.31, USG FLEX series firmware versions 4.50 through 5.31, and ATP series firmware versions 4.32 through 5.31, which could allow an attacker to trick a user into visiting a crafted URL with the XSS payload. Then, the attacker could gain access to some browser-based information if the malicious script is executed on the victim’s browser.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40603&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-40603]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40603') [CONFIRM]('https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-xss-vulnerability-in-firewalls')[/TD] [/TR] [TR] [TD][LEFT]zzcms -- zzcms[/LEFT][/TD] [TD][LEFT]An issue was discovered in ZZCMS 2022. There is a cross-site scripting (XSS) vulnerability in admin/ad_list.php.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44361&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44361]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44361') [MISC]('https://github.com/cri1stur/ZZcms/issues/1')[/TD] [/TR] [/TABLE][/CENTER] [Back to top]('https://us-cert.cisa.gov#top')

Low Vulnerabilities

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]Improper access control vulnerability in ContactListStartActivityHelper in Phone prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39894&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-39894]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39894') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=12')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]Improper access control vulnerability in ContactListUtils in Phone prior to SMR Dec-2022 Release 1 allows to access contact group information via implicit intent.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39895&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-39895]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39895') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=12')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]Improper access control vulnerabilities in Contacts prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39896&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-39896]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39896') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=12')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42757&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L')[/CENTER][/TD] [TD][CVE-2022-42757]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42757') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42758&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L')[/CENTER][/TD] [TD][CVE-2022-42758]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42758') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42767&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L')[/CENTER][/TD] [TD][CVE-2022-42767]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42767') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42769&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L')[/CENTER][/TD] [TD][CVE-2022-42769]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42769') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006')[/TD] [/TR] [TR] [TD][LEFT]hitachi -- jp1\/automatic_operation[/LEFT][/TD] [TD][LEFT]Generation of Error Message Containing Sensitive Information vulnerability in Hitachi JP1/Automatic Operation allows local users to gain sensitive information. This issue affects JP1/Automatic Operation: from 10-00 through 10-54-03, from 11-00 before 11-51-09, from 12-00 before 12-60-01.[/LEFT][/TD] [TD][CENTER]2022-12-06[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-34881&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-34881]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-34881') [MISC]('https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2022-140/index.html')[/TD] [/TR] [TR] [TD][LEFT]m-files -- m-files_server[/LEFT][/TD] [TD][LEFT]Incorrect privilege assignment issue in M-Files Web in M-Files Web versions before 22.5.11436.1 could have changed permissions accidentally.[/LEFT][/TD] [TD][CENTER]2022-12-02[/CENTER][/TD] [TD][CENTER][2.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4270&vector=CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-4270]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4270') [MISC]('https://www.m-files.com/about/trust-center/security-advisories/cve-2022-4270/')[/TD] [/TR] [/TABLE][/CENTER] [Back to top]('https://us-cert.cisa.gov#top')

Severity Not Yet Assigned

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD][LEFT]akeneo_pim -- akeneo_pim[/LEFT][/TD] [TD][LEFT]Akeneo PIM is an open source Product Information Management (PIM). Akeneo PIM Community Edition versions before v5.0.119 and v6.0.53 allows remote authenticated users to execute arbitrary PHP code on the server by uploading a crafted image. Akeneo PIM Community Edition after the versions aforementioned provides patched Apache HTTP server configuration file, for docker setup and in documentation sample, to fix this vulnerability. Community Edition users must change their Apache HTTP server configuration accordingly to be protected. The patch for Cloud Based Akeneo PIM Services customers has been applied since 30th October 2022. Users are advised to upgrade. Users unable to upgrade may Replace any reference to [ICODE][/ICODE] in their apache httpd configurations with: [ICODE][/ICODE].[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-46157]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46157') [MISC]('https://github.com/akeneo/pim-community-dev/blob/b4d79bb073c8b68ea26ab227c97cc78d86c4cba1/docker/httpd.conf#L39') [MISC]('https://github.com/akeneo/pim-community-dev/security/advisories/GHSA-w9wc-4xcq-8gr6')[/TD] [/TR] [TR] [TD][LEFT]apache -- manifoldcf[/LEFT][/TD] [TD][LEFT]Improper neutralization of special elements used in an LDAP query ('LDAP Injection') vulnerability in ActiveDirectory and Sharepoint ActiveDirectory authority connectors of Apache ManifoldCF allows an attacker to manipulate the LDAP search queries (DoS, additional queries, filter manipulation) during user lookup, if the username or the domain string are passed to the UserACLs servlet without validation. This issue affects Apache ManifoldCF version 2.23 and prior versions.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-45910]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45910') [MISC]('https://lists.apache.org/thread/m693p0dq6jvwwvmy2wnhj6k854z0s444')[/TD] [/TR] [TR] [TD][LEFT]aruba -- airwave_management_platform[/LEFT][/TD] [TD][LEFT]Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls. These vulnerabilities could allow a remote attacker with limited privileges to gain access to sensitive information and/or change network configurations with privileges at a higher effective level in Aruba AirWave Management Platform version(s): 8.2.15.0 and below.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-37916]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37916') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-019.txt')[/TD] [/TR] [TR] [TD][LEFT]aruba -- airwave_management_platform[/LEFT][/TD] [TD][LEFT]Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls. These vulnerabilities could allow a remote attacker with limited privileges to gain access to sensitive information and/or change network configurations with privileges at a higher effective level in Aruba AirWave Management Platform version(s): 8.2.15.0 and below.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-37917]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37917') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-019.txt')[/TD] [/TR] [TR] [TD][LEFT]aruba -- airwave_management_platform[/LEFT][/TD] [TD][LEFT]Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls. These vulnerabilities could allow a remote attacker with limited privileges to gain access to sensitive information and/or change network configurations with privileges at a higher effective level in Aruba AirWave Management Platform version(s): 8.2.15.0 and below.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-37918]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37918') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-019.txt')[/TD] [/TR] [TR] [TD][LEFT]automotive_shop_management_system -- automotive_shop_management_system[/LEFT][/TD] [TD][LEFT]Automotive Shop Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /services/view_service.php.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-44838]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44838') [MISC]('https://github.com/GkaMei/bug_report/blob/main/vendors/oretnom23/automotive-shop-management-system/SQLi-1.md')[/TD] [/TR] [TR] [TD][LEFT]baota -- baota[/LEFT][/TD] [TD][LEFT]In BAOTA linux panel there exists a stored xss vulnerability attackers can use to obtain sensitive information via the log analysis feature.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-4336]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4336') [MISC]('https://mlux.cc/index.php/archives/100/')[/TD] [/TR] [TR] [TD][LEFT]basercms -- basercms[/LEFT][/TD] [TD][LEFT]Stored cross-site scripting vulnerability in Permission Settings of baserCMS versions prior to 4.7.2 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-41994]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41994') [MISC]('https://basercms.net/security/JVN_53682526') [MISC]('https://jvn.jp/en/jp/JVN53682526/index.html')[/TD] [/TR] [TR] [TD][LEFT]basercms -- basercms[/LEFT][/TD] [TD][LEFT]Stored cross-site scripting vulnerability in User group management of baserCMS versions prior to 4.7.2 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-42486]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42486') [MISC]('https://basercms.net/security/JVN_53682526') [MISC]('https://jvn.jp/en/jp/JVN53682526/index.html')[/TD] [/TR] [TR] [TD][LEFT]broadcom -- brocade_fabric_os[/LEFT][/TD] [TD][LEFT]A vulnerability in Brocade Fabric OS software v9.1.1, v9.0.1e, v8.2.3c, v7.4.2j, and earlier versions could allow a remote unauthenticated attacker to execute on a Brocade Fabric OS switch commands capable of modifying zoning, disabling the switch, disabling ports, and modifying the switch IP address.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-33186]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-33186') [MISC]('https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2121')[/TD] [/TR] [TR] [TD][LEFT]broadcom -- brocade_sannav[/LEFT][/TD] [TD][LEFT]Brocade SANnav before v2.2.1 logs usernames and encoded passwords in debug-enabled logs. The vulnerability could allow an attacker with admin privilege to read sensitive information.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-33187]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-33187') [MISC]('https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2122')[/TD] [/TR] [TR] [TD][LEFT]broadcom -- symantec_messaging_gateway[/LEFT][/TD] [TD][LEFT]An authenticated user who has the privilege to add/edit annotations on the Content tab, can craft a malicious annotation that can be executed on the annotations page (Annotation Text Column)[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-25629]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-25629') [MISC]('https://support.broadcom.com/external/content/SecurityAdvisories/0/21115')[/TD] [/TR] [TR] [TD][LEFT]broadcom -- symantec_messaging_gateway[/LEFT][/TD] [TD][LEFT]An authenticated user can embed malicious content with XSS into the admin group policy page.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-25630]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-25630') [MISC]('https://support.broadcom.com/external/content/SecurityAdvisories/0/21117')[/TD] [/TR] [TR] [TD][LEFT]buffalo_inc -- multiple_products[/LEFT][/TD] [TD][LEFT]Hidden functionality vulnerability in multiple Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command. The affected products/versions are as follows: WCR-300 firmware Ver. 1.87 and earlier, WHR-HP-G300N firmware Ver. 2.00 and earlier, WHR-HP-GN firmware Ver. 1.87 and earlier, WPL-05G300 firmware Ver. 1.88 and earlier, WZR-300HP firmware Ver. 2.00 and earlier, WZR-450HP firmware Ver. 2.00 and earlier, WZR-600DHP firmware Ver. 2.00 and earlier, WZR-900DHP firmware Ver. 1.15 and earlier, WZR-HP-AG300H firmware Ver. 1.76 and earlier, WZR-HP-G302H firmware Ver. 1.86 and earlier, WLAE-AG300N firmware Ver. 1.86 and earlier, FS-600DHP firmware Ver. 3.40 and earlier, FS-G300N firmware Ver. 3.14 and earlier, FS-HP-G300N firmware Ver. 3.33 and earlier, FS-R600DHP firmware Ver. 3.40 and earlier, BHR-4GRV firmware Ver. 2.00 and earlier, DWR-HP-G300NH firmware Ver. 1.84 and earlier, DWR-PG firmware Ver. 1.83 and earlier, HW-450HP-ZWE firmware Ver. 2.00 and earlier, WER-A54G54 firmware Ver. 1.43 and earlier, WER-AG54 firmware Ver. 1.43 and earlier, WER-AM54G54 firmware Ver. 1.43 and earlier, WER-AMG54 firmware Ver. 1.43 and earlier, WHR-300 firmware Ver. 2.00 and earlier, WHR-300HP firmware Ver. 2.00 and earlier, WHR-AM54G54 firmware Ver. 1.43 and earlier, WHR-AMG54 firmware Ver. 1.43 and earlier, WHR-AMPG firmware Ver. 1.52 and earlier, WHR-G firmware Ver. 1.49 and earlier, WHR-G300N firmware Ver. 1.65 and earlier, WHR-G301N firmware Ver. 1.87 and earlier, WHR-G54S firmware Ver. 1.43 and earlier, WHR-G54S-NI firmware Ver. 1.24 and earlier, WHR-HP-AMPG firmware Ver. 1.43 and earlier, WHR-HP-G firmware Ver. 1.49 and earlier, WHR-HP-G54 firmware Ver. 1.43 and earlier, WLI-H4-D600 firmware Ver. 1.88 and earlier, WLI-TX4-AG300N firmware Ver. 1.53 and earlier, WS024BF firmware Ver. 1.60 and earlier, WS024BF-NW firmware Ver. 1.60 and earlier, WZR2-G108 firmware Ver. 1.33 and earlier, WZR2-G300N firmware Ver. 1.55 and earlier, WZR-450HP-CWT firmware Ver. 2.00 and earlier, WZR-450HP-UB firmware Ver. 2.00 and earlier, WZR-600DHP2 firmware Ver. 1.15 and earlier, WZR-AGL300NH firmware Ver. 1.55 and earlier, WZR-AMPG144NH firmware Ver. 1.49 and earlier, WZR-AMPG300NH firmware Ver. 1.51 and earlier, WZR-D1100H firmware Ver. 2.00 and earlier, WZR-G144N firmware Ver. 1.48 and earlier, WZR-G144NH firmware Ver. 1.48 and earlier, WZR-HP-G300NH firmware Ver. 1.84 and earlier, WZR-HP-G301NH firmware Ver. 1.84 and earlier, and WZR-HP-G450H firmware Ver. 1.90 and earlier.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-39044]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39044') [MISC]('https://jvn.jp/en/vu/JVNVU92805279/index.html') [MISC]('https://www.buffalo.jp/news/detail/20221003-01.html')[/TD] [/TR] [TR] [TD][LEFT]buffalo_inc -- multiple_products[/LEFT][/TD] [TD][LEFT]Authentication bypass vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to bypass authentication and access the device. The affected products/versions are as follows: WCR-300 firmware Ver. 1.87 and earlier, WHR-HP-G300N firmware Ver. 2.00 and earlier, WHR-HP-GN firmware Ver. 1.87 and earlier, WPL-05G300 firmware Ver. 1.88 and earlier, WRM-D2133HP firmware Ver. 2.85 and earlier, WRM-D2133HS firmware Ver. 2.96 and earlier, WTR-M2133HP firmware Ver. 2.85 and earlier, WTR-M2133HS firmware Ver. 2.96 and earlier, WXR-1900DHP firmware Ver. 2.50 and earlier, WXR-1900DHP2 firmware Ver. 2.59 and earlier, WXR-1900DHP3 firmware Ver. 2.63 and earlier, WXR-5950AX12 firmware Ver. 3.40 and earlier, WXR-6000AX12B firmware Ver. 3.40 and earlier, WXR-6000AX12S firmware Ver. 3.40 and earlier, WZR-300HP firmware Ver. 2.00 and earlier, WZR-450HP firmware Ver. 2.00 and earlier, WZR-600DHP firmware Ver. 2.00 and earlier, WZR-900DHP firmware Ver. 1.15 and earlier, WZR-1750DHP2 firmware Ver. 2.31 and earlier, WZR-HP-AG300H firmware Ver. 1.76 and earlier, WZR-HP-G302H firmware Ver. 1.86 and earlier, WEM-1266 firmware Ver. 2.85 and earlier, WEM-1266WP firmware Ver. 2.85 and earlier, WLAE-AG300N firmware Ver. 1.86 and earlier, FS-600DHP firmware Ver. 3.40 and earlier, FS-G300N firmware Ver. 3.14 and earlier, FS-HP-G300N firmware Ver. 3.33 and earlier, FS-R600DHP firmware Ver. 3.40 and earlier, BHR-4GRV firmware Ver. 2.00 and earlier, DWR-HP-G300NH firmware Ver. 1.84 and earlier, DWR-PG firmware Ver. 1.83 and earlier, HW-450HP-ZWE firmware Ver. 2.00 and earlier, WER-A54G54 firmware Ver. 1.43 and earlier, WER-AG54 firmware Ver. 1.43 and earlier, WER-AM54G54 firmware Ver. 1.43 and earlier, WER-AMG54 firmware Ver. 1.43 and earlier, WHR-300 firmware Ver. 2.00 and earlier, WHR-300HP firmware Ver. 2.00 and earlier, WHR-AM54G54 firmware Ver. 1.43 and earlier, WHR-AMG54 firmware Ver. 1.43 and earlier, WHR-AMPG firmware Ver. 1.52 and earlier, WHR-G firmware Ver. 1.49 and earlier, WHR-G300N firmware Ver. 1.65 and earlier, WHR-G301N firmware Ver. 1.87 and earlier, WHR-G54S firmware Ver. 1.43 and earlier, WHR-G54S-NI firmware Ver. 1.24 and earlier, WHR-HP-AMPG firmware Ver. 1.43 and earlier, WHR-HP-G firmware Ver. 1.49 and earlier, WHR-HP-G54 firmware Ver. 1.43 and earlier, WLI-H4-D600 firmware Ver. 1.88 and earlier, WS024BF firmware Ver. 1.60 and earlier, WS024BF-NW firmware Ver. 1.60 and earlier, WXR-1750DHP firmware Ver. 2.60 and earlier, WXR-1750DHP2 firmware Ver. 2.60 and earlier, WZR-1166DHP firmware Ver. 2.18 and earlier, WZR-1166DHP2 firmware Ver. 2.18 and earlier, WZR-1750DHP firmware Ver. 2.30 and earlier, WZR2-G300N firmware Ver. 1.55 and earlier, WZR-450HP-CWT firmware Ver. 2.00 and earlier, WZR-450HP-UB firmware Ver. 2.00 and earlier, WZR-600DHP2 firmware Ver. 1.15 and earlier, WZR-600DHP3 firmware Ver. 2.19 and earlier, WZR-900DHP2 firmware Ver. 2.19 and earlier, WZR-AGL300NH firmware Ver. 1.55 and earlier, WZR-AMPG144NH firmware Ver. 1.49 and earlier, WZR-AMPG300NH firmware Ver. 1.51 and earlier, WZR-D1100H firmware Ver. 2.00 and earlier, WZR-G144N firmware Ver. 1.48 and earlier, WZR-G144NH firmware Ver. 1.48 and earlier, WZR-HP-G300NH firmware Ver. 1.84 and earlier, WZR-HP-G301NH firmware Ver. 1.84 and earlier, WZR-HP-G450H firmware Ver. 1.90 and earlier, WZR-S1750DHP firmware Ver. 2.32 and earlier, WZR-S600DHP firmware Ver. 2.19 and earlier, and WZR-S900DHP firmware Ver. 2.19 and earlier.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-40966]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40966') [MISC]('https://jvn.jp/en/vu/JVNVU92805279/index.html') [MISC]('https://www.buffalo.jp/news/detail/20221003-01.html')[/TD] [/TR] [TR] [TD][LEFT]buffalo_inc -- multiple_products[/LEFT][/TD] [TD][LEFT]Use of hard-coded credentials vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to alter?configuration settings of the device. The affected products/versions are as follows: WZR-300HP firmware Ver. 2.00 and earlier, WZR-450HP firmware Ver. 2.00 and earlier, WZR-600DHP firmware Ver. 2.00 and earlier, WZR-900DHP firmware Ver. 1.15 and earlier, HW-450HP-ZWE firmware Ver. 2.00 and earlier, WZR-450HP-CWT firmware Ver. 2.00 and earlier, WZR-450HP-UB firmware Ver. 2.00 and earlier, WZR-600DHP2 firmware Ver. 1.15 and earlier, and WZR-D1100H firmware Ver. 2.00 and earlier.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-34840]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-34840') [MISC]('https://jvn.jp/en/vu/JVNVU92805279/index.html') [MISC]('https://www.buffalo.jp/news/detail/20221003-01.html')[/TD] [/TR] [TR] [TD][LEFT]buildah -- buildah[/LEFT][/TD] [TD][LEFT]A vulnerability was found in buildah. Incorrect following of symlinks while reading .containerignore and .dockerignore results in information disclosure.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-4122]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4122') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2144983') [MISC]('https://github.com/containers/podman/pull/16315')[/TD] [/TR] [TR] [TD][LEFT]buildah -- buildah[/LEFT][/TD] [TD][LEFT]A flaw was found in Buildah. The local path and the lowest subdirectory may be disclosed due to incorrect absolute path traversal, resulting in an impact to confidentiality.[/LEFT][/TD] [TD][CENTER]2022-12-08[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-4123]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4123') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2144989')[/TD] [/TR] [TR] [TD][LEFT]canon_medical_informatics -- vitrea_vision[/LEFT][/TD] [TD][LEFT]Canon Medical Informatics Vitrea Vision 7.7.76.1 does not adequately enforce access controls. An authenticated user is able to gain unauthorized access to imaging records by tampering with the vitrea-view/studies/search patientId parameter.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-38765]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-38765') [MISC]('https://www.vitalimages.com/customer-success-support-program/vital-images-software-security-updates/')[/TD] [/TR] [TR] [TD][LEFT]certifi -- certifi[/LEFT][/TD] [TD][LEFT]Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 2022.12.07 removes root certificates from "TrustCor" from the root store. These are in the process of being removed from Mozilla's trust store. TrustCor's root certificates are being removed pursuant to an investigation prompted by media reporting that TrustCor's ownership also operated a business that produced spyware. Conclusions of Mozilla's investigation can be found in the linked google group discussion.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-23491]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23491') [MISC]('https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/oxX69KFvsm4/m/yLohoVqtCgAJ') [MISC]('https://github.com/certifi/python-certifi/security/advisories/GHSA-43fp-rhv2-5gv8')[/TD] [/TR] [TR] [TD][LEFT]chicken -- chicken[/LEFT][/TD] [TD][LEFT]egg-compile.scm in CHICKEN 5.x before 5.3.1 allows arbitrary OS command execution during package installation via escape characters in a .egg file.[/LEFT][/TD] [TD][CENTER]2022-12-10[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-45145]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45145') [MISC]('https://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=blobdiff;f=egg-compile.scm;h=9ba4568113350ec75204cba55e43e27925e2d6fe;hp=c1f2ceb0fb470f63c2ba2a1cf9d8d40083c2359f;hb=a08f8f548d772ef410c672ba33a27108d8d434f3;hpb=9c6fb001c25de4390f46ffd7c3c94237f4df92a9') [MISC]('https://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=blobdiff;f=NEWS;h=54888afff09353093453673c407cabfe76a5ce77;hp=a3fd88a892f82c8353267f50509d018bbb1934b9;hb=670478435a982fc4d1f001ea08669f53d35a51cd;hpb=a08f8f548d772ef410c672ba33a27108d8d434f3') [MISC]('https://lists.gnu.org/archive/html/chicken-announce/2022-11/msg00000.html')[/TD] [/TR] [TR] [TD][LEFT]codecentric-- spring-boot-admin[/LEFT][/TD] [TD][LEFT]Spring boot admins is an open source administrative user interface for management of spring boot applications. All users who run Spring Boot Admin Server, having enabled Notifiers (e.g. Teams-Notifier) and write access to environment variables via UI are affected. Users are advised to upgrade to the most recent releases of Spring Boot Admin 2.6.10 and 2.7.8 to resolve this issue. Users unable to upgrade may disable any notifier or disable write access (POST request) on [ICODE]/env[/ICODE] actuator endpoint.[/LEFT][/TD] [TD][CENTER]2022-12-09[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-46166]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46166') [MISC]('https://github.com/codecentric/spring-boot-admin/security/advisories/GHSA-w3x5-427h-wfq6') [MISC]('https://github.com/codecentric/spring-boot-admin/commit/c14c3ec12533f71f84de9ce3ce5ceb7991975f75')[/TD] [/TR] [TR] [TD][LEFT]containerd -- containerd[/LEFT][/TD] [TD][LEFT]containerd is an open source container runtime. A bug was found in containerd's CRI implementation where a user can exhaust memory on the host. In the CRI stream server, a goroutine is launched to handle terminal resize events if a TTY is requested. If the user's process fails to launch due to, for example, a faulty command, the goroutine will be stuck waiting to send without a receiver, resulting in a memory leak. Kubernetes and crictl can both be configured to use containerd's CRI implementation and the stream server is used for handling container IO. This bug has been fixed in containerd 1.6.12 and 1.5.16. Users should update to these versions to resolve the issue. Users unable to upgrade should ensure that only trusted images and commands are used and that only trusted users have permissions to execute commands in running containers.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-23471]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23471') [MISC]('https://github.com/containerd/containerd/security/advisories/GHSA-2qjp-425j-52j9') [MISC]('https://github.com/containerd/containerd/commit/a05d175400b1145e5e6a735a6710579d181e7fb0')[/TD] [/TR] [TR] [TD][LEFT]csliuwy -- coder-chain_gdut[/LEFT][/TD] [TD][LEFT]A vulnerability has been found in csliuwy coder-chain_gdut and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /back/index.php/user/User/?1. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-215095.[/LEFT][/TD] [TD][CENTER]2022-12-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-4341]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4341') [N/A]('https://vuldb.com/?id.215095') [N/A]('https://gitee.com/csliuwy/coder-chain_gdut/issues/I53DPF')[/TD] [/TR] [TR] [TD][LEFT] cube-js -- cube-js [/LEFT][/TD]

[TD][LEFT]cube-js is a headless business intelligence platform. In version 0.31.23 all authenticated Cube clients could bypass SQL row-level security and run arbitrary SQL via the newly introduced /v1/sql-runner endpoint. This issue has been resolved in version 0.31.24. Users are advised to either upgrade to 0.31.24 or to downgrade to 0.31.22. There are no known workarounds for this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-23510
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
daloradius – daloradius
[/LEFT][/TD]

[TD][LEFT]daloRADIUS is an open source RADIUS web management application. daloRadius 1.3 and prior are vulnerable to a combination cross site scripting (XSS) and cross site request forgery (CSRF) vulnerability which leads to account takeover in the mng-del.php file because of an unescaped variable reflected in the DOM on line 116. This issue has been addressed in commit [ICODE]ec3b4a419e[/ICODE]. Users are advised to manually apply the commit in order to mitigate this issue. Users may also mitigate this issue with in two parts 1) The CSRF vulnerability can be mitigated by making the daloRadius session cookie to samesite=Lax or by the implimentation of a CSRF token in all forms. 2) The XSS vulnerability may be mitigated by escaping it or by introducing a Content-Security policy.[/LEFT][/TD]
[TD][CENTER]2022-12-06[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-23475
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]dhis2 – dhis2-core[/LEFT][/TD]
[TD][LEFT]DHIS 2 is an open source information system for data capture, management, validation, analytics and visualization. Through various features of DHIS2, an authenticated user may be able to upload a file which includes embedded javascript. The user could then potentially trick another authenticated user to open the malicious file in a browser which would trigger the javascript code, resulting in a cross-site scripting (XSS) attack. DHIS2 administrators should upgrade to the following hotfix releases: 2.36.12.1, 2.37.8.1, 2.38.2.1, 2.39.0.1. Users unable to upgrade may add the following simple CSP rule in your web proxy to the vulnerable endpoints: [ICODE]script-src ‘none’[/ICODE]. This workaround will prevent all javascript from running on those endpoints.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41947
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]dhis2 – dhis2-core[/LEFT][/TD]
[TD][LEFT]DHIS 2 is an open source information system for data capture, management, validation, analytics and visualization. Affected versions are subject to a privilege escalation vulnerability. A DHIS2 user with authority to manage users can assign superuser privileges to themself by manually crafting an HTTP PUT request. Only users with the following DHIS2 user role authorities can exploit this vulnerability. Note that in many systems the only users with user admin privileges are also superusers. In these cases, the escalation vulnerability does not exist. The vulnerability is only exploitable by attackers who can authenticate as users with the user admin authority. As this is usually a small and relatively trusted set of users, exploit vectors will often be limited. DHIS2 administrators should upgrade to the following hotfix releases: 2.36.12.1, 2.37.8.1, 2.38.2.1, 2.39.0.1. The only known workaround to this issue is to avoid the assignment of the user management authority to any users until the patch has been applied.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41948
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]dhis2 – dhis2-core[/LEFT][/TD]
[TD][LEFT]DHIS 2 is an open source information system for data capture, management, validation, analytics and visualization. In affected versions an authenticated DHIS2 user can craft a request to DHIS2 to instruct the server to make requests to external resources (like third party servers). This could allow an attacker, for example, to identify vulnerable services which might not be otherwise exposed to the public internet or to determine whether a specific file is present on the DHIS2 server. DHIS2 administrators should upgrade to the following hotfix releases: 2.36.12.1, 2.37.8.1, 2.38.2.1, 2.39.0.1. At this time, there is no known workaround or mitigation for this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41949
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]f5 – big-ip[/LEFT][/TD]
[TD][LEFT]In all versions of BIG-IP, when running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.[/LEFT][/TD]
[TD][CENTER]2022-12-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41800
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]freshrss – freshrss[/LEFT][/TD]
[TD][LEFT]FreshRSS is a free, self-hostable RSS aggregator. User configuration files can be accessed by a remote user. In addition to user preferences, such configurations contain hashed passwords (brypt with cost 9, salted) of FreshRSS Web interface. If the API is used, the configuration might contain a hashed password (brypt with cost 9, salted) of the GReader API, and a hashed password (MD5 salted) of the Fever API. Users should update to version 1.20.2 or edge. Users unable to upgrade can apply the patch manually or delete the file [ICODE]./FreshRSS/p/ext.php[/ICODE].[/LEFT][/TD]
[TD][CENTER]2022-12-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-23497
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]funkwhale – funkwhale[/LEFT][/TD]
[TD][LEFT]User invites for Funkwhale v1.2.8 do not permanently expire after being used for signup and can be used again after an account has been deleted.[/LEFT][/TD]
[TD][CENTER]2022-12-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-45292
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]go-merkledag – go-merkledag[/LEFT][/TD]
[TD][LEFT]go-merkledag implements the ‘DAGService’ interface and adds two ipld node types, Protobuf and Raw for the ipfs project. A [ICODE]ProtoNode[/ICODE] may be modified in such a way as to cause various encode errors which will trigger a panic on common method calls that don’t allow for error returns. A [ICODE]ProtoNode[/ICODE] should only be able to encode to valid DAG-PB, attempting to encode invalid DAG-PB forms will result in an error from the codec. Manipulation of an existing (newly created or decoded) [ICODE]ProtoNode[/ICODE] using the modifier methods did not account for certain states that would place the [ICODE]ProtoNode[/ICODE] into an unencodeable form. Due to conformance with the [ICODE]github.com/ipfs/go-block-format#Block[/ICODE] and [ICODE]github.com/ipfs/go-ipld-format#Node[/ICODE] interfaces, certain methods, which internally require a re-encode if state has changed, will panic due to the inability to return an error. This issue has been addressed across a number of pull requests. Users are advised to upgrade to version 0.8.1 for a complete set of fixes. Users unable to upgrade may attempt to mitigate this issue by sanitising inputs when allowing user-input to set a new [ICODE]CidBuilder[/ICODE] on a [ICODE]ProtoNode[/ICODE] and by sanitising [ICODE]Tsize[/ICODE] ([ICODE]Link#Size[/ICODE]) values such that they are a reasonable byte-size for sub-DAGs where derived from user-input.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-23495
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]go-standard_library – os/net/http
[/LEFT][/TD]
[TD][LEFT]On Windows, restricted files can be accessed via os.DirFS and http.Dir. The os.DirFS function and http.Dir type provide access to a tree of files rooted at a given directory. These functions permit access to Windows device files under that root. For example, os.DirFS(“C:/tmp”).Open(“COM1”) opens the COM1 device. Both os.DirFS and http.Dir only provide read-only filesystem access. In addition, on Windows, an os.DirFS for the directory (the root of the current drive) can permit a maliciously crafted path to escape from the drive and access any path on the system. With fix applied, the behavior of os.DirFS(“”) has changed. Previously, an empty root was treated equivalently to “/”, so os.DirFS(“”).Open(“tmp”) would open the path “/tmp”. This now returns an error.[/LEFT][/TD]
[TD][CENTER]2022-12-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41720
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]go-standard_library/golang – multiple_producst[/LEFT][/TD]
[TD][LEFT]An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41717
MISC
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]ibm – cloud_transformation_advisor[/LEFT][/TD]
[TD][LEFT]IBM Cloud Transformation Advisor 2.0.1 through 3.3.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 237214.[/LEFT][/TD]
[TD][CENTER]2022-12-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41299
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]interspire – email_marketer[/LEFT][/TD]
[TD][LEFT]Interspire Email Marketer through 6.5.1 allows SQL Injection via the surveys module. An unauthenticated attacker could successfully perform an attack to extract potentially sensitive information from the database if the survey id exists.[/LEFT][/TD]
[TD][CENTER]2022-12-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-44790
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]jetbrains – gateway[/LEFT][/TD]
[TD][LEFT]In JetBrains JetBrains Gateway before 2022.3 a client could connect without a valid token if the host consented.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46829
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]jetbrains – intellij_idea[/LEFT][/TD]
[TD][LEFT]In JetBrains IntelliJ IDEA before 2022.2.4 a buffer overflow in the fsnotifier daemon on macOS was possible.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46824
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]jetbrains – intellij_idea[/LEFT][/TD]
[TD][LEFT]In JetBrains IntelliJ IDEA before 2022.3 the built-in web server leaked information about open projects.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46825
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]jetbrains – intellij_idea[/LEFT][/TD]
[TD][LEFT]In JetBrains IntelliJ IDEA before 2022.3 the built-in web server allowed an arbitrary file to be read by exploiting a path traversal vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46826
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]jetbrains – intellij_idea[/LEFT][/TD]
[TD][LEFT]In JetBrains IntelliJ IDEA before 2022.3 an XXE attack leading to SSRF via requests to custom plugin repositories was possible.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46827
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]jetbrains – intellij_idea[/LEFT][/TD]
[TD][LEFT]In JetBrains IntelliJ IDEA before 2022.3 a DYLIB injection on macOS was possible.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46828
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]jetbrains – teamcity[/LEFT][/TD]
[TD][LEFT]In JetBrains TeamCity between 2022.10 and 2022.10.1 a custom STS endpoint allowed internal port scanning.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46830
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]jetbrains – teamcity[/LEFT][/TD]
[TD][LEFT]In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the “Default Credential Provider Chain” allowed TeamCity project administrators to access AWS resources normally limited to TeamCity system administrators.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46831
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]kbase_doc – kbase_doc[/LEFT][/TD]
[TD][LEFT]Kbase Doc v1.0 was discovered to contain an arbitrary file deletion vulnerability via the component /web/IndexController.java.[/LEFT][/TD]
[TD][CENTER]2022-12-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-45290
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]labstack – labstack[/LEFT][/TD]
[TD][LEFT]Due to improper sanitization of user input on Windows, the static file handler allows for directory traversal, allowing an attacker to read files outside of the target directory that the server has permission to read.[/LEFT][/TD]
[TD][CENTER]2022-12-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2020-36565
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]linux – linux[/LEFT][/TD]
[TD][LEFT]Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329).[/LEFT][/TD]
[TD][CENTER]2022-12-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42328
MISC
MLIST
MLIST
MLIST[/TD]
[/TR]
[TR]
[TD][LEFT]linux – linux[/LEFT][/TD]
[TD][LEFT]Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329).[/LEFT][/TD]
[TD][CENTER]2022-12-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42329
MISC
MLIST
MLIST
MLIST[/TD]
[/TR]
[TR]
[TD][LEFT]lirantal – daloradius[/LEFT][/TD]
[TD][LEFT]Exposure of Sensitive System Information to an Unauthorized Control Sphere in GitHub repository lirantal/daloradius prior to master branch.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4366
CONFIRM
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]m-files – web[/LEFT][/TD]
[TD][LEFT]Incorrect Privilege Assignment in M-Files Web (Classic) in M-Files before 22.8.11691.0 allows low privilege user to change some configuration.[/LEFT][/TD]
[TD][CENTER]2022-12-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4264
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]metinfo – metinfo[/LEFT][/TD]
[TD][LEFT]A Cross-Site Request Forgery (CSRF) in the Administrator List of MetInfo v7.7 allows attackers to arbitrarily add Super Administrator account.[/LEFT][/TD]
[TD][CENTER]2022-12-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-44849
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]micro_focus – operations_bridge_containerized
[/LEFT][/TD]
[TD][LEFT]A potential vulnerability has been identified in Micro Focus Operations Bridge - Containerized. The vulnerability could be exploited by a malicious authenticated OBM (Operations Bridge Manager) user to run Java Scripts in the browser context of another OBM user. Please note: The vulnerability is only applicable if the Operations Bridge Manager capability is deployed. A potential vulnerability has been identified in Micro Focus Operations Bridge Manager (OBM). The vulnerability could be exploited by a malicious authenticated OBM user to run Java Scripts in the browser context of another OBM user. This issue affects: Micro Focus Micro Focus Operations Bridge Manager versions prior to 2022.11. Micro Focus Micro Focus Operations Bridge- Containerized versions prior to 2022.11.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-38754
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]mingsoft – mcms[/LEFT][/TD]
[TD][LEFT]A vulnerability was found in Mingsoft MCMS up to 5.2.9. It has been classified as critical. Affected is an unknown function of the file /cms/category/list. The manipulation of the argument sqlWhere leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 5.2.10 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-215196.[/LEFT][/TD]
[TD][CENTER]2022-12-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4375
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]morontt – zend-blog-number-2[/LEFT][/TD]
[TD][LEFT]A vulnerability was found in morontt zend-blog-number-2. It has been classified as problematic. Affected is an unknown function of the file application/forms/Comment.php of the component Comment Handler. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The name of the patch is 36b2d4abe20a6245e4f8df7a4b14e130b24d429d. It is recommended to apply a patch to fix this issue. VDB-215250 is the identifier assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4397
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]netgear – nighthawk_rax30[/LEFT][/TD]
[TD][LEFT]A network misconfiguration is present in versions prior to 1.0.9.90 of the NETGEAR RAX30 AX2400 series of routers. IPv6 is enabled for the WAN interface by default on these devices. While there are firewall restrictions in place that define access restrictions for IPv4 traffic, these restrictions do not appear to be applied to the WAN interface for IPv6. This allows arbitrary access to any services running on the device that may be inadvertently listening via IPv6, such as the SSH and Telnet servers spawned on ports 22 and 23 by default. This misconfiguration could allow an attacker to interact with services only intended to be accessible by clients on the local network.[/LEFT][/TD]
[TD][CENTER]2022-12-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4390
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]nortonlifelock – avast_antivirus[/LEFT][/TD]
[TD][LEFT]The aswjsflt.dll library from Avast Antivirus windows contained a potentially exploitable heap corruption vulnerability that could enable an attacker to bypass the sandbox of the application it was loaded into, if applicable. This issue was fixed in version 18.0.1478 of the Script Shield Component.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4291
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]openharmony – openharmony[/LEFT][/TD]
[TD][LEFT]Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGetres. 4 bytes padding data from kernel stack are copied to user space incorrectly and leaked.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41802
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]openharmony – openharmony[/LEFT][/TD]
[TD][LEFT]The appspawn and nwebspawn services within OpenHarmony-v3.1.2 and prior versions were found to be vulnerable to buffer overflow vulnerability due to insufficient input validation. An unprivileged malicious application would be able to gain code execution within any application installed on the device or cause application crash.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-44455
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]openharmony – openharmony[/LEFT][/TD]
[TD][LEFT]OpenHarmony-v3.1.2 and prior versions had a vulnerability that telephony in communication subsystem sends public events with personal data, but the permission is not set. Malicious apps could listen to public events and obtain information such as mobile numbers and SMS data without permissions.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-45118
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]openharmony – openharmony[/LEFT][/TD]
[TD][LEFT]OpenHarmony-v3.1.4 and prior versions had an vulnerability. PIN code is transmitted to the peer device in plain text during cross-device authentication, which reduces the difficulty of man-in-the-middle attacks.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-45877
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]pb-cms – pb-cms[/LEFT][/TD]
[TD][LEFT]A vulnerability was found in LinZhaoguan pb-cms 2.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /blog/comment of the component Message Board. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-215114 is the identifier assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4354
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]pb-cms – pb-cms
[/LEFT][/TD]
[TD][LEFT]A vulnerability has been found in LinZhaoguan pb-cms 2.0 and classified as problematic. Affected by this vulnerability is the function IpUtil.getIpAddr. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-215113 was assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4353
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]perl – perl[/LEFT][/TD]
[TD][LEFT]The rxvt-unicode package is vulnerable to a remote code execution, in the Perl background extension, when an attacker can control the data written to the user’s terminal and certain options are set.[/LEFT][/TD]
[TD][CENTER]2022-12-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4170
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]prestashop – prestashop[/LEFT][/TD]
[TD][LEFT]PrestaShop is an open-source e-commerce solution. Versions prior to 1.7.8.8 did not properly restrict host filesystem access for users. Users may have been able to view the contents of the upload directory without appropriate permissions. This issue has been addressed and users are advised to upgrade to version 1.7.8.8. There are no known workarounds for this issue.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46158
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]qubes-mirage-firewall – qubes-mirage-firewall[/LEFT][/TD]
[TD][LEFT]qubes-mirage-firewall (aka Mirage firewall for QubesOS) 0.8.x through 0.8.3 allows guest OS users to cause a denial of service (CPU consumption and loss of forwarding) via a crafted multicast UDP packet (IP address range of 224.0.0.0 through 239.255.255.255).[/LEFT][/TD]
[TD][CENTER]2022-12-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46770
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]radareorg – radareorg/radare2[/LEFT][/TD]
[TD][LEFT]Integer Overflow or Wraparound in GitHub repository radareorg/radare2 prior to 5.8.0.[/LEFT][/TD]
[TD][CENTER]2022-12-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4398
MISC
CONFIRM[/TD]
[/TR]
[TR]
[TD][LEFT]rapid7 – nexpose_and_insightvm[/LEFT][/TD]
[TD][LEFT]Rapid7 Nexpose and InsightVM versions prior to 6.6.172 failed to reliably validate the authenticity of update contents. This failure could allow an attacker to provide a malicious update and alter the functionality of Rapid7 Nexpose. The attacker would need some pre-existing mechanism to provide a malicious update, either through a social engineering effort, privileged access to replace downloaded updates in transit, or by performing an Attacker-in-the-Middle attack on the update service itself.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4261
CONFIRM
CONFIRM
CONFIRM[/TD]
[/TR]
[TR]
[TD][LEFT]red_hat – openshift[/LEFT][/TD]
[TD][LEFT]Openshift 4.9 does not use HTTP Strict Transport Security (HSTS) which may allow man-in-the-middle (MITM) attacks.[/LEFT][/TD]
[TD][CENTER]2022-12-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3259
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]red_hat – openshift[/LEFT][/TD]
[TD][LEFT]The response header has not enabled X-FRAME-OPTIONS, Which helps prevents against Clickjacking attack.. Some browsers would interpret these results incorrectly, allowing clickjacking attacks.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3260
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]red_hat – openshift[/LEFT][/TD]
[TD][LEFT]A flaw was found in Openshift. A pod with a DNSPolicy of “ClusterFirst” may incorrectly resolve the hostname based on a service provided. This flaw allows an attacker to supply an incorrect name with the DNS search policy, affecting confidentiality and availability.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3262
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]reputeinfosystems – armember[/LEFT][/TD]
[TD][LEFT]Unauth. Privilege Escalation vulnerability in ARMember premium plugin <= 5.5.1 on WordPress.[/LEFT][/TD]
[TD][CENTER]2022-12-06[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42888
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]s-cms – s-cms[/LEFT][/TD]
[TD][LEFT]A vulnerability was found in S-CMS 5.0 Build 20220328. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Contact Information Page. The manipulation of the argument Make a Call leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-215197 was assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4377
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]samsung – calendar[/LEFT][/TD]
[TD][LEFT]Improper access control vulnerability in Calendar prior to versions 11.6.08.0 in Android Q(10), 12.2.11.3000 in Android R(11), 12.3.07.2000 in Android S(12), and 12.4.02.0 in Android T(13) allows attackers to access sensitive information via implicit intent.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39915
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]samsung – decoding_library[/LEFT][/TD]
[TD][LEFT]Integer overflow vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39907
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]samsung – decoding_library[/LEFT][/TD]
[TD][LEFT]TOCTOU vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39908
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]samsung – displaymanagerservice[/LEFT][/TD]
[TD][LEFT]Exposure of Sensitive Information from an Unauthorized Actor vulnerability in Samsung DisplayManagerService prior to Android T(13) allows local attacker to access connected DLNA device information.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39914
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]samsung – exynos_baseband[/LEFT][/TD]
[TD][LEFT]Improper authentication in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to disable the network traffic encryption between UE and gNodeB.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39901
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
samsung – gear_iconx_pc_manager
[/LEFT][/TD]

[TD][LEFT]Insufficient verification of data authenticity vulnerability in Samsung Gear IconX PC Manager prior to version 2.1.221019.51 allows local attackers to create arbitrary file using symbolic link.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39909
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]samsung – iiccphonebook[/LEFT][/TD]
[TD][LEFT]Improper access control vulnerability in IIccPhoneBook prior to SMR Dec-2022 Release 1 allows attackers to access some information of usim.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39898
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]samsung – nice_catch[/LEFT][/TD]
[TD][LEFT]Improper access control vulnerability in Nice Catch prior to SMR Dec-2022 Release 1 allows physical attackers to access contents of all toast generated in the application installed in Secure Folder through Nice Catch.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39900
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]samsung – pass[/LEFT][/TD]
[TD][LEFT]Improper access control vulnerability in Samsung Pass prior to version 4.0.06.7 allow physical attackers to access data of Samsung Pass on a certain state of an unlocked device using pop-up view.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39910
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]samsung – pass[/LEFT][/TD]
[TD][LEFT]Improper check or handling of exceptional conditions vulnerability in Samsung Pass prior to version 4.0.06.1 allows attacker to access Samsung Pass.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39911
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]samsung – persona_manager[/LEFT][/TD]
[TD][LEFT]Exposure of Sensitive Information to an Unauthorized Actor in Persona Manager prior to Android T(13) allows local attacker to access user profiles information.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39913
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]samsung – personamanagerservice[/LEFT][/TD]
[TD][LEFT]Improper handling of insufficient permissions vulnerability in setSecureFolderPolicy in PersonaManagerService prior to Android T(13) allows local attackers to set some setting value in Secure folder.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39912
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]samsung – rcs_call[/LEFT][/TD]
[TD][LEFT]Improper access control vulnerability in RCS call prior to SMR Dec-2022 Release 1 allows local attackers to access RCS incoming call number.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39903
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]samsung – sectelephonyprovider[/LEFT][/TD]
[TD][LEFT]Improper access control vulnerability in SecTelephonyProvider prior to SMR Dec-2022 Release 1 allows attackers to access message information.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39906
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
samsung – settings
[/LEFT][/TD]

[TD][LEFT]Exposure of Sensitive Information vulnerability in Samsung Settings prior to SMR Dec-2022 Release 1 allows local attackers to access the Network Access Identifier via log.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39904
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]samsung – windowmanagerservice[/LEFT][/TD]
[TD][LEFT]Improper authentication vulnerability in Samsung WindowManagerService prior to SMR Dec-2022 Release 1 allows attacker to send the input event using S Pen gesture.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39899
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]secomea – gatemanager[/LEFT][/TD]
[TD][LEFT]A vulnerability in the web server of Secomea GateManager allows a local user to impersonate as the previous user under some failed login conditions. This issue affects: Secomea GateManager versions from 9.4 through 9.7.[/LEFT][/TD]
[TD][CENTER]2022-12-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-2752
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]secustation – multiple_products[/LEFT][/TD]
[TD][LEFT]In certain Secustation products the administrator account password can be read. This affects V2.5.5.3116-S50-SMA-B20171107A, V2.3.4.1301-M20-TSA-B20150617A, V2.5.5.3116-S50-RXA-B20180502A, V2.5.5.3116-S50-SMA-B20190723A, V2.5.5.3116-S50-SMB-B20161012A, V2.3.4.2103-S50-NTD-B20170508B, V2.5.5.3116-S50-SMB-B20160601A, V2.5.5.2601-S50-TSA-B20151229A, and V2.5.5.3116-S50-SMA-B20170217.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-40939
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]seeddms – seeddms[/LEFT][/TD]
[TD][LEFT]Weak reset token generation in SeedDMS v6.0.20 and v5.1.7 allows attackers to execute a full account takeover via a brute force attack.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-44938
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]sentry – sentry
[/LEFT][/TD]
[TD][LEFT]Sentry is an error tracking and performance monitoring platform. In versions of the sentry python library prior to 22.11.0 an attacker with a known valid invite link could manipulate a cookie to allow the same invite link to be reused on multiple accounts when joining an organization. As a result an attacker with a valid invite link can create multiple users and join an organization they may not have been originally invited to. This issue was patched in version 22.11.0. Sentry SaaS customers do not need to take action. Self-hosted Sentry installs on systems which can not upgrade can disable the invite functionality until they are ready to deploy the patched version by editing their [ICODE]sentry.conf.py[/ICODE] file (usually located at [ICODE]~/.sentry/[/ICODE]).[/LEFT][/TD]
[TD][CENTER]2022-12-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-23485
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]shift_tech_inc – bingo!cms[/LEFT][/TD]
[TD][LEFT]Authentication bypass using an alternate path or channel vulnerability in bingo!CMS version1.7.4.1 and earlier allows a remote unauthenticated attacker to upload an arbitrary file. As a result, an arbitrary script may be executed and/or a file may be altered.[/LEFT][/TD]
[TD][CENTER]2022-12-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42458
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]six_apart_ltd – movable_type[/LEFT][/TD]
[TD][LEFT]Improper neutralization of Server-Side Includes (SSW) within a web page in Movable Type series allows a remote authenticated attacker with Privilege of ‘Manage of Content Types’ may execute an arbitrary Perl script and/or an arbitrary OS command. Affected products/versions are as follows: Movable Type 7 r.5301 and earlier (Movable Type 7 Series), Movable Type Advanced 7 r.5301 and earlier (Movable Type Advanced 7 Series), Movable Type Premium 1.53 and earlier, and Movable Type Premium Advanced 1.53 and earlier.[/LEFT][/TD]
[TD][CENTER]2022-12-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-43660
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]six_apart_ltd – movable_type[/LEFT][/TD]
[TD][LEFT]Improper validation of syntactic correctness of input vulnerability exist in Movable Type series. Having a user to access a specially crafted URL may allow a remote unauthenticated attacker to set a specially crafted URL to the Reset Password page and conduct a phishing attack. Affected products/versions are as follows: Movable Type 7 r.5301 and earlier (Movable Type 7 Series), Movable Type Advanced 7 r.5301 and earlier (Movable Type Advanced 7 Series), Movable Type 6.8.7 and earlier (Movable Type 6 Series), Movable Type Advanced 6.8.7 and earlier (Movable Type Advanced 6 Series), Movable Type Premium 1.53 and earlier, and Movable Type Premium Advanced 1.53 and earlier.[/LEFT][/TD]
[TD][CENTER]2022-12-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-45113
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]six_apart_ltd – movable_type[/LEFT][/TD]
[TD][LEFT]Cross-site scripting vulnerability in Movable Type Movable Type 7 r.5301 and earlier (Movable Type 7 Series), Movable Type Advanced 7 r.5301 and earlier (Movable Type Advanced 7 Series), Movable Type 6.8.7 and earlier (Movable Type 6 Series), Movable Type Advanced 6.8.7 and earlier (Movable Type Advanced 6 Series), Movable Type Premium 1.53 and earlier, and Movable Type Premium Advanced 1.53 and earlier allows a remote unauthenticated attacker to inject an arbitrary script.[/LEFT][/TD]
[TD][CENTER]2022-12-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-45122
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]teledyne flir – ax8[/LEFT][/TD]
[TD][LEFT]A vulnerability classified as critical has been found in Teledyne FLIR AX8 up to 1.46.16. Affected is an unknown function of the file palette.php of the component Web Service Handler. The manipulation of the argument palette leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-215118 is the identifier assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4364
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]teleport – teleport[/LEFT][/TD]
[TD][LEFT]Teleport v3.2.2, Teleport v3.5.6-rc6, and Teleport v3.6.3-b2 was discovered to contain an information leak via the /user/get-role-list web interface.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-38599
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]ticklishhoneybee – nodau[/LEFT][/TD]
[TD][LEFT]A vulnerability was found in TicklishHoneyBee nodau. It has been rated as critical. Affected by this issue is some unknown functionality of the file src/db.c. The manipulation of the argument value/name leads to sql injection. The name of the patch is 7a7d737a3929f335b9717ddbd31db91151b69ad2. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-215252.[/LEFT][/TD]
[TD][CENTER]2022-12-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-4399
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]tinymce – tinymce[/LEFT][/TD]
[TD][LEFT]tinymce is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in the alert and confirm dialogs when these dialogs were provided with malicious HTML content. This can occur in plugins that use the alert or confirm dialogs, such as in the [ICODE]image[/ICODE] plugin, which presents these dialogs when certain errors occur. The vulnerability allowed arbitrary JavaScript execution when an alert presented in the TinyMCE UI for the current user. This vulnerability has been patched in TinyMCE 5.10.7 and TinyMCE 6.3.1 by ensuring HTML sanitization was still performed after unwrapping invalid elements. Users are advised to upgrade to either 5.10.7 or 6.3.1. Users unable to upgrade may ensure the the [ICODE]images_upload_handler[/ICODE] returns a valid value as per the images_upload_handler documentation.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-23494
MISC
MISC
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]traefik – traefik[/LEFT][/TD]
[TD][LEFT]Traefik is an open source HTTP reverse proxy and load balancer. Versions prior to 2.9.6 are subject to a potential vulnerability in Traefik displaying the Authorization header in its debug logs. In certain cases, if the log level is set to DEBUG, credentials provided using the Authorization header are displayed in the debug logs. Attackers must have access to a users logging system in order for credentials to be stolen. This issue has been addressed in version 2.9.6. Users are advised to upgrade. Users unable to upgrade may set the log level to [ICODE]INFO[/ICODE], [ICODE]WARN[/ICODE], or [ICODE]ERROR[/ICODE].[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-23469
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]traefik – traefik[/LEFT][/TD]
[TD][LEFT]Traefik is an open source HTTP reverse proxy and load balancer. In affected versions there is a potential vulnerability in Traefik managing TLS connections. A router configured with a not well-formatted TLSOption is exposed with an empty TLSOption. For instance, a route secured using an mTLS connection set with a wrong CA file is exposed without verifying the client certificates. Users are advised to upgrade to version 2.9.6. Users unable to upgrade should check their logs to detect the error messages and fix your TLS options.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-46153
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]trendnet – wireless_ac_easy-upgrader_tew-820ap[/LEFT][/TD]
[TD][LEFT]A stack overflow vulnerability exists in TrendNet Wireless AC Easy-Upgrader TEW-820AP (Version v1.0R, firmware version 1.01.B01) which may result in remote code execution.[/LEFT][/TD]
[TD][CENTER]2022-12-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-44373
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]typora – typora[/LEFT][/TD]
[TD][LEFT]Typora versions prior to 1.4.4 fails to properly neutralize JavaScript code, which may result in executing JavaScript code contained in the file when opening a file with the affected product.[/LEFT][/TD]
[TD][CENTER]2022-12-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-43668
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
western_digital – my_cloud
[/LEFT][/TD]

[TD][LEFT]Improper Authentication vulnerability in the encrypted volumes and auto mount features of Western Digital My Cloud devices allows insecure direct access to the drive information in the case of a device reset. This issue affects: Western Digital My Cloud My Cloud versions prior to 5.25.124 on Linux.[/LEFT][/TD]
[TD][CENTER]2022-12-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-29838
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
western_digital – my_cloud
[/LEFT][/TD]

[TD][LEFT]Insufficiently Protected Credentials vulnerability in the remote backups application on Western Digital My Cloud devices that could allow an attacker who has gained access to a relevant endpoint to use that information to access protected data. This issue affects: Western Digital My Cloud My Cloud versions prior to 5.25.124 on Linux.[/LEFT][/TD]
[TD][CENTER]2022-12-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-29839
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]wireshark – wireshark[/LEFT][/TD]
[TD][LEFT]Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file on Windows[/LEFT][/TD]
[TD][CENTER]2022-12-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3724
MISC
MISC
CONFIRM[/TD]
[/TR]
[TR]
[TD][LEFT]xen_project – xen
[/LEFT][/TD]
[TD][LEFT]Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux based network backend by sending certain kinds of packets. It appears to be an (unwritten?) assumption in the rest of the Linux network stack that packet protocol headers are all contained within the linear section of the SKB and some NICs behave badly if this is not the case. This has been reported to occur with Cisco (enic) and Broadcom NetXtrem II BCM5780 (bnx2x) though it may be an issue with other NICs/drivers as well. In case the frontend is sending requests with split headers, netback will forward those violating above mentioned assumption to the networking core, resulting in said misbehavior.[/LEFT][/TD]
[TD][CENTER]2022-12-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3643
MISC
MLIST[/TD]
[/TR]
[TR]
[TD][LEFT]yauaa – yauaa[/LEFT][/TD]
[TD][LEFT]Yet Another UserAgent Analyzer (Yauaa) is a java library that tries to parse and analyze the useragent string and extract as many relevant attributes as possible. Applications using the Client Hints analysis feature introduced with 7.0.0 can crash because the Yauaa library throws an ArrayIndexOutOfBoundsException. If uncaught the exception will result in a program crash. Applications that do not use this feature are not affected. Users are advised to upgrade to version 7.9.0. Users unable to upgrade may catch and discard any ArrayIndexOutOfBoundsException thrown by the Yauaa library.[/LEFT][/TD]
[TD][CENTER]2022-12-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-23496
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]yii – gii[/LEFT][/TD]
[TD][LEFT]Yii Yii2 Gii through 2.2.4 allows stored XSS by injecting a payload into any field.[/LEFT][/TD]
[TD][CENTER]2022-12-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-34297
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]zephyr – zephyr[/LEFT][/TD]
[TD][LEFT]There is an error in the condition of the last if-statement in the function smp_check_keys. It was rejecting current keys if all requirements were unmet.[/LEFT][/TD]
[TD][CENTER]2022-12-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-2993
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]zkteco – xiamen_information_technology_zkbio_eco_adms[/LEFT][/TD]
[TD][LEFT]ZKTeco Xiamen Information Technology ZKBio ECO ADMS <=3.1-164 is vulnerable to Cross Site Scripting (XSS).[/LEFT][/TD]
[TD][CENTER]2022-12-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-44213
MISC[/TD]
[/TR]
[/TABLE][/CENTER]
Back to top

This product is provided subject to this Notification and this Privacy & Use policy.