Original release date: November 14, 2022 | Last revised: November 15, 2022

High Vulnerabilities

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD][LEFT]accusoft -- imagegear[/LEFT][/TD] [TD][LEFT]An out-of-bounds write vulnerability exists in the PICT parsing pctwread_14841 functionality of Accusoft ImageGear 20.0. A specially-crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32588&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32588]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32588') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2022-1544')[/TD] [/TR] [TR] [TD][LEFT]acronis -- cyber_protect_home_office[/LEFT][/TD] [TD][LEFT]Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39900.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44732&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44732]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44732') [MISC]('https://security-advisory.acronis.com/advisories/SEC-3040')[/TD] [/TR] [TR] [TD][LEFT]acronis -- cyber_protect_home_office[/LEFT][/TD] [TD][LEFT]Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39900.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44733&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44733]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44733') [MISC]('https://security-advisory.acronis.com/advisories/SEC-3968')[/TD] [/TR] [TR] [TD][LEFT]acronis -- cyber_protect_home_office[/LEFT][/TD] [TD][LEFT]Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44747&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44747]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44747') [MISC]('https://security-advisory.acronis.com/advisories/SEC-4540')[/TD] [/TR] [TR] [TD][LEFT]acronis -- cyber_protect_home_office[/LEFT][/TD] [TD][LEFT]Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][7.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44744&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44744]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44744') [MISC]('https://security-advisory.acronis.com/advisories/SEC-2718')[/TD] [/TR] [TR] [TD][LEFT]activity_log_project -- activity_log[/LEFT][/TD] [TD][LEFT]CSV Injection vulnerability in Activity Log Team Activity Log <= 2.8.3 on WordPress.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-27858&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-27858]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-27858') [CONFIRM]('https://wordpress.org/plugins/aryo-activity-log/#developers') [CONFIRM]('https://patchstack.com/database/vulnerability/aryo-activity-log/wordpress-activity-log-plugin-2-8-3-csv-injection-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]addify -- role_based_pricing_for_woocommerce[/LEFT][/TD] [TD][LEFT]The Role Based Pricing for WooCommerce WordPress plugin before 1.6.3 does not have authorisation and proper CSRF checks, as well as does not validate path given via user input, allowing any authenticated users like subscriber to perform PHAR deserialization attacks when they can upload a file, and a suitable gadget chain is present on the blog[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3536&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3536]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3536') [CONFIRM]('https://wpscan.com/vulnerability/6af63aab-b7a6-4ef6-8604-4b4b99467a34')[/TD] [/TR] [TR] [TD][LEFT]addify -- role_based_pricing_for_woocommerce[/LEFT][/TD] [TD][LEFT]The Role Based Pricing for WooCommerce WordPress plugin before 1.6.2 does not have authorisation and proper CSRF checks, and does not validate files to be uploaded, allowing any authenticated users like subscriber to upload arbitrary files, such as PHP[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3537&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3537]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3537') [CONFIRM]('https://wpscan.com/vulnerability/696868f7-409d-422d-87f4-92fc6bf6e74e')[/TD] [/TR] [TR] [TD][LEFT]analytify -- analytify_-_google_analytics_dashboard[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Analytify plugin <= 4.2.2 on WordPress.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-38137&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-38137]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-38137') [CONFIRM]('https://wordpress.org/plugins/wp-analytify/') [CONFIRM]('https://patchstack.com/database/vulnerability/wp-analytify/wordpress-analytify-plugin-4-2-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]apache -- commons_bcel[/LEFT][/TD] [TD][LEFT]Apache Commons BCEL has a number of APIs that would normally only allow changing specific class characteristics. However, due to an out-of-bounds writing issue, these APIs can be used to produce arbitrary bytecode. This could be abused in applications that pass attacker-controllable data to those APIs, giving the attacker more control over the resulting bytecode than otherwise expected. Update to Apache Commons BCEL 6.6.0.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42920&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-42920]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42920') [MISC]('https://lists.apache.org/thread/lfxk7q8qmnh5bt9jm6nmjlv5hsxjhrz4') [MLIST]('http://www.openwall.com/lists/oss-security/2022/11/07/2')[/TD] [/TR] [TR] [TD][LEFT]apache -- ivy[/LEFT][/TD] [TD][LEFT]With Apache Ivy 2.4.0 an optional packaging attribute has been introduced that allows artifacts to be unpacked on the fly if they used pack200 or zip packaging. For artifacts using the "zip", "jar" or "war" packaging Ivy prior to 2.5.1 doesn't verify the target path when extracting the archive. An archive containing absolute paths or paths that try to traverse "upwards" using ".." sequences can then write files to any location on the local fie system that the user executing Ivy has write access to. Ivy users of version 2.4.0 to 2.5.0 should upgrade to Ivy 2.5.1.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37865&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-37865]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37865') [CONFIRM]('https://lists.apache.org/thread/gqvvv7qsm2dfjg6xzsw1s2h08tbr0sdy')[/TD] [/TR] [TR] [TD][LEFT]apache -- ivy[/LEFT][/TD] [TD][LEFT]When Apache Ivy downloads artifacts from a repository it stores them in the local file system based on a user-supplied "pattern" that may include placeholders for artifacts coordinates like the organisation, module or version. If said coordinates contain "../" sequences - which are valid characters for Ivy coordinates in general - it is possible the artifacts are stored outside of Ivy's local cache or repository or can overwrite different artifacts inside of the local cache. In order to exploit this vulnerability an attacker needs collaboration by the remote repository as Ivy will issue http requests containing ".." sequences and a "normal" repository will not interpret them as part of the artifact coordinates. Users of Apache Ivy 2.0.0 to 2.5.1 should upgrade to Ivy 2.5.1.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37866&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-37866]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37866') [MISC]('https://lists.apache.org/thread/htxbr8oc464hxrgroftnz3my70whk93b')[/TD] [/TR] [TR] [TD][LEFT]apache -- pulsar[/LEFT][/TD] [TD][LEFT]The Apache Pulsar C++ Client does not verify peer TLS certificates when making HTTPS calls for the OAuth2.0 Client Credential Flow, even when tlsAllowInsecureConnection is disabled via configuration. This vulnerability allows an attacker to perform a man in the middle attack and intercept and/or modify the GET request that is sent to the ClientCredentialFlow 'issuer url'. The intercepted credentials can be used to acquire authentication data from the OAuth2.0 server to then authenticate with an Apache Pulsar cluster. An attacker can only take advantage of this vulnerability by taking control of a machine 'between' the client and the server. The attacker must then actively manipulate traffic to perform the attack. The Apache Pulsar Python Client wraps the C++ client, so it is also vulnerable in the same way. This issue affects Apache Pulsar C++ Client and Python Client versions 2.7.0 to 2.7.4; 2.8.0 to 2.8.3; 2.9.0 to 2.9.2; 2.10.0 to 2.10.1; 2.6.4 and earlier. Any users running affected versions of the C++ Client or the Python Client should rotate vulnerable OAuth2.0 credentials, including client_id and client_secret. 2.7 C++ and Python Client users should upgrade to 2.7.5 and rotate vulnerable OAuth2.0 credentials. 2.8 C++ and Python Client users should upgrade to 2.8.4 and rotate vulnerable OAuth2.0 credentials. 2.9 C++ and Python Client users should upgrade to 2.9.3 and rotate vulnerable OAuth2.0 credentials. 2.10 C++ and Python Client users should upgrade to 2.10.2 and rotate vulnerable OAuth2.0 credentials. 3.0 C++ users are unaffected and 3.0 Python Client users will be unaffected when it is released. Any users running the C++ and Python Client for 2.6 or less should upgrade to one of the above patched versions.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-33684&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-33684]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-33684') [MISC]('https://lists.apache.org/thread/ky1ssskvkj00y36k7nys9b5gm5jjrzwv')[/TD] [/TR] [TR] [TD][LEFT]arm -- valhall_gpu_kernel_driver[/LEFT][/TD] [TD][LEFT]An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to obtain write access to read-only memory, or obtain access to already freed memory. This affects Valhall r29p0 through r38p1 before r38p2, and r39p0 before r40p0.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41757&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41757]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41757') [MISC]('https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities')[/TD] [/TR] [TR] [TD][LEFT]azure -- cyclecloud[/LEFT][/TD] [TD][LEFT]Azure CycleCloud Elevation of Privilege Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41085&vector=CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41085]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41085') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41085')[/TD] [/TR] [TR] [TD][LEFT]azure -- rtos_guix_studio[/LEFT][/TD] [TD][LEFT]Azure RTOS GUIX Studio Remote Code Execution Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41051&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41051]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41051') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41051')[/TD] [/TR] [TR] [TD][LEFT]badgermeter -- moni\[/LEFT][/TD] [TD][LEFT]In s::can moni::tools in versions below 4.2 an unauthenticated attacker could get any file from the device by path traversal in the camera-file module.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-12509&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2020-12509]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-12509') [MISC]('https://www.s-can.at/en/the-new-monitool-v4-2-security-first/')[/TD] [/TR] [TR] [TD][LEFT]bd -- totalys_multiprocessor_firmware[/LEFT][/TD] [TD][LEFT]BD Totalys MultiProcessor, versions 1.70 and earlier, contain hardcoded credentials. If exploited, threat actors may be able to access, modify or delete sensitive information, including electronic protected health information (ePHI), protected health information (PHI) and personally identifiable information (PII). Customers using BD Totalys MultiProcessor version 1.70 with Microsoft Windows 10 have additional operating system hardening configurations which increase the attack complexity required to exploit this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40263&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40263]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40263') [CONFIRM]('https://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-totalys-multiprocessor-hardcoded-credentials')[/TD] [/TR] [TR] [TD][LEFT]canteen_management_system_project -- canteen_management_system[/LEFT][/TD] [TD][LEFT]Canteen Management System Project v1.0 was discovered to contain a SQL injection vulnerability via the component /youthappam/add-food.php.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43049&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43049]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43049') [MISC]('https://github.com/sdpyly/bug_report_canteen/blob/master/SQLi.md')[/TD] [/TR] [TR] [TD][LEFT]canteen_management_system_project -- canteen_management_system[/LEFT][/TD] [TD][LEFT]Canteen Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via ip/youthappam/php_action/editFile.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43277&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43277]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43277') [MISC]('https://github.com/HuahuaDaren/bug_report/blob/main/vendors/mayuri_k/canteen-management-system/RCE-1.md')[/TD] [/TR] [TR] [TD][LEFT]canteen_management_system_project -- canteen_management_system[/LEFT][/TD] [TD][LEFT]Canteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the categoriesId parameter at /php_action/fetchSelectedCategories.php.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43278&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43278]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43278') [MISC]('https://github.com/HuahuaDaren/bug_report/blob/main/vendors/mayuri_k/canteen-management-system/SQLi-1.md')[/TD] [/TR] [TR] [TD][LEFT]canteen_management_system_project -- canteen_management_system[/LEFT][/TD] [TD][LEFT]Canteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /youthappam/editcategory.php.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43290&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43290]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43290') [MISC]('https://github.com/songyangqi/bug_report/blob/main/vendors/mayuri_k/canteen-management-system/SQLi-1.md')[/TD] [/TR] [TR] [TD][LEFT]canteen_management_system_project -- canteen_management_system[/LEFT][/TD] [TD][LEFT]Canteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /youthappam/editclient.php.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43291&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43291]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43291') [MISC]('https://github.com/songyangqi/bug_report/blob/main/vendors/mayuri_k/canteen-management-system/SQLi-2.md')[/TD] [/TR] [TR] [TD][LEFT]canteen_management_system_project -- canteen_management_system[/LEFT][/TD] [TD][LEFT]Canteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /youthappam/editfood.php.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43292&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43292]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43292') [MISC]('https://github.com/songyangqi/bug_report/blob/main/vendors/mayuri_k/canteen-management-system/SQLi-3.md')[/TD] [/TR] [TR] [TD][LEFT]cisco -- asyncos[/LEFT][/TD] [TD][LEFT]A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco Secure Email and Web Manager and Cisco Secure Web Appliance could allow an authenticated, remote attacker to elevate privileges on an affected system. The attacker needs valid credentials to exploit this vulnerability. This vulnerability is due to the use of a hardcoded value to encrypt a token used for certain APIs calls . An attacker could exploit this vulnerability by authenticating to the device and sending a crafted HTTP request. A successful exploit could allow the attacker to impersonate another valid user and execute commands with the privileges of that user account.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20868&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20868]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20868') [MISC]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esasmawsa-vulns-YRuSW5mD')[/TD] [/TR] [TR] [TD][LEFT]cisco -- broadworks_commpilot_application[/LEFT][/TD] [TD][LEFT]A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot application could allow an unauthenticated, remote attacker to perform a server-side request forgery (SSRF) attack on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web interface. A successful exploit could allow the attacker to obtain confidential information from the BroadWorks server and other device on the network. {{value}} ["%7b%7bvalue%7d%7d"])}]][/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20958&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20958]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20958') [MISC]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-broadworks-ssrf-BJeQfpp')[/TD] [/TR] [TR] [TD][LEFT]cisco -- email_security_appliance[/LEFT][/TD] [TD][LEFT]A vulnerability in Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain TLS connections that are processed by an affected device. An attacker could exploit this vulnerability by establishing a large number of concurrent TLS connections to an affected device. A successful exploit could allow the attacker to cause the device to drop new TLS email messages that come from the associated email servers. Exploitation of this vulnerability does not cause the affected device to unexpectedly reload. The device will recover autonomously within a few hours of when the attack is halted or mitigated.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20960&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-20960]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20960') [MISC]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-dos-gdghHmbV')[/TD] [/TR] [TR] [TD][LEFT]cisco -- identity_services_engine[/LEFT][/TD] [TD][LEFT]A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to bypass authorization and access system files. This vulnerability is due to improper access control in the web-based management interface of an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to list, download, and delete certain files that they should not have access to. Cisco plans to release software updates that address this vulnerability. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-access-contol-EeufSUCx [" https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-access-contol-EeufSUCx "][/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20956&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20956]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20956') [MISC]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-access-contol-EeufSUCx')[/TD] [/TR] [TR] [TD][LEFT]cisco -- identity_services_engine[/LEFT][/TD] [TD][LEFT]A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform arbitrary actions on the affected device with the privileges of the target user.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20961&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20961]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20961') [MISC]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-csrf-vgNtTpAs')[/TD] [/TR] [TR] [TD][LEFT]cisco -- identity_services_engine[/LEFT][/TD] [TD][LEFT]A vulnerability in the Localdisk Management feature of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to make unauthorized changes to the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted HTTP request with absolute path sequences. A successful exploit could allow the attacker to upload malicious files to arbitrary locations within the file system. Using this method, it is possible to access the underlying operating system and execute commands with system privileges.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20962&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20962]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20962') [MISC]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-path-trav-f6M7cs6r')[/TD] [/TR] [TR] [TD][LEFT]citrix -- gateway[/LEFT][/TD] [TD][LEFT]Unauthorized access to Gateway user capabilities[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-27510&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-27510]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-27510') [MISC]('https://support.citrix.com/article/CTX463706/citrix-gateway-and-citrix-adc-security-bulletin-for-cve202227510-cve202227513-and-cve202227516')[/TD] [/TR] [TR] [TD][LEFT]citrix -- gateway[/LEFT][/TD] [TD][LEFT]User login brute force protection functionality bypass[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-27516&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-27516]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-27516') [MISC]('https://support.citrix.com/article/CTX463706/citrix-gateway-and-citrix-adc-security-bulletin-for-cve202227510-cve202227513-and-cve202227516')[/TD] [/TR] [TR] [TD][LEFT]citrix -- gateway[/LEFT][/TD] [TD][LEFT]Remote desktop takeover via phishing[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][9.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-27513&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-27513]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-27513') [MISC]('https://support.citrix.com/article/CTX463706/citrix-gateway-and-citrix-adc-security-bulletin-for-cve202227510-cve202227513-and-cve202227516')[/TD] [/TR] [TR] [TD][LEFT]codection -- import_and_export_users_and_customers[/LEFT][/TD] [TD][LEFT]The Import and export users and customers WordPress plugin before 1.20.5 does not properly escape data when exporting it via CSV files.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3558&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3558]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3558') [CONFIRM]('https://plugins.trac.wordpress.org/changeset?new=2798139%40import-users-from-csv-with-meta&old=2785785%40import-users-from-csv-with-meta') [CONFIRM]('https://wpscan.com/vulnerability/e3d72e04-9cdf-4b7d-953e-876e26abdfc6')[/TD] [/TR] [TR] [TD][LEFT]dedecms -- dedecms[/LEFT][/TD] [TD][LEFT]DedeCMS v6.1.9 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily add Administrator accounts and modify Admin passwords.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43031&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43031]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43031') [MISC]('https://github.com/cai-niao98/Dedecmsv6') [MISC]('https://gist.github.com/cai-niao98/77a7aa934492c2d651b37b75243eda0b')[/TD] [/TR] [TR] [TD][LEFT]democritus -- d8s-dates[/LEFT][/TD] [TD][LEFT]The d8s-dates for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-timezones package. The affected version of d8s-htm is 0.1.0.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44052&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44052]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44052') [MISC]('https://pypi.org/project/democritus-timezones/') [MISC]('https://pypi.org/project/d8s-dates/') [MISC]('https://github.com/dadadadada111/info/issues/16')[/TD] [/TR] [TR] [TD][LEFT]democritus -- d8s-networking[/LEFT][/TD] [TD][LEFT]The d8s-networking for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-json package. The affected version of d8s-htm is 0.1.0.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44050&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44050]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44050') [MISC]('https://pypi.org/project/d8s-networking/') [MISC]('https://github.com/dadadadada111/info/issues/14') [MISC]('https://pypi.org/project/democritus-json/')[/TD] [/TR] [TR] [TD][LEFT]democritus -- d8s-networking[/LEFT][/TD] [TD][LEFT]The d8s-networking for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-user-agents package. The affected version of d8s-htm is 0.1.0.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44053&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44053]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44053') [MISC]('https://pypi.org/project/d8s-networking/') [MISC]('https://pypi.org/project/democritus-user-agents/') [MISC]('https://github.com/dadadadada111/info/issues/17')[/TD] [/TR] [TR] [TD][LEFT]democritus -- d8s-python[/LEFT][/TD] [TD][LEFT]The d8s-python for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-algorithms package. The affected version of d8s-htm is 0.1.0.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43305&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43305]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43305') [MISC]('https://github.com/dadadadada111/info/issues/10') [MISC]('https://pypi.org/project/d8s-python/') [MISC]('https://pypi.org/project/democritus-algorithms/')[/TD] [/TR] [TR] [TD][LEFT]democritus -- d8s-python[/LEFT][/TD] [TD][LEFT]The d8s-python for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-grammars package. The affected version of d8s-htm is 0.1.0.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44049&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44049]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44049') [MISC]('https://github.com/dadadadada111/info/issues/13') [MISC]('https://pypi.org/project/d8s-python/') [MISC]('https://pypi.org/project/democritus-grammars/')[/TD] [/TR] [TR] [TD][LEFT]democritus -- d8s-stats[/LEFT][/TD] [TD][LEFT]The d8s-stats for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-math package. The affected version of d8s-htm is 0.1.0.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44051&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44051]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44051') [MISC]('https://github.com/dadadadada111/info/issues/15') [MISC]('https://pypi.org/project/d8s-stats/') [MISC]('https://pypi.org/project/democritus-math/')[/TD] [/TR] [TR] [TD][LEFT]democritus -- d8s-strings[/LEFT][/TD] [TD][LEFT]The d8s-strings for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-uuids package. The affected version of d8s-htm is 0.1.0.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43303&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43303]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43303') [MISC]('https://pypi.org/project/d8s-strings/') [MISC]('https://pypi.org/project/democritus-uuids/') [MISC]('https://github.com/dadadadada111/info/issues/8')[/TD] [/TR] [TR] [TD][LEFT]democritus -- d8s-timer[/LEFT][/TD] [TD][LEFT]The d8s-timer for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-uuids package. The affected version of d8s-htm is 0.1.0.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43304&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43304]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43304') [MISC]('https://pypi.org/project/democritus-uuids/') [MISC]('https://pypi.org/project/d8s-timer/') [MISC]('https://github.com/dadadadada111/info/issues/9')[/TD] [/TR] [TR] [TD][LEFT]democritus -- d8s-timer[/LEFT][/TD] [TD][LEFT]The d8s-timer for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-dates package. The affected version of d8s-htm is 0.1.0.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43306&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43306]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43306') [MISC]('https://pypi.org/project/democritus-dates/') [MISC]('https://github.com/dadadadada111/info/issues/11') [MISC]('https://pypi.org/project/d8s-timer/')[/TD] [/TR] [TR] [TD][LEFT]democritus -- d8s-urls[/LEFT][/TD] [TD][LEFT]The d8s-urls for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-domains package. The affected version of d8s-htm is 0.1.0.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44048&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44048]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44048') [MISC]('https://pypi.org/project/d8s-urls/') [MISC]('https://github.com/dadadadada111/info/issues/12') [MISC]('https://pypi.org/project/democritus-domains/')[/TD] [/TR] [TR] [TD][LEFT]democritus -- d8s-xml[/LEFT][/TD] [TD][LEFT]The d8s-xml for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-utility package. The affected version of d8s-htm is 0.1.0.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44054&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44054]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44054') [MISC]('https://pypi.org/project/democritus-utility/') [MISC]('https://pypi.org/project/d8s-xml/') [MISC]('https://github.com/dadadadada111/info/issues/18')[/TD] [/TR] [TR] [TD][LEFT]fastify -- websocket[/LEFT][/TD] [TD][LEFT]@fastify/websocket provides WebSocket support for Fastify. Any application using @fastify/websocket could crash if a specific, malformed packet is sent. All versions of fastify-websocket are also impacted. That module is deprecated, so it will not be patched. This has been patched in version 7.1.1 (fastify v4) and version 5.0.1 (fastify v3). There are currently no known workarounds. However, it should be possible to attach the error handler manually. The recommended path is upgrading to the patched versions.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39386&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-39386]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39386') [CONFIRM]('https://github.com/fastify/fastify-websocket/security/advisories/GHSA-4pcg-wr6c-h9cq')[/TD] [/TR] [TR] [TD][LEFT]flowring -- agentflow_bpm [/LEFT][/TD] [TD][LEFT]The file upload function of Agentflow BPM has insufficient filtering for special characters in URLs. An unauthenticated remote attacker can exploit this vulnerability to upload arbitrary file and execute arbitrary code to manipulate system or disrupt service.[/LEFT][/TD] [TD][CENTER]2022-11-10[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39036&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-39036]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39036') [MISC]('https://www.twcert.org.tw/tw/cp-132-6682-21207-1.html') [MISC]('https://www.flowring.com/2022/09/19/%e7%94%a2%e5%93%81%e6%9b%b4%e6%96%b0agentflow-v4-0%e3%80%81v3-7%e5%a4%be%e6%aa%94%e5%8a%9f%e8%83%bd%e8%b3%87%e5%ae%89%e4%bf%ae%e6%ad%a3/')[/TD] [/TR] [TR] [TD][LEFT]flowring -- agentflow_bpm [/LEFT][/TD] [TD][LEFT]Agentflow BPM file download function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files.[/LEFT][/TD] [TD][CENTER]2022-11-10[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39037&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-39037]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39037') [MISC]('https://www.flowring.com/2022/09/19/%e7%94%a2%e5%93%81%e6%9b%b4%e6%96%b0agentflow-v4-0%e3%80%81v3-7%e5%a4%be%e6%aa%94%e5%8a%9f%e8%83%bd%e8%b3%87%e5%ae%89%e4%bf%ae%e6%ad%a3/') [MISC]('https://www.twcert.org.tw/tw/cp-132-6683-57b71-1.html')[/TD] [/TR] [TR] [TD][LEFT]fluentforms -- contact_form[/LEFT][/TD] [TD][LEFT]The Contact Form Plugin WordPress plugin before 4.3.13 does not validate and escape fields when exporting form entries as CSV, leading to a CSV injection[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3463&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3463]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3463') [CONFIRM]('https://wpscan.com/vulnerability/e2a59481-db45-4b8e-b17a-447303469364')[/TD] [/TR] [TR] [TD][LEFT]food_ordering_management_system_project -- food_ordering_management_system[/LEFT][/TD] [TD][LEFT]Food Ordering Management System v1.0 was discovered to contain a SQL injection vulnerability via the component /foms/all-orders.php?status=Cancelled%20by%20Customer.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42990&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-42990]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42990') [MISC]('https://github.com/YorkLee2022/bug_report/blob/main/vendors/onetnom23/Food%20Ordering%20Management%20System/SQLi-1.md')[/TD] [/TR] [TR] [TD][LEFT]getshortcodes -- shortcodes_ultimate[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS) in Vladimir Anokhin's Shortcodes Ultimate plugin <= 5.12.0 on WordPress.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41136&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41136]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41136') [CONFIRM]('https://patchstack.com/database/vulnerability/shortcodes-ultimate/wordpress-shortcodes-ultimate-plugin-5-12-0-csrf-vulnerability-leading-to-stored-xss?_s_id=cve') [CONFIRM]('https://wordpress.org/plugins/shortcodes-ultimate/#developers')[/TD] [/TR] [TR] [TD][LEFT]gifdec_project -- gifdec[/LEFT][/TD] [TD][LEFT]Gifdec commit 1dcbae19363597314f6623010cc80abad4e47f7c was discovered to contain an out-of-bounds read in the function read_image_data. This vulnerability is triggered when parsing a crafted Gif file.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43359&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43359]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43359') [MISC]('https://github.com/lecram/gifdec/pull/23')[/TD] [/TR] [TR] [TD][LEFT]gitlab -- gitlab[/LEFT][/TD] [TD][LEFT]Lack of sand-boxing of OpenAPI documents in GitLab CE/EE affecting all versions from 12.6 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows an attacker to trick a user to click on the Swagger OpenAPI viewer and issue HTTP requests that affect the victim's account.[/LEFT][/TD] [TD][CENTER]2022-11-10[/CENTER][/TD] [TD][CENTER][9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3726&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3726]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3726') [MISC]('https://hackerone.com/reports/1563383') [CONFIRM]('https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3726.json') [MISC]('https://gitlab.com/gitlab-org/gitlab/-/issues/362509')[/TD] [/TR] [TR] [TD][LEFT]gitlab -- gitlab[/LEFT][/TD] [TD][LEFT]Bypass of healthcheck endpoint allow list affecting all versions from 12.0 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows an unauthorized attacker to prevent access to GitLab[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3285&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-3285]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3285') [CONFIRM]('https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3285.json') [MISC]('https://gitlab.com/gitlab-org/security/omnibus-gitlab/-/issues/64')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In MMU_UnmapPages of the PowerVR kernel driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-243825200[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-1050&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2021-1050]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-1050') [MISC]('https://source.android.com/security/bulletin/2022-11-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In _PMRLogicalOffsetToPhysicalOffset of the PowerVR kernel driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-246824784[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-39661&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2021-39661]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-39661') [MISC]('https://source.android.com/security/bulletin/2022-11-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In navigateUpTo of Task.java, there is a possible way to launch an unexported intent handler due to a logic error in the code. This could lead to local escalation of privilege if the targeted app has an intent trampoline, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-238605611[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20441&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20441]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20441') [MISC]('https://source.android.com/security/bulletin/2022-11-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way to bypass user consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-210065877[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20450&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20450]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20450') [MISC]('https://source.android.com/security/bulletin/2022-11-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In onCallRedirectionComplete of CallsManager.java, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-235098883[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20451&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20451]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20451') [MISC]('https://source.android.com/security/bulletin/2022-11-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In initializeFromParcelLocked of BaseBundle.java, there is a possible method arbitrary code execution due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-240138318[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20452&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20452]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20452') [MISC]('https://source.android.com/security/bulletin/2022-11-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In phNxpNciHal_write_unlocked of phNxpNciHal.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-230356196[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20462&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20462]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20462') [MISC]('https://source.android.com/security/bulletin/2022-11-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In telephony, there is a possible permission bypass due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319132; Issue ID: ALPS07319132.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32601&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32601]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32601') [MISC]('https://corp.mediatek.com/product-security-bulletin/November-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]Improper input validation vulnerability in DualOutFocusViewer prior to SMR Nov-2022 Release 1 allows local attacker to perform an arbitrary code execution.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39880&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-39880]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39880') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=11')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]Heap overflow vulnerability in sflacf_fal_bytes_peek function in libsmat.so library prior to SMR Nov-2022 Release 1 allows local attacker to execute arbitrary code.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39882&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-39882]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39882') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=11')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]Improper authorization vulnerability in StorageManagerService prior to SMR Nov-2022 Release 1 allows local attacker to call privileged API.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39883&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-39883]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39883') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=11')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In process_service_search_rsp of sdp_discovery.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-225876506[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20445&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-20445]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20445') [MISC]('https://source.android.com/security/bulletin/2022-11-01')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Heap buffer overflow in Crashpad in Google Chrome on Android prior to 107.0.5304.106 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][9.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3890&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3890]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3890') [MISC]('https://chromereleases.googleblog.com/2022/11/stable-channel-update-for-desktop.html') [MISC]('https://crbug.com/1380083')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Use after free in Skia in Google Chrome prior to 106.0.5249.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3445&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3445]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3445') [MISC]('https://crbug.com/1364604') [MISC]('https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_11.html')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Heap buffer overflow in WebSQL in Google Chrome prior to 106.0.5249.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3446&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3446]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3446') [MISC]('https://crbug.com/1368076') [MISC]('https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_11.html')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Use after free in Permissions API in Google Chrome prior to 106.0.5249.119 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3448&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3448]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3448') [MISC]('https://crbug.com/1363040') [MISC]('https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_11.html')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Use after free in Safe Browsing in Google Chrome prior to 106.0.5249.119 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3449&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3449]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3449') [MISC]('https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_11.html') [MISC]('https://crbug.com/1364662')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Use after free in Peer Connection in Google Chrome prior to 106.0.5249.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3450&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3450]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3450') [MISC]('https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_11.html') [MISC]('https://crbug.com/1369882')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Use after free in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3885&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3885]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3885') [MISC]('https://chromereleases.googleblog.com/2022/11/stable-channel-update-for-desktop.html') [MISC]('https://crbug.com/1377816')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Use after free in Speech Recognition in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3886&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3886]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3886') [MISC]('https://chromereleases.googleblog.com/2022/11/stable-channel-update-for-desktop.html') [MISC]('https://crbug.com/1372999')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Use after free in Web Workers in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3887&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3887]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3887') [MISC]('https://chromereleases.googleblog.com/2022/11/stable-channel-update-for-desktop.html') [MISC]('https://crbug.com/1372695')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Use after free in WebCodecs in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3888&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3888]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3888') [MISC]('https://chromereleases.googleblog.com/2022/11/stable-channel-update-for-desktop.html') [MISC]('https://crbug.com/1375059')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Type confusion in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3889&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3889]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3889') [MISC]('https://chromereleases.googleblog.com/2022/11/stable-channel-update-for-desktop.html') [MISC]('https://crbug.com/1380063')[/TD] [/TR] [TR] [TD][LEFT]grafana -- grafana[/LEFT][/TD] [TD][LEFT]Grafana is an open-source platform for monitoring and observability. Versions starting with 9.2.0 and less than 9.2.4 contain a race condition in the authentication middlewares logic which may allow an unauthenticated user to query an administration endpoint under heavy load. This issue is patched in 9.2.4. There are no known workarounds.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39328&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-39328]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39328') [CONFIRM]('https://github.com/grafana/grafana/security/advisories/GHSA-vqc4-mpj8-jxch')[/TD] [/TR] [TR] [TD][LEFT]hcltech -- domino[/LEFT][/TD] [TD][LEFT]HCL XPages applications are susceptible to a Cross Site Request Forgery (CSRF) vulnerability. An unauthenticated attacker could exploit this vulnerability to perform actions in the application on behalf of the logged in user.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-38660&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-38660]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-38660') [MISC]('https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0101037')[/TD] [/TR] [TR] [TD][LEFT]html2xhtml_project -- html2xhtml[/LEFT][/TD] [TD][LEFT]html2xhtml v1.3 was discovered to contain an Out-Of-Bounds read in the function static void elm_close(tree_node_t *nodo) at procesador.c. This vulnerability allows attackers to access sensitive files or cause a Denial of Service (DoS) via a crafted html file.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44311&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-44311]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44311') [MISC]('https://github.com/jfisteus/html2xhtml/issues/19')[/TD] [/TR] [TR] [TD][LEFT]huawei -- emui[/LEFT][/TD] [TD][LEFT]The system framework layer has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44562&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44562]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44562') [MISC]('https://consumer.huawei.com/en/support/bulletin/2022/11/') [MISC]('https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202211-0000001441016433')[/TD] [/TR] [TR] [TD][LEFT]huawei -- emui[/LEFT][/TD] [TD][LEFT]Missing parameter type validation in the DRM module. Successful exploitation of this vulnerability may affect availability.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44556&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-44556]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44556') [MISC]('https://consumer.huawei.com/en/support/bulletin/2022/11/')[/TD] [/TR] [TR] [TD][LEFT]huawei -- harmonyos[/LEFT][/TD] [TD][LEFT]The DRM module has a vulnerability in verifying the secure memory attributes. Successful exploitation of this vulnerability may cause abnormal video playback.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-46851&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2021-46851]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-46851') [MISC]('https://consumer.huawei.com/en/support/bulletin/2022/11/') [MISC]('https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202211-0000001441016433')[/TD] [/TR] [TR] [TD][LEFT]huawei -- harmonyos[/LEFT][/TD] [TD][LEFT]The memory management module has the logic bypass vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-46852&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2021-46852]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-46852') [MISC]('https://consumer.huawei.com/en/support/bulletin/2022/11/') [MISC]('https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202211-0000001441016433')[/TD] [/TR] [TR] [TD][LEFT]huawei -- harmonyos[/LEFT][/TD] [TD][LEFT]The kernel module has the vulnerability that the mapping is not cleared after the memory is automatically released. Successful exploitation of this vulnerability may cause a system restart.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44546&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-44546]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44546') [MISC]('https://consumer.huawei.com/en/support/bulletin/2022/11/') [MISC]('https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202211-0000001441016433')[/TD] [/TR] [TR] [TD][LEFT]huawei -- harmonyos[/LEFT][/TD] [TD][LEFT]The Display Service module has a UAF vulnerability. Successful exploitation of this vulnerability may affect the display service availability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44547&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-44547]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44547') [MISC]('https://consumer.huawei.com/en/support/bulletin/2022/11/') [MISC]('https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202211-0000001441016433')[/TD] [/TR] [TR] [TD][LEFT]huawei -- harmonyos[/LEFT][/TD] [TD][LEFT]The LBS module has a vulnerability in geofencing API access. Successful exploitation of this vulnerability may cause third-party apps to access the geofencing APIs without authorization, affecting user confidentiality.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44549&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-44549]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44549') [MISC]('https://consumer.huawei.com/en/support/bulletin/2022/11/') [MISC]('https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202211-0000001441016433')[/TD] [/TR] [TR] [TD][LEFT]huawei -- harmonyos[/LEFT][/TD] [TD][LEFT]The graphics display module has a UAF vulnerability when traversing graphic layers. Successful exploitation of this vulnerability may affect system availability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44550&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-44550]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44550') [MISC]('https://consumer.huawei.com/en/support/bulletin/2022/11/') [MISC]('https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202211-0000001441016433')[/TD] [/TR] [TR] [TD][LEFT]human_resource_management_system_project -- human_resource_management_system[/LEFT][/TD] [TD][LEFT]Human Resource Management System v1.0 was discovered to contain a SQL injection vulnerability via the stateedit parameter at /hrm/state.php.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43318&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43318]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43318') [MISC]('https://github.com/ImaizumiYui/bug_report/blob/main/vendors/oretnom23/Human%20Resource%20Management%20System/SQLi-1.md')[/TD] [/TR] [TR] [TD][LEFT]inhandnetworks -- ir302_firmware[/LEFT][/TD] [TD][LEFT]A leftover debug code vulnerability exists in the console support functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-28689&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-28689]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-28689') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2022-1521') [CONFIRM]('https://inhandnetworks.com/upload/attachment/202210/25/InHand-PSA-2022-02.pdf')[/TD] [/TR] [TR] [TD][LEFT]inhandnetworks -- ir302_firmware[/LEFT][/TD] [TD][LEFT]A leftover debug code vulnerability exists in the console infct functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted series of network requests can lead to execution of privileged operations. An attacker can send a sequence of requests to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-30543&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-30543]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-30543') [CONFIRM]('https://inhandnetworks.com/upload/attachment/202210/25/InHand-PSA-2022-02.pdf') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2022-1519')[/TD] [/TR] [TR] [TD][LEFT]inhandnetworks -- ir302_firmware[/LEFT][/TD] [TD][LEFT]A leftover debug code vulnerability exists in the httpd port 4444 upload.cgi functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted HTTP request can lead to arbitrary file deletion. An attacker can send an HTTP request to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-29888&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-29888]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-29888') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2022-1522') [CONFIRM]('https://inhandnetworks.com/upload/attachment/202210/25/InHand-PSA-2022-02.pdf')[/TD] [/TR] [TR] [TD][LEFT]jhead_project -- jhead[/LEFT][/TD] [TD][LEFT]jhead 3.06 is vulnerable to Buffer Overflow via exif.c in function Put16u.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-34055&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2021-34055]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-34055') [MISC]('https://github.com/Matthias-Wandel/jhead/issues/36')[/TD] [/TR] [TR] [TD][LEFT]linux -- linux_kernel[/LEFT][/TD] [TD][LEFT]The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43945&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-43945]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43945') [MISC]('https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f90497a16e434c2211c66e3de8e77b17868382b8')[/TD] [/TR] [TR] [TD][LEFT]mahara -- mahara[/LEFT][/TD] [TD][LEFT]Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22.10.0 potentially allow a PDF export to trigger a remote shell if the site is running on Ubuntu and the flag -dSAFER is not set with Ghostscript.[/LEFT][/TD] [TD][CENTER]2022-11-06[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44544&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44544]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44544') [MISC]('https://bugs.launchpad.net/mahara/+bug/1979575') [MISC]('https://mahara.org/interaction/forum/topic.php?id=9198')[/TD] [/TR] [TR] [TD][LEFT]mahara -- mahara[/LEFT][/TD] [TD][LEFT]In Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22.10.0, embedded images are accessible without a sufficient permission check under certain conditions.[/LEFT][/TD] [TD][CENTER]2022-11-06[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42707&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-42707]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42707') [MISC]('https://bugs.launchpad.net/mahara/+bug/1991157') [MISC]('https://mahara.org/interaction/forum/topic.php?id=9199')[/TD] [/TR] [TR] [TD][LEFT]maxonerp -- maxon[/LEFT][/TD] [TD][LEFT]A vulnerability classified as critical has been found in Maxon ERP. This affects an unknown part of the file /index.php/purchase_order/browse_data. The manipulation of the argument tb_search leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-213039.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3878&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3878]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3878') [MISC]('https://github.com/huclilu/CVE_Add') [MISC]('https://vuldb.com/?id.213039')[/TD] [/TR] [TR] [TD][LEFT]mediatek -- lr12a[/LEFT][/TD] [TD][LEFT]In Modem 4G RRC, there is a possible system crash due to improper input validation. This could lead to remote denial of service, when concatenating improper SIB12 (CMAS message), with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00867883; Issue ID: ALPS07274118.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-26446&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-26446]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-26446') [MISC]('https://corp.mediatek.com/product-security-bulletin/November-2022')[/TD] [/TR] [TR] [TD][LEFT]mendix -- saml[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions < V1.17.0), Mendix SAML Module (Mendix 7 compatible) (All versions >= V1.17.0), Mendix SAML Module (Mendix 8 compatible) (All versions < V2.3.0), Mendix SAML Module (Mendix 8 compatible) (All versions >= V2.3.0 < V2.3.2), Mendix SAML Module (Mendix 9 compatible, New Track) (All versions < V3.3.1), Mendix SAML Module (Mendix 9 compatible, New Track) (All versions >= V3.3.1 < V3.3.5), Mendix SAML Module (Mendix 9 compatible, Upgrade Track) (All versions < V3.3.0), Mendix SAML Module (Mendix 9 compatible, Upgrade Track) (All versions >= V3.3.0 < V3.3.4). Affected versions of the module insufficiently protect from packet capture replay, only when the not recommended, non default configuration option [ICODE]'Allow Idp Initiated Authentication'[/ICODE] is enabled. This CVE entry describes the incomplete fix for CVE-2022-37011 in a specific non default configuration.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44457&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44457]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44457') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-638652.pdf')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- azure_iot_edge_for_linux[/LEFT][/TD] [TD][LEFT]Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-38014&vector=CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-38014]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-38014') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38014')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- azure_rtos_filex[/LEFT][/TD] [TD][LEFT]Azure RTOS FileX is a FAT-compatible file system that’s fully integrated with Azure RTOS ThreadX. In versions before 6.2.0, the Fault Tolerant feature of Azure RTOS FileX includes integer under and overflows which may be exploited to achieve buffer overflow and modify memory contents. When a valid log file with correct ID and checksum is detected by the [ICODE]_fx_fault_tolerant_enable[/ICODE] function an attempt to recover the previous failed write operation is taken by call of [ICODE]_fx_fault_tolerant_apply_logs[/ICODE]. This function iterates through the log entries and performs required recovery operations. When properly crafted a log including entries of type [ICODE]FX_FAULT_TOLERANT_DIR_LOG_TYPE[/ICODE] may be utilized to introduce unexpected behavior. This issue has been patched in version 6.2.0. A workaround to fix line 218 in fx_fault_tolerant_apply_logs.c is documented in the GHSA.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39343&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-39343]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39343') [CONFIRM]('https://github.com/azure-rtos/filex/security/advisories/GHSA-8jqf-wjhq-4w9f') [MISC]('https://github.com/azure-rtos/filex/blob/master/common/src/fx_fault_tolerant_apply_logs.c#L218')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- azure_rtos_usbx[/LEFT][/TD] [TD][LEFT]Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. Prior to version 6.1.12, the USB DFU UPLOAD functionality may be utilized to introduce a buffer overflow resulting in overwrite of memory contents. In particular cases this may allow an attacker to bypass security features or execute arbitrary code. The implementation of [ICODE]ux_device_class_dfu_control_request[/ICODE] function prevents buffer overflow during handling of DFU UPLOAD command when current state is [ICODE]UX_SYSTEM_DFU_STATE_DFU_IDLE[/ICODE]. This issue has been patched, please upgrade to version 6.1.12. As a workaround, add the [ICODE]UPLOAD_LENGTH[/ICODE] check in all possible states.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39344&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-39344]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39344') [CONFIRM]('https://github.com/azure-rtos/usbx/security/advisories/GHSA-m9p8-xrp7-vvqp')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- dwm_core_library[/LEFT][/TD] [TD][LEFT]Microsoft DWM Core Library Elevation of Privilege Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41096&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41096]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41096') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41096')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- excel[/LEFT][/TD] [TD][LEFT]Microsoft Excel Security Feature Bypass Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41104&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41104]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41104') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41104')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- excel[/LEFT][/TD] [TD][LEFT]Microsoft Excel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-41063.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41106&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41106]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41106') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41106')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- exchange_server[/LEFT][/TD] [TD][LEFT]Microsoft Exchange Server Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41123.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41080&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41080]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41080') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41080')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- exchange_server[/LEFT][/TD] [TD][LEFT]Microsoft Exchange Server Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41080.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41123&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41123]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41123') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41123')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- exchange_server[/LEFT][/TD] [TD][LEFT]Microsoft Exchange Server Spoofing Vulnerability. This CVE ID is unique from CVE-2022-41079.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41078&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-41078]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41078') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41078')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- exchange_server[/LEFT][/TD] [TD][LEFT]Microsoft Exchange Server Spoofing Vulnerability. This CVE ID is unique from CVE-2022-41078.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41079&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-41079]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41079') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41079')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- microsoft_excel[/LEFT][/TD] [TD][LEFT]Microsoft Excel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-41106.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41063&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41063]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41063') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41063')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- microsoft_wod[/LEFT][/TD] [TD][LEFT]Microsoft Word Remote Code Execution Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41061&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41061]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41061') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41061')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- office[/LEFT][/TD] [TD][LEFT]Microsoft Office Graphics Remote Code Execution Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41107&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41107]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41107') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41107')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- sharepoint [/LEFT][/TD] [TD][LEFT]Microsoft SharePoint Server Remote Code Execution Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41062&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41062]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41062') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41062')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- visual_studio_2017[/LEFT][/TD] [TD][LEFT]Visual Studio Remote Code Execution Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41119&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41119]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41119') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41119')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Microsoft ODBC Driver Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-41048.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41047&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41047]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41047') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41047')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Microsoft ODBC Driver Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-41047.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41048&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41048]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41048') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41048')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Scripting Languages Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-41118.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41128&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41128]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41128') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41128')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37966&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-37966]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37966') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37966')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Netlogon RPC Elevation of Privilege Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-38023&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-38023]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-38023') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38023')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-41044, CVE-2022-41088.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41039&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41039]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41039') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41039')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-41039, CVE-2022-41088.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41044&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41044]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41044') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41044')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Group Policy Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41086.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37992&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-37992]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37992') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37992')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41093, CVE-2022-41100.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41045&vector=CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41045]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41045') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41045')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows HTTP.sys Elevation of Privilege Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41057&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41057]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41057') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41057')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Network Policy Server (NPS) RADIUS Protocol Denial of Service Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41056&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41056]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41056') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41056')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Network Address Translation (NAT) Denial of Service Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41058&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41058]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41058') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41058')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Scripting Languages Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-41128.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41118&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41118]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41118') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41118')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Kerberos Elevation of Privilege Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37967&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-37967]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37967') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37967')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2012[/LEFT][/TD] [TD][LEFT]Windows CNG Key Isolation Service Elevation of Privilege Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41125&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41125]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41125') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41125')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_sysmon[/LEFT][/TD] [TD][LEFT]Microsoft Windows Sysmon Elevation of Privilege Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41120&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41120]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41120') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41120')[/TD] [/TR] [TR] [TD][LEFT]n-prolog_project -- n-prolog[/LEFT][/TD] [TD][LEFT]N-Prolog v1.91 was discovered to contain a global buffer overflow vulnerability in the function gettoken() at Main.c.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43343&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-43343]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43343') [MISC]('https://github.com/sasagawa888/nprolog/issues/75')[/TD] [/TR] [TR] [TD][LEFT]nec -- expresscluster_x_singleserversafe[/LEFT][/TD] [TD][LEFT]Path traversal vulnerability in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0 for Windows and earlier, CLUSTERPRO X 5.0 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 5.0 SingleServerSafe for Windows and earlier allows a remote unauthenticated attacker to overwrite existing files on the file system and to potentially execute arbitrary code.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-34822&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-34822]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-34822') [MISC]('https://jpn.nec.com/security-info/secinfo/nv22-014_en.html')[/TD] [/TR] [TR] [TD][LEFT]nec -- expresscluster_x_singleserversafe[/LEFT][/TD] [TD][LEFT]Buffer overflow vulnerability in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0 for Windows and earlier, CLUSTERPRO X 5.0 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 5.0 SingleServerSafe for Windows and earlier allows a remote unauthenticated attacker to overwrite existing files on the file system and to potentially execute arbitrary code.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-34823&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-34823]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-34823') [MISC]('https://jpn.nec.com/security-info/secinfo/nv22-014_en.html')[/TD] [/TR] [TR] [TD][LEFT]nec -- expresscluster_x_singleserversafe[/LEFT][/TD] [TD][LEFT]Weak File and Folder Permissions vulnerability in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0 for Windows and earlier, CLUSTERPRO X 5.0 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 5.0 SingleServerSafe for Windows and earlier allows a remote unauthenticated attacker to overwrite existing files on the file system and to potentially execute arbitrary code.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-34824&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-34824]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-34824') [MISC]('https://jpn.nec.com/security-info/secinfo/nv22-014_en.html')[/TD] [/TR] [TR] [TD][LEFT]nec -- expresscluster_x_singleserversafe[/LEFT][/TD] [TD][LEFT]Uncontrolled Search Path Element in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0 for Windows and earlier, CLUSTERPRO X 5.0 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 5.0 SingleServerSafe for Windows and earlier allows a remote unauthenticated attacker to overwrite existing files on the file system and to potentially execute arbitrary code.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-34825&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-34825]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-34825') [MISC]('https://jpn.nec.com/security-info/secinfo/nv22-014_en.html')[/TD] [/TR] [TR] [TD][LEFT]netwrix -- auditor[/LEFT][/TD] [TD][LEFT]Remote code execution vulnerabilities exist in the Netwrix Auditor User Activity Video Recording component affecting both the Netwrix Auditor server and agents installed on monitored systems. The remote code execution vulnerabilities exist within the underlying protocol used by the component, and potentially allow an unauthenticated remote attacker to execute arbitrary code as the NT AUTHORITY\SYSTEM user on affected systems, including on systems Netwrix Auditor monitors.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-31199&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-31199]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-31199') [MISC]('https://bishopfox.com/blog/netwrix-auditor-advisory')[/TD] [/TR] [TR] [TD][LEFT]objectfirst -- object_first[/LEFT][/TD] [TD][LEFT]An issue was discovered in Object First 1.0.7.712. The authorization service has a flow that allows getting access to the Web UI without knowing credentials. For signing, the JWT token uses a secret key that is generated through a function that doesn't produce cryptographically strong sequences. An attacker can predict these sequences and generate a JWT token. As a result, an attacker can get access to the Web UI. This is fixed in 1.0.13.1611.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44796&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44796]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44796') [MISC]('https://objectfirst.com/security/of-20221024-0002/')[/TD] [/TR] [TR] [TD][LEFT]objectfirst -- object_first[/LEFT][/TD] [TD][LEFT]An issue was discovered in Object First 1.0.7.712. Management protocol has a flow which allows a remote attacker to execute arbitrary Bash code with root privileges. The command that sets the hostname doesn't validate input parameters. As a result, arbitrary data goes directly to the Bash interpreter. An attacker would need credentials to exploit this vulnerability. This is fixed in 1.0.13.1611.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44794&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44794]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44794') [MISC]('https://objectfirst.com/security/of-20221024-0001/')[/TD] [/TR] [TR] [TD][LEFT]online_diagnostic_lab_management_system_project -- online_diagnostic_lab_management_system[/LEFT][/TD] [TD][LEFT]Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /odlms//classes/Master.php?f=delete_activity.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43058&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43058]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43058') [MISC]('https://github.com/ctg503/bug_report/blob/main/vendors/oretnom23/online-diagnostic-lab-management-system/SQLi-1.md')[/TD] [/TR] [TR] [TD][LEFT]online_diagnostic_lab_management_system_project -- online_diagnostic_lab_management_system[/LEFT][/TD] [TD][LEFT]Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /odlms/classes/Users.php?f=delete_test.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43051&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43051]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43051') [MISC]('https://github.com/1909900436/bug_report/blob/main/vendors/oretnom23/online-diagnostic-lab-management-system/SQLi-1.md')[/TD] [/TR] [TR] [TD][LEFT]online_diagnostic_lab_management_system_project -- online_diagnostic_lab_management_system[/LEFT][/TD] [TD][LEFT]Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /odlms/classes/Users.php?f=delete.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43052&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43052]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43052') [MISC]('https://github.com/1909900436/bug_report/blob/main/vendors/oretnom23/online-diagnostic-lab-management-system/SQLi-2.md')[/TD] [/TR] [TR] [TD][LEFT]online_tours_and_travels_management_system_project -- online_tours_and_travels_management_system[/LEFT][/TD] [TD][LEFT]Online Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability in the component update_profile.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43050&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43050]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43050') [MISC]('https://github.com/1909900436/bug_report/blob/main/vendors/mayuri_k/online-tours-travels-management-system/RCE-1.md')[/TD] [/TR] [TR] [TD][LEFT]openfga -- openfga[/LEFT][/TD] [TD][LEFT]OpenFGA is a high-performance authorization/permission engine inspired by Google Zanzibar. Versions prior to 0.2.5 are vulnerable to authorization bypass under certain conditions. You are affected by this vulnerability if you added a tuple with a wildcard (*) assigned to a tupleset relation (the right hand side of a ‘from’ statement). This issue has been patched in version v0.2.5. This update is not backward compatible with any authorization model that uses wildcard on a tupleset relation.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39352&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-39352]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39352') [CONFIRM]('https://github.com/openfga/openfga/security/advisories/GHSA-3gfj-fxx4-f22w')[/TD] [/TR] [TR] [TD][LEFT]opensuse -- openldap2[/LEFT][/TD] [TD][LEFT]A Untrusted Search Path vulnerability in openldap2 of openSUSE Factory allows local attackers with control of the ldap user or group to change ownership of arbitrary directory entries to this user/group, leading to escalation to root. This issue affects: openSUSE Factory openldap2 versions prior to 2.6.3-404.1.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-31253&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-31253]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-31253') [CONFIRM]('https://bugzilla.suse.com/show_bug.cgi?id=1202931')[/TD] [/TR] [TR] [TD][LEFT]opmc -- woocommerce_dropshipping[/LEFT][/TD] [TD][LEFT]The WooCommerce Dropshipping WordPress plugin before 4.4 does not properly sanitise and escape a parameter before using it in a SQL statement via a REST endpoint available to unauthenticated users, leading to a SQL injection[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3481&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3481]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3481') [CONFIRM]('https://wpscan.com/vulnerability/c5e395f8-257e-49eb-afbd-9c1e26045373')[/TD] [/TR] [TR] [TD][LEFT]parseplatform -- parse-server[/LEFT][/TD] [TD][LEFT]Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Versions prior to 4.10.18, and prior to 5.3.1 on the 5.X branch, are vulnerable to Remote Code Execution via prototype pollution. An attacker can use this prototype pollution sink to trigger a remote code execution through the MongoDB BSON parser. This issue is patched in version 5.3.1 and in 4.10.18. There are no known workarounds.[/LEFT][/TD] [TD][CENTER]2022-11-10[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39396&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-39396]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39396') [CONFIRM]('https://github.com/parse-community/parse-server/security/advisories/GHSA-prm5-8g2m-24gg')[/TD] [/TR] [TR] [TD][LEFT]passwork -- passwork[/LEFT][/TD] [TD][LEFT]The PassWork extension 5.0.9 for Chrome and other browsers allows an attacker to obtain cleartext cached credentials.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42955&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-42955]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42955') [MISC]('https://chrome.google.com/webstore/detail/passwork-self-hosted/ibiipnmmlnehmeonnhbdajcfagcgihkl') [MISC]('https://passwork.canny.io/changelog/version-5110')[/TD] [/TR] [TR] [TD][LEFT]passwork -- passwork[/LEFT][/TD] [TD][LEFT]The PassWork extension 5.0.9 for Chrome and other browsers allows an attacker to obtain the cleartext master password.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42956&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-42956]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42956') [MISC]('https://chrome.google.com/webstore/detail/passwork-self-hosted/ibiipnmmlnehmeonnhbdajcfagcgihkl') [MISC]('https://passwork.canny.io/changelog/version-5110')[/TD] [/TR] [TR] [TD][LEFT]pattersondental -- eaglesoft[/LEFT][/TD] [TD][LEFT]Patterson Dental Eaglesoft 21 has AES-256 encryption but there are two ways to obtain a keyfile: (1) keybackup.data > License > Encryption Key or (2) Eaglesoft.Server.Configuration.data > DbEncryptKeyPrimary > Encryption Key. Applicable files are encrypted with keys and salt that are hardcoded into a DLL or EXE file.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37710&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-37710]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37710') [MISC]('https://justinshafer.blogspot.com/2022/08/eaglesofts-automatic-aes-256-encryption.html')[/TD] [/TR] [TR] [TD][LEFT]phoenix_contact -- fl_mguard_dm [/LEFT][/TD] [TD][LEFT]In Phoenix Contact: FL MGUARD DM version 1.12.0 and 1.13.0 access to the Apache web server being installed as part of the FL MGUARD DM on Microsoft Windows does not require login credentials even if configured during installation.Attackers with network access to the Apache web server can download and therefore read mGuard configuration profiles (“ATV profiles”). Such configuration profiles may contain sensitive information, e.g. private keys associated with IPsec VPN connections.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-34579&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2021-34579]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-34579') [MISC]('https://cert.vde.com/en/advisories/VDE-2021-035/')[/TD] [/TR] [TR] [TD][LEFT]powercom_co_ltd -- upsmon_pro[/LEFT][/TD] [TD][LEFT]UPSMON PRO transmits sensitive data in cleartext over HTTP protocol. An unauthenticated remote attacker can exploit this vulnerability to access sensitive data.[/LEFT][/TD] [TD][CENTER]2022-11-10[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-38122&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-38122]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-38122') [MISC]('https://www.twcert.org.tw/tw/cp-132-6681-e9650-1.html')[/TD] [/TR] [TR] [TD][LEFT]powercom_co_ltd -- upsmon_pro [/LEFT][/TD] [TD][LEFT]UPSMON Pro login function has insufficient authentication. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and get administrator privilege to access, control system or disrupt service.[/LEFT][/TD] [TD][CENTER]2022-11-10[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-38119&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-38119]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-38119') [MISC]('https://www.twcert.org.tw/tw/cp-132-6678-e9fbe-1.html')[/TD] [/TR] [TR] [TD][LEFT]pymatgen -- pymatgen[/LEFT][/TD] [TD][LEFT]An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the pymatgen PyPI package, when an attacker is able to supply arbitrary input to the GaussianInput.from_string method[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42964&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-42964]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42964') [MISC]('https://research.jfrog.com/vulnerabilities/pymatgen-redos-xray-257184/')[/TD] [/TR] [TR] [TD][LEFT]python -- python[/LEFT][/TD] [TD][LEFT]Python 3.9.x and 3.10.x through 3.10.8 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network namespace, which in many system configurations means any user on the same machine. Pickles can execute arbitrary code. Thus, this allows for local user privilege escalation to the user that any forkserver process is running as. Setting multiprocessing.util.abstract_sockets_supported to False is a workaround. The forkserver start method for multiprocessing is not the default start method. This issue is Linux specific because only Linux supports abstract namespace sockets. CPython before 3.9 does not make use of Linux abstract namespace sockets by default. Support for users manually specifying an abstract namespace socket was added as a bugfix in 3.7.8 and 3.8.4, but users would need to make specific uncommon API calls in order to do that in CPython before 3.9.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42919&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-42919]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42919') [MISC]('https://github.com/python/cpython/issues/97514')[/TD] [/TR] [TR] [TD][LEFT]python -- python[/LEFT][/TD] [TD][LEFT]An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostname. For example, the attack payload could be placed in the Location header of an HTTP response with status code 302. A fix is planned in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45061&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-45061]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45061') [MISC]('https://github.com/python/cpython/issues/98433')[/TD] [/TR] [TR] [TD][LEFT]python-poetry -- cleo[/LEFT][/TD] [TD][LEFT]An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the cleo PyPI package, when an attacker is able to supply arbitrary input to the Table.set_rows method[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42966&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-42966]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42966') [MISC]('https://research.jfrog.com/vulnerabilities/cleo-redos-xray-257186/')[/TD] [/TR] [TR] [TD][LEFT]qemu -- qemu[/LEFT][/TD] [TD][LEFT]An off-by-one read/write issue was found in the SDHCI device of QEMU. It occurs when reading/writing the Buffer Data Port Register in sdhci_read_dataport and sdhci_write_dataport, respectively, if data_count == block_size. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][8.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3872&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-3872]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3872') [MISC]('https://lists.nongnu.org/archive/html/qemu-devel/2022-11/msg01068.html')[/TD] [/TR] [TR] [TD][LEFT]really-simple-plugins -- complianz[/LEFT][/TD] [TD][LEFT]The Complianz WordPress plugin before 6.3.4, and Complianz Premium WordPress plugin before 6.3.6 allow a translators to inject arbitrary SQL through an unsanitized translation. SQL can be injected through an infected translation file, or by a user with a translator role through translation plugins such as Loco Translate or WPML.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3494&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3494]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3494') [CONFIRM]('https://wpscan.com/vulnerability/71db75c0-5907-4237-884f-8db88b1a9b34')[/TD] [/TR] [TR] [TD][LEFT]roxyfileman -- roxy_fileman[/LEFT][/TD] [TD][LEFT]Roxy Fileman 1.4.6 allows Remote Code Execution via a .phar upload, because the default FORBIDDEN_UPLOADS value in conf.json only blocks .php, .php4, and .php5 files. (Visiting any .phar file invokes the PHP interpreter in some realistic web-server configurations.)[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40797&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40797]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40797') [MISC]('https://salsa.debian.org/php-team/php/-/blob/dc253886b5b2e9bc8d9e36db787abb083a667fd8/debian/php-cgi.conf#L5-6') [MISC]('https://web.archive.org/web/20210126213412/https://roxyfileman.com/download.php?f=1.4.6-php') [MISC]('https://gist.github.com/Hadi999/1f66fe7c5a217ca261ebfec36c630d18')[/TD] [/TR] [TR] [TD][LEFT]samsung -- billing[/LEFT][/TD] [TD][LEFT]Improper Authorization in Samsung Billing prior to version 5.0.56.0 allows attacker to get sensitive information.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39890&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-39890]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39890') [MISC]('https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=11')[/TD] [/TR] [TR] [TD][LEFT]samsung -- exynos_firmware[/LEFT][/TD] [TD][LEFT]Improper input validation vulnerability for processing SIB12 PDU in Exynos modems prior to SMR Sep-2022 Release allows remote attacker to read out of bounds memory.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39881&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-39881]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39881') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=11')[/TD] [/TR] [TR] [TD][LEFT]samsung -- pass[/LEFT][/TD] [TD][LEFT]Improper access control in Samsung Pass prior to version 4.0.05.1 allows attackers to unauthenticated access via keep open feature.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39892&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-39892]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39892') [MISC]('https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=11')[/TD] [/TR] [TR] [TD][LEFT]sanitization_management_system_project -- sanitization_management_system[/LEFT][/TD] [TD][LEFT]A vulnerability classified as critical has been found in SourceCodester Sanitization Management System. Affected is an unknown function of the file /php-sms/classes/Master.php?f=save_quote. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-213012.[/LEFT][/TD] [TD][CENTER]2022-11-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3868&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3868]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3868') [N/A]('https://vuldb.com/?id.213012') [N/A]('https://github.com/x9AD8/Sanitization-Management-System/blob/main/README.md')[/TD] [/TR] [TR] [TD][LEFT]sanitization_management_system_project -- sanitization_management_system[/LEFT][/TD] [TD][LEFT]Sanitization Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /php-sms/classes/Master.php?f=delete_inquiry.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43350&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43350]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43350') [MISC]('https://github.com/Hujozay/bug_report/blob/main/vendors/oretnom23/sanitization-management-system/SQLi-2.md')[/TD] [/TR] [TR] [TD][LEFT]sanitization_management_system_project -- sanitization_management_system[/LEFT][/TD] [TD][LEFT]Sanitization Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /php-sms/classes/Master.php?f=delete_quote.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43352&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43352]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43352') [MISC]('https://github.com/Hujozay/bug_report/blob/main/vendors/oretnom23/sanitization-management-system/SQLi-1.md')[/TD] [/TR] [TR] [TD][LEFT]sap -- 3d_visual_enterprise_viewer[/LEFT][/TD] [TD][LEFT]Due to lack of proper memory management, when a victim opens manipulated file received from untrusted sources in SAP 3D Visual Enterprise Author and SAP 3D Visual Enterprise Viewer, Arbitrary Code Execution can be triggered when payload forces:Re-use of dangling pointer which refers to overwritten space in memory. The accessed memory must be filled with code to execute the attack. Therefore, repeated success is unlikely.Stack-based buffer overflow. Since the memory overwritten is random, based on access rights of the memory, repeated success is not assured.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41211&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41211]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41211') [MISC]('https://launchpad.support.sap.com/#/notes/3263436') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html')[/TD] [/TR] [TR] [TD][LEFT]sap -- businessobjects_business_intelligence[/LEFT][/TD] [TD][LEFT]In some workflow of SAP BusinessObjects BI Platform (Central Management Console and BI LaunchPad), an authenticated attacker with low privileges can intercept a serialized object in the parameters and substitute with another malicious serialized object, which leads to deserialization of untrusted data vulnerability. This could highly compromise the Confidentiality, Integrity, and Availability of the system.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41203&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41203]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41203') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html') [MISC]('https://launchpad.support.sap.com/#/notes/3243924')[/TD] [/TR] [TR] [TD][LEFT]schneider-electric -- ecostruxure_operator_terminal_expert[/LEFT][/TD] [TD][LEFT]A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists in the SGIUtility component that allows adversaries with local user privileges to load a malicious DLL which could result in execution of malicious code. Affected Products: EcoStruxure Operator Terminal Expert(V3.3 Hotfix 1 or prior), Pro-face BLUE(V3.3 Hotfix1 or prior).[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41669&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41669]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41669') [MISC]('https://www.se.com/ww/en/download/document/SEVD-2022-284-01/')[/TD] [/TR] [TR] [TD][LEFT]schneider-electric -- ecostruxure_operator_terminal_expert[/LEFT][/TD] [TD][LEFT]A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in the SGIUtility component that allows adversaries with local user privileges to load malicious DLL which could result in execution of malicious code. Affected Products: EcoStruxure Operator Terminal Expert(V3.3 Hotfix 1 or prior), Pro-face BLUE(V3.3 Hotfix1 or prior).[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41670&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41670]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41670') [MISC]('https://www.se.com/ww/en/download/document/SEVD-2022-284-01/')[/TD] [/TR] [TR] [TD][LEFT]schneider-electric -- ecostruxure_operator_terminal_expert[/LEFT][/TD] [TD][LEFT]A CWE-89: Improper Neutralization of Special Elements used in SQL Command (‘SQL Injection’) vulnerability exists that allows adversaries with local user privileges to craft a malicious SQL query and execute as part of project migration which could result in execution of malicious code. Affected Products: EcoStruxure Operator Terminal Expert(V3.3 Hotfix 1 or prior), Pro-face BLUE(V3.3 Hotfix1 or prior).[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41671&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41671]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41671') [MISC]('https://www.se.com/ww/en/download/document/SEVD-2022-284-01/')[/TD] [/TR] [TR] [TD][LEFT]siemens -- 7kg9501-0aa01-2aa1_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50). Affected devices do not renew the session cookie after login/logout and also accept user defined session cookies. An attacker could overwrite the stored session cookie of a user. After the victim logged in, the attacker is given access to the user's account through the activated session.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43398&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43398]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43398') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- 7kg9501-0aa01-2aa1_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50). Affected devices do not properly validate the Language-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43439&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43439]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43439') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- 7kg9501-0aa01-2aa1_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50). Affected devices do not properly validate the RecordType-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43545&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43545]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43545') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- 7kg9501-0aa01-2aa1_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50). Affected devices do not properly validate the EndTime-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43546&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43546]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43546') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- jt2go[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.3 (All versions < V13.3.0.7), Teamcenter Visualization V13.3 (All versions >= V13.3.0.7), Teamcenter Visualization V14.0 (All versions < V14.0.0.3), Teamcenter Visualization V14.1 (All versions < V14.1.0.4). The affected application is vulnerable to fixed-length heap-based buffer while parsing specially crafted TIF files. An attacker could leverage this vulnerability to execute code in the context of the current process.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39136&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-39136]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39136') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-120378.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- jt2go[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.3 (All versions < V13.3.0.7), Teamcenter Visualization V14.0 (All versions < V14.0.0.3), Teamcenter Visualization V14.1 (All versions < V14.1.0.4). The affected products contain an out of bounds write vulnerability when parsing a CGM file. An attacker can leverage this vulnerability to execute code in the context of the current process.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41660&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41660]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41660') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-120378.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- jt2go[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.3 (All versions < V13.3.0.7), Teamcenter Visualization V14.0 (All versions < V14.0.0.3), Teamcenter Visualization V14.1 (All versions < V14.1.0.4). The affected products contain an out of bounds read vulnerability when parsing a CGM file. An attacker can leverage this vulnerability to execute code in the context of the current process.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41661&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41661]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41661') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-120378.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- jt2go[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.3 (All versions < V13.3.0.7), Teamcenter Visualization V14.0 (All versions < V14.0.0.3), Teamcenter Visualization V14.1 (All versions < V14.1.0.4). The affected products contain an out of bounds read vulnerability when parsing a CGM file. An attacker can leverage this vulnerability to execute code in the context of the current process.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41662&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41662]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41662') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-120378.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- jt2go[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.3 (All versions < V13.3.0.7), Teamcenter Visualization V14.0 (All versions < V14.0.0.3), Teamcenter Visualization V14.1 (All versions < V14.1.0.4). The affected applications contain a use-after-free vulnerability that could be triggered while parsing specially crafted CGM files. An attacker could leverage this vulnerability to execute code in the context of the current process.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41663&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41663]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41663') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-120378.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- jt2go[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.3 (All versions < V13.3.0.7), Teamcenter Visualization V14.0 (All versions < V14.0.0.3), Teamcenter Visualization V14.1 (All versions < V14.1.0.4). The affected application contains a stack-based buffer overflow vulnerability that could be triggered while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41664&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41664]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41664') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-120378.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- parasolid[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.0 (All versions >= V34.0.252 < V34.0.254), Parasolid V34.1 (All versions < V34.1.242), Parasolid V34.1 (All versions >= V34.1.242 < V34.1.244), Parasolid V35.0 (All versions < V35.0.170), Parasolid V35.0 (All versions >= V35.0.170 < V35.0.184). The affected application contains an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17745)[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39157&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-39157]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39157') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-853037.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- parasolid[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17854)[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43397&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43397]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43397') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-853037.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- qms_automotive[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in QMS Automotive (All versions). User credentials are stored in plaintext in the database. This could allow an attacker to gain access to credentials and impersonate other users.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43958&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-43958]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43958') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-587547.pdf')[/TD] [/TR] [TR] [TD][LEFT]simple_e-learning_system_project -- simple_e-learning_system[/LEFT][/TD] [TD][LEFT]An information disclosure vulnerability in the component vcs/downloadFiles.php?download=./search.php of Simple E-Learning System v1.0 allows attackers to read arbitrary files.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43319&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-43319]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43319') [MISC]('https://github.com/ImaizumiYui/bug_report/blob/main/vendors/oretnom23/Simple%20E-Learning%20System/discl1.md')[/TD] [/TR] [TR] [TD][LEFT]slidervilla -- testimonial_slider[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability leading to Cross-Site Scripting (XSS) in David Anderson Testimonial Slider plugin <= 1.3.1 on WordPress.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44741&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44741]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44741') [CONFIRM]('https://wordpress.org/plugins/testimonial-slider/') [CONFIRM]('https://patchstack.com/database/vulnerability/testimonial-slider/wordpress-testimonial-slider-plugin-1-3-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]snowflake -- snowflake-connector-python[/LEFT][/TD] [TD][LEFT]An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the snowflake-connector-python PyPI package, when an attacker is able to supply arbitrary input to the get_file_transfer_type method[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42965&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-42965]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42965') [MISC]('https://research.jfrog.com/vulnerabilities/snowflake-connector-python-redos-xray-257185/')[/TD] [/TR] [TR] [TD][LEFT]soflyy -- wp_all_import[/LEFT][/TD] [TD][LEFT]The Import any XML or CSV File to WordPress plugin before 3.6.9 is not validating the paths of files contained in uploaded zip archives, allowing highly privileged users, such as admins, to write arbitrary files to any part of the file system accessible by the web server via a path traversal vector.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2711&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-2711]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2711') [CONFIRM]('https://wpscan.com/vulnerability/11e73c23-ff5f-42e5-a4b0-0971652dcea1')[/TD] [/TR] [TR] [TD][LEFT]soflyy -- wp_all_import[/LEFT][/TD] [TD][LEFT]The Import any XML or CSV File to WordPress plugin before 3.6.9 is not properly filtering which file extensions are allowed to be imported on the server, which could allow administrators in multi-site WordPress installations to upload arbitrary files[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3418&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3418]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3418') [CONFIRM]('https://wpscan.com/vulnerability/ccbb74f5-1b8f-4ea6-96bc-ddf62af7f94d')[/TD] [/TR] [TR] [TD][LEFT]splunk -- splunk[/LEFT][/TD] [TD][LEFT]In Splunk Enterprise versions below 8.2.9 and 8.1.12, the way that the rex search command handles field names lets an attacker bypass SPL safeguards for risky commands https://docs.splunk.com/Documentation/SplunkCloud/latest/Security/SPLsafeguards . The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. The attacker cannot exploit the vulnerability at will.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43563&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43563]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43563') [MISC]('https://www.splunk.com/en_us/product-security/announcements/svd-2022-1103.html')[/TD] [/TR] [TR] [TD][LEFT]splunk -- splunk[/LEFT][/TD] [TD][LEFT]In Splunk Enterprise versions below 8.2.9 and 8.1.12, the way that the ‘tstats command handles Javascript Object Notation (JSON) lets an attacker bypass SPL safeguards for risky commands https://docs.splunk.com/Documentation/SplunkCloud/latest/Security/SPLsafeguards . The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43565&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43565]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43565') [MISC]('https://www.splunk.com/en_us/product-security/announcements/svd-2022-1105.html')[/TD] [/TR] [TR] [TD][LEFT]splunk -- splunk[/LEFT][/TD] [TD][LEFT]In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can run arbitrary operating system commands remotely through the use of specially crafted requests to the mobile alerts feature in the Splunk Secure Gateway app.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43567&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43567]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43567') [MISC]('https://research.splunk.com/application/baa41f09-df48-4375-8991-520beea161be/') [MISC]('https://www.splunk.com/en_us/product-security/announcements/svd-2022-1107.html')[/TD] [/TR] [TR] [TD][LEFT]splunk -- splunk[/LEFT][/TD] [TD][LEFT]In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can run risky commands using a more privileged user’s permissions to bypass SPL safeguards for risky commands https://docs.splunk.com/Documentation/SplunkCloud/latest/Security/SPLsafeguards in the Analytics Workspace. The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. The attacker cannot exploit the vulnerability at will.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43566&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43566]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43566') [MISC]('https://www.splunk.com/en_us/product-security/announcements/svd-2022-1106.html') [MISC]('https://research.splunk.com/application/b6d77c6c-f011-4b03-8650-8f10edb7c4a8/')[/TD] [/TR] [TR] [TD][LEFT]symantec -- endpoint_detection_and_response[/LEFT][/TD] [TD][LEFT]Symantec Endpoint Detection and Response (SEDR) Appliance, prior to 4.7.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37015&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-37015]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37015') [MISC]('https://support.broadcom.com/external/content/SecurityAdvisories/0/21005')[/TD] [/TR] [TR] [TD][LEFT]trellix -- intrusion_prevention_system_manager[/LEFT][/TD] [TD][LEFT]XML External Entity (XXE) vulnerability in Trellix IPS Manager prior to 10.1 M8 allows a remote authenticated administrator to perform XXE attack in the administrator interface part of the interface, which allows a saved XML configuration file to be imported.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3340&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3340]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3340') [CONFIRM]('https://kcm.trellix.com/corporate/index?page=content&id=SB10388')[/TD] [/TR] [TR] [TD][LEFT]tuxera -- ntfs-3g[/LEFT][/TD] [TD][LEFT]A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A physically proximate attacker can exploit this if NTFS-3G software is configured to execute upon attachment of an external storage device.[/LEFT][/TD] [TD][CENTER]2022-11-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40284&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40284]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40284') [MISC]('http://www.openwall.com/lists/oss-security/2022/10/31/2') [MISC]('https://github.com/tuxera/ntfs-3g/releases')[/TD] [/TR] [TR] [TD][LEFT]varnish-software -- varnish_cache_plus[/LEFT][/TD] [TD][LEFT]An HTTP Request Forgery issue was discovered in Varnish Cache 5.x and 6.x before 6.0.11, 7.x before 7.1.2, and 7.2.x before 7.2.1. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce invalid HTTP/1 requests to the backend. This could, in turn, be used to exploit vulnerabilities in a server behind the Varnish server. Note: the 6.0.x LTS series (before 6.0.11) is affected.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45060&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-45060]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45060') [MISC]('https://docs.varnish-software.com/security/VSV00011') [MISC]('https://varnish-cache.org/security/VSV00011.html')[/TD] [/TR] [TR] [TD][LEFT]varnish_cache_project -- varnish_cache[/LEFT][/TD] [TD][LEFT]An issue was discovered in Varnish Cache 7.x before 7.1.2 and 7.2.x before 7.2.1. A request smuggling attack can be performed on Varnish Cache servers by requesting that certain headers are made hop-by-hop, preventing the Varnish Cache servers from forwarding critical headers to the backend.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45059&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-45059]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45059') [MISC]('https://varnish-cache.org/security/VSV00010.html')[/TD] [/TR] [TR] [TD][LEFT]vmware -- workspace_one_assist[/LEFT][/TD] [TD][LEFT]VMware Workspace ONE Assist prior to 22.10 contains an Authentication Bypass vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-31685&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-31685]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-31685') [MISC]('https://www.vmware.com/security/advisories/VMSA-2022-0028.html')[/TD] [/TR] [TR] [TD][LEFT]vmware -- workspace_one_assist[/LEFT][/TD] [TD][LEFT]VMware Workspace ONE Assist prior to 22.10 contains a Broken Authentication Method vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-31686&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-31686]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-31686') [MISC]('https://www.vmware.com/security/advisories/VMSA-2022-0028.html')[/TD] [/TR] [TR] [TD][LEFT]vmware -- workspace_one_assist[/LEFT][/TD] [TD][LEFT]VMware Workspace ONE Assist prior to 22.10 contains a Broken Access Control vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-31687&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-31687]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-31687') [MISC]('https://www.vmware.com/security/advisories/VMSA-2022-0028.html')[/TD] [/TR] [TR] [TD][LEFT]vmware -- workspace_one_assist[/LEFT][/TD] [TD][LEFT]VMware Workspace ONE Assist prior to 22.10 contains a Session fixation vulnerability. A malicious actor who obtains a valid session token may be able to authenticate to the application using that token.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-31689&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-31689]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-31689') [MISC]('https://www.vmware.com/security/advisories/VMSA-2022-0028.html')[/TD] [/TR] [TR] [TD][LEFT]wago -- i/o-check_service[/LEFT][/TD] [TD][LEFT]In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-34568&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2021-34568]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-34568') [MISC]('https://cert.vde.com/en/advisories/VDE-2020-036/')[/TD] [/TR] [TR] [TD][LEFT]wago -- i/o-check_service [/LEFT][/TD] [TD][LEFT]In WAGO I/O-Check Service in multiple products an attacker can send a specially crafted packet containing OS commands to crash the diagnostic tool and write memory.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-34569&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2021-34569]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-34569') [MISC]('https://cert.vde.com/en/advisories/VDE-2020-036/')[/TD] [/TR] [TR] [TD][LEFT]wago -- i/o-check_service [/LEFT][/TD] [TD][LEFT]In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to crash the iocheck process and write memory resulting in loss of integrity and DoS.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-34566&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H')[/CENTER][/TD] [TD][CVE-2021-34566]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-34566') [MISC]('https://cert.vde.com/en/advisories/VDE-2020-036/')[/TD] [/TR] [TR] [TD][LEFT]wago -- i/o-check_service [/LEFT][/TD] [TD][LEFT]In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service and an limited out-of-bounds read.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][8.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-34567&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H')[/CENTER][/TD] [TD][CVE-2021-34567]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-34567') [MISC]('https://cert.vde.com/en/advisories/VDE-2020-036/')[/TD] [/TR] [TR] [TD][LEFT]wiesemann_&_theis -- multiple_products[/LEFT][/TD] [TD][LEFT]Multiple W&T Products of the ComServer Series are prone to an XSS attack. An authenticated remote Attacker can execute arbitrary web scripts or HTML via a crafted payload injected into the title of the configuration webpage[/LEFT][/TD] [TD][CENTER]2022-11-10[/CENTER][/TD] [TD][CENTER][8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42786&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-42786]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42786') [MISC]('https://cert.vde.com/de/advisories/VDE-2022-043/')[/TD] [/TR] [TR] [TD][LEFT]windows -- advanced_local_procedure_call[/LEFT][/TD] [TD][LEFT]Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41045, CVE-2022-41100.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41093&vector=CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41093]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41093') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41093')[/TD] [/TR] [TR] [TD][LEFT]windows -- advanced_local_procedure_call[/LEFT][/TD] [TD][LEFT]Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41045, CVE-2022-41093.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41100&vector=CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41100]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41100') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41100')[/TD] [/TR] [TR] [TD][LEFT]windows -- bind_filter_driver[/LEFT][/TD] [TD][LEFT]Windows Bind Filter Driver Elevation of Privilege Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41114&vector=CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41114]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41114') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41114')[/TD] [/TR] [TR] [TD][LEFT]windows -- digital_media_receiver[/LEFT][/TD] [TD][LEFT]Windows Digital Media Receiver Elevation of Privilege Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41095&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41095]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41095') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41095')[/TD] [/TR] [TR] [TD][LEFT]windows -- extensible_file_allocation_table[/LEFT][/TD] [TD][LEFT]Windows Extensible File Allocation Table Elevation of Privilege Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41050&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41050]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41050') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41050')[/TD] [/TR] [TR] [TD][LEFT]windows -- graphics_component[/LEFT][/TD] [TD][LEFT]Windows Graphics Component Remote Code Execution Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41052&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41052]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41052') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41052')[/TD] [/TR] [TR] [TD][LEFT]windows -- kerberos[/LEFT][/TD] [TD][LEFT]Windows Kerberos Denial of Service Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41053&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41053]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41053') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41053')[/TD] [/TR] [TR] [TD][LEFT]windows -- overlay_filter[/LEFT][/TD] [TD][LEFT]Windows Overlay Filter Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41102.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41101&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41101]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41101') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41101')[/TD] [/TR] [TR] [TD][LEFT]windows -- overlay_filter[/LEFT][/TD] [TD][LEFT]Windows Overlay Filter Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41101.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41102&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41102]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41102') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41102')[/TD] [/TR] [TR] [TD][LEFT]windows -- point-to-point_tunneling_protocol [/LEFT][/TD] [TD][LEFT]Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-41039, CVE-2022-41044.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41088&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41088]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41088') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41088')[/TD] [/TR] [TR] [TD][LEFT]windows -- print_spooler[/LEFT][/TD] [TD][LEFT]Windows Print Spooler Elevation of Privilege Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41073&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41073]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41073') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41073')[/TD] [/TR] [TR] [TD][LEFT]windows -- resilient_file_system[/LEFT][/TD] [TD][LEFT]Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41054&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41054]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41054') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41054')[/TD] [/TR] [TR] [TD][LEFT]windows -- win32[/LEFT][/TD] [TD][LEFT]Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41113&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41113]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41113') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41113')[/TD] [/TR] [TR] [TD][LEFT]windows -- win32k[/LEFT][/TD] [TD][LEFT]Windows Win32k Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41109.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41092&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41092]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41092') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41092')[/TD] [/TR] [TR] [TD][LEFT]windows -- win32k[/LEFT][/TD] [TD][LEFT]Windows Win32k Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41092.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41109&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41109]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41109') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41109')[/TD] [/TR] [TR] [TD][LEFT]wolfssl -- wolfssl[/LEFT][/TD] [TD][LEFT]In wolfSSL before 5.5.2, if callback functions are enabled (via the WOLFSSL_CALLBACKS flag), then a malicious TLS 1.3 client or network attacker can trigger a buffer over-read on the heap of 5 bytes. (WOLFSSL_CALLBACKS is only intended for debugging.)[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42905&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-42905]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42905') [MISC]('https://www.wolfssl.com/docs/security-vulnerabilities/') [MISC]('https://github.com/wolfSSL/wolfssl/releases')[/TD] [/TR] [TR] [TD][LEFT]xfce -- xfce4-settings[/LEFT][/TD] [TD][LEFT]In Xfce xfce4-settings before 4.16.4 and 4.17.x before 4.17.1, there is an argument injection vulnerability in xfce4-mime-helper.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45062&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45062]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45062') [MISC]('https://gitlab.xfce.org/xfce/xfce4-settings/-/commit/55e3c5fb667e96ad1412cf249879262b369d28d7') [MISC]('https://gitlab.xfce.org/xfce/xfce4-settings/-/commit/f34a92a84f96268ad24a7a13fd5edc9f1d526110') [MISC]('https://gitlab.xfce.org/xfce/xfce4-settings/-/tags') [MISC]('https://gitlab.xfce.org/xfce/xfce4-settings/-/issues/390')[/TD] [/TR] [TR] [TD][LEFT]xwiki -- openid_connect[/LEFT][/TD] [TD][LEFT]XWiki OIDC has various tools to manipulate OpenID Connect protocol in XWiki. Prior to version 1.29.1, even if a wiki has an OpenID provider configured through its xwiki.properties, it is possible to provide a third party provider its details through request parameters. One can then bypass the XWiki authentication altogether by specifying its own provider through the oidc.endpoint.* request parameters (or by using an XWiki-based OpenID provider with oidc.xwikiprovider. With the same approach, one could also provide a specific group mapping through oidc.groups.mapping that would make his user automatically part of the XWikiAdminGroup. This issue has been patched, please upgrade to 1.29.1. There is no workaround, an upgrade of the authenticator is required.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39387&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-39387]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39387') [MISC]('https://jira.xwiki.org/browse/OIDC-118') [CONFIRM]('https://github.com/xwiki-contrib/oidc/security/advisories/GHSA-m7gv-v8xx-v47w') [MISC]('https://github.com/xwiki-contrib/oidc/commit/0247af1417925b9734ab106ad7cd934ee870ac89')[/TD] [/TR] [/TABLE][/CENTER] [Back to top]('https://us-cert.cisa.gov#top')

Medium Vulnerabilities

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD][LEFT]5-anker -- 5_anker_connect[/LEFT][/TD] [TD][LEFT]Auth. Reflected Cross-Site Scripting (XSS) vulnerability in 5 Anker Connect plugin <= 1.2.6 on WordPress.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-30545&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-30545]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-30545') [CONFIRM]('https://patchstack.com/database/vulnerability/5-anker-connect/wordpress-5-anker-connect-plugin-1-2-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve') [CONFIRM]('https://wordpress.org/plugins/5-anker-connect/')[/TD] [/TR] [TR] [TD][LEFT]acronis -- cyber_protect_home_office[/LEFT][/TD] [TD][LEFT]Sensitive information leak through log files. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44745&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-44745]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44745') [MISC]('https://security-advisory.acronis.com/advisories/SEC-3481')[/TD] [/TR] [TR] [TD][LEFT]acronis -- cyber_protect_home_office[/LEFT][/TD] [TD][LEFT]Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44746&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-44746]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44746') [MISC]('https://security-advisory.acronis.com/advisories/SEC-4398')[/TD] [/TR] [TR] [TD][LEFT]addify -- product_stock_manager[/LEFT][/TD] [TD][LEFT]The Product Stock Manager WordPress plugin before 1.0.5 does not have authorisation and proper CSRF checks in multiple AJAX actions, allowing users with a role as low as subscriber to call them. One action in particular could allow to update arbitrary options[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3451&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3451]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3451') [CONFIRM]('https://wpscan.com/vulnerability/d8005cd0-8232-4d43-a4e4-14728eaf1300')[/TD] [/TR] [TR] [TD][LEFT]aioseo -- all_in_one_seo[/LEFT][/TD] [TD][LEFT]Server Side Request Forgery (SSRF) vulnerability in All in One SEO Pro plugin <= 4.2.5.1 on WordPress.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42494&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-42494]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42494') [CONFIRM]('https://aioseo.com/changelog/') [CONFIRM]('https://patchstack.com/database/vulnerability/all-in-one-seo-pack-pro/wordpress-all-in-one-seo-pro-plugin-4-2-5-1-server-side-request-forgery-ssrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]algolplus -- advanced_dynamic_pricing_for_woocommerce[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.5 on WordPress leading to rule type migration.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43488&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-43488]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43488') [CONFIRM]('https://patchstack.com/database/vulnerability/advanced-dynamic-pricing-for-woocommerce/wordpress-advanced-dynamic-pricing-for-woocommerce-plugin-4-1-5-cross-site-request-forgery-csrf-vulnerability-2?_s_id=cve') [CONFIRM]('https://wordpress.org/plugins/advanced-dynamic-pricing-for-woocommerce/')[/TD] [/TR] [TR] [TD][LEFT]algolplus -- advanced_dynamic_pricing_for_woocommerce[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.5 on WordPress leading to plugin settings import.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43491&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-43491]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43491') [CONFIRM]('https://wordpress.org/plugins/advanced-dynamic-pricing-for-woocommerce/') [CONFIRM]('https://patchstack.com/database/vulnerability/advanced-dynamic-pricing-for-woocommerce/wordpress-advanced-dynamic-pricing-for-woocommerce-plugin-4-1-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]algolplus -- advanced_order_export[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Advanced Order Export For WooCommerce plugin <= 3.3.2 on WordPress leading to export file download.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40128&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-40128]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40128') [CONFIRM]('https://patchstack.com/database/vulnerability/woo-order-export-lite/wordpress-advanced-order-export-for-woocommerce-plugin-3-3-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve') [CONFIRM]('https://wordpress.org/plugins/woo-order-export-lite/')[/TD] [/TR] [TR] [TD][LEFT]bluetooth -- bluetooth_core_specification[/LEFT][/TD] [TD][LEFT]An information leakage vulnerability in the Bluetooth Low Energy advertisement scan response in Bluetooth Core Specifications 4.0 through 5.2, and extended scan response in Bluetooth Core Specifications 5.0 through 5.2, may be used to identify devices using Resolvable Private Addressing (RPA) by their response or non-response to specific scan requests from remote addresses. RPAs that have been associated with a specific remote device may also be used to identify a peer in the same manner by using its reaction to an active scan request. This has also been called an allowlist-based side channel.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-35473&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2020-35473]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-35473') [MISC]('https://www.sigsac.org/ccs/CCS2022/proceedings/ccs-proceedings.html') [MISC]('https://dl.acm.org/doi/10.1145/3548606.3559372')[/TD] [/TR] [TR] [TD][LEFT]canteen_management_system_project -- canteen_management_system[/LEFT][/TD] [TD][LEFT]A cross-site scripting (XSS) vulnerability in Canteen Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43144&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-43144]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43144') [MISC]('https://github.com/mudassiruddin/CVE-2022-43144-Stored-XSS') [MISC]('https://www.sourcecodester.com/php/15688/canteen-management-system-project-source-code-php.html') [MISC]('https://www.sourcecodester.com/download-code?nid=15688&title=Canteen+Management+System+Project+Source+Code+in+PHP+Free+Download')[/TD] [/TR] [TR] [TD][LEFT]cisco -- asyncos[/LEFT][/TD] [TD][LEFT]A vulnerability in web-based management interface of the of Cisco Email Security Appliance and Cisco Secure Email and Web Manager could allow an authenticated, remote attacker to conduct SQL injection attacks as root on an affected system. The attacker must have the credentials of a high-privileged user account. This vulnerability is due to improper validation of user-submitted parameters. An attacker could exploit this vulnerability by authenticating to the application and sending malicious requests to an affected system. A successful exploit could allow the attacker to obtain data or modify data that is stored in the underlying database of the affected system.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20867&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-20867]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20867') [MISC]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esasmawsa-vulns-YRuSW5mD')[/TD] [/TR] [TR] [TD][LEFT]cisco -- asyncos[/LEFT][/TD] [TD][LEFT]A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an authenticated, remote attacker to retrieve sensitive information from an affected device, including user credentials. This vulnerability is due to weak enforcement of back-end authorization checks. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain confidential data that is stored on the affected device.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20942&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-20942]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20942') [MISC]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnt-sec-infodiscl-BVKKnUG')[/TD] [/TR] [TR] [TD][LEFT]cisco -- broadworks_messaging_server[/LEFT][/TD] [TD][LEFT]A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot application could allow an authenticated, remote attacker to perform a server-side request forgery (SSRF) attack on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web interface. A successful exploit could allow the attacker to obtain confidential information from the BroadWorks server and other device on the network. {{value}} ["%7b%7bvalue%7d%7d"])}]][/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20951&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-20951]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20951') [MISC]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-broadworks-ssrf-BJeQfpp')[/TD] [/TR] [TR] [TD][LEFT]cisco -- email_security_appliance_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability in Cisco Email Security Appliance (ESA) and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. This vulnerability is due to the failure of the application or its environment to properly sanitize input values. An attacker could exploit this vulnerability by injecting malicious HTTP headers, controlling the response body, or splitting the response into multiple responses.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20772&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-20772]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20772') [MISC]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ESA-HTTP-Inject-nvsycUmR')[/TD] [/TR] [TR] [TD][LEFT]cisco -- identity_services_engine[/LEFT][/TD] [TD][LEFT]A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker would need valid credentials to access the web-based management interface of an affected device.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20963&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-20963]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20963') [MISC]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-stor-xss-kpRBWXY')[/TD] [/TR] [TR] [TD][LEFT]cisco -- identity_services_engine[/LEFT][/TD] [TD][LEFT]A vulnerability in a feature that monitors RADIUS requests on Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker to negatively affect the performance of an affected device. This vulnerability is due to insufficient management of system resources. An attacker could exploit this vulnerability by taking actions that cause Cisco ISE Software to receive specific RADIUS traffic. A successful and sustained exploit of this vulnerability could allow the attacker to cause reduced performance of the affected device, resulting in significant delays to RADIUS authentications. There are workarounds that address this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20937&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L')[/CENTER][/TD] [TD][CVE-2022-20937]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20937') [MISC]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-sec-atk-dos-zw5RCUYp')[/TD] [/TR] [TR] [TD][LEFT]cisco -- umbrella[/LEFT][/TD] [TD][LEFT]A vulnerability in multiple management dashboard pages of Cisco Umbrella could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the Cisco Umbrella dashboard. This vulnerability is due to unsanitized user input. An attacker could exploit this vulnerability by submitting custom JavaScript to the web application and persuading a user of the interface to click a maliciously crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive browser-based information.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20969&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-20969]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20969') [MISC]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-umbrella-xss-LfeYQV3')[/TD] [/TR] [TR] [TD][LEFT]codeandmore -- wp_page_widget[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in CodeAndMore WP Page Widget plugin <= 3.9 on WordPress leading to plugin settings change.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32587&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-32587]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32587') [CONFIRM]('https://patchstack.com/database/vulnerability/wp-page-widget/wordpress-wp-page-widget-plugin-3-9-cross-site-request-forgery-csrf-vulnerability') [CONFIRM]('https://wordpress.org/plugins/wp-page-widget/')[/TD] [/TR] [TR] [TD][LEFT]csphere -- clansphere[/LEFT][/TD] [TD][LEFT]A cross-site scripting (XSS) vulnerability in Clansphere CMS v2011.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Username parameter.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43119&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-43119]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43119') [MISC]('https://github.com/sinemsahn/POC/blob/main/Create%20Clansphere%202011.4%20%22username%22%20xss.md')[/TD] [/TR] [TR] [TD][LEFT]diagrams -- drawio[/LEFT][/TD] [TD][LEFT]Cross-site Scripting (XSS) - DOM in GitHub repository jgraph/drawio prior to 20.5.2.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3873&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3873]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3873') [CONFIRM]('https://huntr.dev/bounties/52a4085e-b687-489b-9ed6-f0987583ed77') [MISC]('https://github.com/jgraph/drawio/commit/d37894baf125430e85840c2635563b10d1a6523d')[/TD] [/TR] [TR] [TD][LEFT]diplib -- diplib[/LEFT][/TD] [TD][LEFT]diplib v3.0.0 is vulnerable to Double Free.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-39432&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2021-39432]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-39432') [MISC]('https://github.com/DIPlib/diplib/commit/8b9a2670ce66ff2fd5addf592f7825e1f5adb5b5') [MISC]('https://github.com/DIPlib/diplib/issues/80')[/TD] [/TR] [TR] [TD][LEFT]electronjs -- electron[/LEFT][/TD] [TD][LEFT]The Electron framework enables writing cross-platform desktop applications using JavaScript, HTML and CSS. In versions prior to 21.0.0-beta.1, 20.0.1, 19.0.11, and 18.3.7, Electron is vulnerable to Exposure of Sensitive Information. When following a redirect, Electron delays a check for redirecting to file:// URLs from other schemes. The contents of the file is not available to the renderer following the redirect, but if the redirect target is a SMB URL such as [ICODE]file://some.website.com/[/ICODE], then in some cases, Windows will connect to that server and attempt NTLM authentication, which can include sending hashed credentials.This issue has been patched in versions: 21.0.0-beta.1, 20.0.1, 19.0.11, and 18.3.7. Users are recommended to upgrade to the latest stable version of Electron. If upgrading isn't possible, this issue can be addressed without upgrading by preventing redirects to file:// URLs in the [ICODE]WebContents.on('will-redirect')[/ICODE] event, for all WebContents as a workaround.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-36077&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-36077]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-36077') [CONFIRM]('https://github.com/electron/electron/security/advisories/GHSA-p2jh-44qj-pf2v')[/TD] [/TR] [TR] [TD][LEFT]eyesofnetwork -- web_interface[/LEFT][/TD] [TD][LEFT]EyesOfNetwork Web Interface v5.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /lilac/main.php.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41434&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-41434]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41434') [MISC]('https://gist.github.com/delyura/83553302a1960311c8c4c8cc4a974577')[/TD] [/TR] [TR] [TD][LEFT]eyesofnetwork -- web_interface[/LEFT][/TD] [TD][LEFT]EyesOfNetwork Web Interface v5.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /module/report_event/index.php.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41432&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-41432]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41432') [MISC]('https://gist.github.com/delyura/bda0b16cf99cb14bb767db84e5110419')[/TD] [/TR] [TR] [TD][LEFT]eyesofnetwork -- web_interface[/LEFT][/TD] [TD][LEFT]EyesOfNetwork Web Interface v5.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /module/admin_bp/add_application.php.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41433&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-41433]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41433') [MISC]('https://gist.github.com/delyura/b7419cab29f4105df1c1fbe5d99edd7c')[/TD] [/TR] [TR] [TD][LEFT]f-secure -- safe[/LEFT][/TD] [TD][LEFT]WithSecure through 2022-08-10 allows attackers to cause a denial of service (issue 3 of 5).[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-38164&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-38164]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-38164') [MISC]('https://www.f-secure.com/en/home/support/security-advisories') [MISC]('https://withsecure.com')[/TD] [/TR] [TR] [TD][LEFT]fatcatapps -- analytics_cat[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Fatcat Apps Analytics Cat plugin <= 1.0.9 on WordPress allows Plugin Settings Change.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-27855&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-27855]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-27855') [CONFIRM]('https://wordpress.org/plugins/analytics-cat/#developers') [CONFIRM]('https://patchstack.com/database/vulnerability/analytics-cat/wordpress-analytics-cat-plugin-1-0-9-plugin-settings-change-via-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]feehi -- feehicms[/LEFT][/TD] [TD][LEFT]FeehiCMS v2.1.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the id parameter at /web/admin/index.php?r=log%2Fview-layer.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43320&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-43320]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43320') [MISC]('https://github.com/liufee/feehicms/issues/4')[/TD] [/TR] [TR] [TD][LEFT]flatcore -- flatcore-cms[/LEFT][/TD] [TD][LEFT]A cross-site scripting (XSS) vulnerability in flatCore-CMS v2.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Username text field.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43118&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-43118]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43118') [MISC]('https://github.com/flatCore/flatCore-CMS/issues/86')[/TD] [/TR] [TR] [TD][LEFT]food_ordering_management_system_project -- food_ordering_management_system[/LEFT][/TD] [TD][LEFT]Food Ordering Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /foms/place-order.php.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43046&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-43046]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43046') [MISC]('https://github.com/Oudaorui/bug_report/blob/main/vendors/oretnom23/Food%20Ordering%20Management%20System/XSS-1.md')[/TD] [/TR] [TR] [TD][LEFT]froxlor -- froxlor[/LEFT][/TD] [TD][LEFT]Code Injection in GitHub repository froxlor/froxlor prior to 0.10.38.2.[/LEFT][/TD] [TD][CENTER]2022-11-05[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3869&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3869]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3869') [CONFIRM]('https://huntr.dev/bounties/7de20f21-4a9b-445d-ae2b-15ade648900b') [MISC]('https://github.com/froxlor/froxlor/commit/3f10a4adede9df83408d60ded78b51b812a763a8')[/TD] [/TR] [TR] [TD][LEFT]gitlab -- gitlab[/LEFT][/TD] [TD][LEFT]An open redirect in GitLab CE/EE affecting all versions from 10.1 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows an attacker to trick users into visiting a trustworthy URL and being redirected to arbitrary content.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3280&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3280]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3280') [CONFIRM]('https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3280.json') [MISC]('https://gitlab.com/gitlab-org/gitlab/-/issues/352611') [MISC]('https://hackerone.com/reports/1475686')[/TD] [/TR] [TR] [TD][LEFT]gitlab -- gitlab[/LEFT][/TD] [TD][LEFT]An open redirect vulnerability in GitLab EE/CE affecting all versions from 9.3 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2, allows an attacker to redirect users to an arbitrary location if they trust the URL.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3486&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3486]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3486') [MISC]('https://gitlab.com/gitlab-org/gitlab/-/issues/377810') [MISC]('https://hackerone.com/reports/1725190') [CONFIRM]('https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3486.json')[/TD] [/TR] [TR] [TD][LEFT]gitlab -- gitlab[/LEFT][/TD] [TD][LEFT]A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2. It was possible to exploit a vulnerability in setting the labels colour feature which could lead to a stored XSS that allowed attackers to perform arbitrary actions on behalf of victims at client side.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3265&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3265]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3265') [MISC]('https://hackerone.com/reports/1693150') [MISC]('https://gitlab.com/gitlab-org/gitlab/-/issues/374976') [CONFIRM]('https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3265.json')[/TD] [/TR] [TR] [TD][LEFT]gitlab -- gitlab[/LEFT][/TD] [TD][LEFT]An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.1 before 15.3.5, all versions starting from 15.4 before 15.4.4, all versions starting from 15.5 before 15.5.2. A malicious maintainer could exfiltrate a Datadog integration's access token by modifying the integration URL such that authenticated requests are sent to an attacker controlled server.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3483&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3483]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3483') [MISC]('https://hackerone.com/reports/1724402') [MISC]('https://gitlab.com/gitlab-org/gitlab/-/issues/377799') [CONFIRM]('https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3483.json')[/TD] [/TR] [TR] [TD][LEFT]gitlab -- gitlab[/LEFT][/TD] [TD][LEFT]An information disclosure issue in GitLab CE/EE affecting all versions from 14.4 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows an attacker to use GitLab Flavored Markdown (GFM) references in a Jira issue to disclose the names of resources they don't have access to.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2761&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-2761]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2761') [MISC]('https://hackerone.com/reports/1653149') [MISC]('https://gitlab.com/gitlab-org/gitlab/-/issues/370458') [CONFIRM]('https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2761.json')[/TD] [/TR] [TR] [TD][LEFT]gitlab -- gitlab[/LEFT][/TD] [TD][LEFT]An improper authorization issue in GitLab CE/EE affecting all versions from 14.4 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows an attacker to read variables set directly in a GitLab CI/CD configuration file they don't have access to.[/LEFT][/TD] [TD][CENTER]2022-11-10[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3793&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-3793]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3793') [CONFIRM]('https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3793.json') [MISC]('https://gitlab.com/gitlab-org/gitlab/-/issues/372120')[/TD] [/TR] [TR] [TD][LEFT]gitlab -- gitlab[/LEFT][/TD] [TD][LEFT]An uncontrolled resource consumption issue when parsing URLs in GitLab CE/EE affecting all versions prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows an attacker to cause performance issues and potentially a denial of service on the GitLab instance.[/LEFT][/TD] [TD][CENTER]2022-11-10[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3818&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L')[/CENTER][/TD] [TD][CVE-2022-3818]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3818') [MISC]('https://gitlab.com/gitlab-org/gitlab/-/issues/358170') [CONFIRM]('https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3818.json')[/TD] [/TR] [TR] [TD][LEFT]gitlab -- gitlab[/LEFT][/TD] [TD][LEFT]Incorrect authorization during display of Audit Events in GitLab EE affecting all versions from 14.5 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2, allowed Developers to view the project's Audit Events and Developers or Maintainers to view the group's Audit Events. These should have been restricted to Project Maintainers, Group Owners, and above.[/LEFT][/TD] [TD][CENTER]2022-11-10[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3413&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-3413]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3413') [MISC]('https://gitlab.com/gitlab-org/gitlab/-/issues/374926') [CONFIRM]('https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3413.json')[/TD] [/TR] [TR] [TD][LEFT]gitlab -- gitlab[/LEFT][/TD] [TD][LEFT]Improper authorization in GitLab CE/EE affecting all versions from 7.14 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a user retrying a job in a downstream pipeline to take ownership of the retried jobs in the upstream pipeline even if the user doesn't have access to that project.[/LEFT][/TD] [TD][CENTER]2022-11-10[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3706&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3706]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3706') [MISC]('https://gitlab.com/gitlab-org/gitlab/-/issues/365532') [CONFIRM]('https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3706.json')[/TD] [/TR] [TR] [TD][LEFT]gitlab -- gitlab[/LEFT][/TD] [TD][LEFT]An improper authorization issue in GitLab CE/EE affecting all versions from 15.0 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a malicious users to set emojis on internal notes they don't have access to.[/LEFT][/TD] [TD][CENTER]2022-11-10[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3819&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3819]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3819') [CONFIRM]('https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3819.json') [MISC]('https://gitlab.com/gitlab-org/gitlab/-/issues/365847')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In typec, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262364; Issue ID: ALPS07262364.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][6.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32617&vector=CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32617]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32617') [MISC]('https://corp.mediatek.com/product-security-bulletin/November-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In typec, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262454; Issue ID: ALPS07262454.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][6.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32618&vector=CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32618]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32618') [MISC]('https://corp.mediatek.com/product-security-bulletin/November-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In fdt_next_tag of fdt.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242096164[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20454&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20454]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20454') [MISC]('https://source.android.com/security/bulletin/2022-11-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vpu, there is a possible information disclosure due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06382421; Issue ID: ALPS06382421.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-21778&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-21778]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-21778') [MISC]('https://corp.mediatek.com/product-security-bulletin/November-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In gpu drm, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310704; Issue ID: ALPS07310704.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32603&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32603]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32603') [MISC]('https://corp.mediatek.com/product-security-bulletin/November-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In isp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07213898; Issue ID: ALPS07213898.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32605&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32605]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32605') [MISC]('https://corp.mediatek.com/product-security-bulletin/November-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In aee, there is a possible use after free due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07202891; Issue ID: ALPS07202891.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32607&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32607]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32607') [MISC]('https://corp.mediatek.com/product-security-bulletin/November-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07340373; Issue ID: ALPS07340373.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32611&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32611]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32611') [MISC]('https://corp.mediatek.com/product-security-bulletin/November-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In audio, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310571; Issue ID: ALPS07310571.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32614&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32614]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32614') [MISC]('https://corp.mediatek.com/product-security-bulletin/November-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In ccd, there is a possible out of bounds write due to uninitialized data. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07326559; Issue ID: ALPS07326559.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32615&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32615]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32615') [MISC]('https://corp.mediatek.com/product-security-bulletin/November-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In isp, there is a possible out of bounds write due to uninitialized data. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07341258; Issue ID: ALPS07341258.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32616&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32616]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32616') [MISC]('https://corp.mediatek.com/product-security-bulletin/November-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In PAN_WriteBuf of pan_api.cc, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-233604485[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20447&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-20447]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20447') [MISC]('https://source.android.com/security/bulletin/2022-11-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In jpeg, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07388753; Issue ID: ALPS07388753.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][6.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32608&vector=CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32608]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32608') [MISC]('https://corp.mediatek.com/product-security-bulletin/November-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vcu, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203410; Issue ID: ALPS07203410.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][6.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32609&vector=CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32609]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32609') [MISC]('https://corp.mediatek.com/product-security-bulletin/November-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vcu, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203476; Issue ID: ALPS07203476.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][6.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32610&vector=CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32610]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32610') [MISC]('https://corp.mediatek.com/product-security-bulletin/November-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vcu, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203500; Issue ID: ALPS07203500.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][6.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32612&vector=CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32612]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32612') [MISC]('https://corp.mediatek.com/product-security-bulletin/November-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vcu, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07206340; Issue ID: ALPS07206340.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][6.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32613&vector=CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-32613]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32613') [MISC]('https://corp.mediatek.com/product-security-bulletin/November-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In setImpl of AlarmManagerService.java, there is a possible way to put a device into a boot loop due to an uncaught exception. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-234441463[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20414&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-20414]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20414') [MISC]('https://source.android.com/security/bulletin/2022-11-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In multiple functions of many files, there is a possible obstruction of the user's ability to select a phone account due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-236263294[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20426&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-20426]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20426') [MISC]('https://source.android.com/security/bulletin/2022-11-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In buzzBeepBlinkLocked of NotificationManagerService.java, there is a possible way to share data across users due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-237540408[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20448&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-20448]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20448') [MISC]('https://source.android.com/security/bulletin/2022-11-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In update of MmsProvider.java, there is a possible constriction of directory permissions due to a path traversal error. This could lead to local denial of service of SIM recognition with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-240685104[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20453&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-20453]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20453') [MISC]('https://source.android.com/security/bulletin/2022-11-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In getMountModeInternal of StorageManagerService.java, there is a possible prevention of package installation due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-243924784[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20457&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-20457]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20457') [MISC]('https://source.android.com/security/bulletin/2022-11-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07388790; Issue ID: ALPS07388790.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32602&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-32602]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32602') [MISC]('https://corp.mediatek.com/product-security-bulletin/November-2022')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In dismiss and related functions of KeyguardHostViewController.java and related files, there is a possible lockscreen bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-218500036[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][4.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20465&vector=CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-20465]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20465') [MISC]('https://source.android.com/security/bulletin/2022-11-01')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 106.0.5249.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High)[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3447&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3447]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3447') [MISC]('https://crbug.com/1366582') [MISC]('https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_11.html')[/TD] [/TR] [TR] [TD][LEFT]grafana -- grafana[/LEFT][/TD] [TD][LEFT]Grafana is an open-source platform for monitoring and observability. When using the forget password on the login page, a POST request is made to the [ICODE]/api/user/password/sent-reset-email[/ICODE] URL. When the username or email does not exist, a JSON response contains a “user not found” message. This leaks information to unauthenticated users and introduces a security risk. This issue has been patched in 9.2.4 and backported to 8.5.15. There are no known workarounds.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39307&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-39307]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39307') [CONFIRM]('https://github.com/grafana/grafana/security/advisories/GHSA-3p62-42x7-gxg5')[/TD] [/TR] [TR] [TD][LEFT]gvectors -- wpforo_forum[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in gVectors Team wpForo Forum plugin <= 2.0.5 on WordPress leading to topic deletion.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40632&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L')[/CENTER][/TD] [TD][CVE-2022-40632]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40632') [CONFIRM]('https://wordpress.org/plugins/wpforo/') [CONFIRM]('https://patchstack.com/database/vulnerability/wpforo/wordpress-wpforo-forum-plugin-2-0-5-cross-site-request-forgery-csrf-vulnerability-2?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]gvectors -- wpforo_forum[/LEFT][/TD] [TD][LEFT]Insecure direct object references (IDOR) vulnerability in the wpForo Forum plugin <= 2.0.5 on WordPress allows attackers with subscriber or higher user roles to mark any forum post as solved/unsolved.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40205&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-40205]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40205') [CONFIRM]('https://patchstack.com/database/vulnerability/wpforo/wordpress-wpforo-forum-plugin-2-0-5-insecure-direct-object-references-idor-vulnerability-2?_s_id=cve') [CONFIRM]('https://wordpress.org/plugins/wpforo/')[/TD] [/TR] [TR] [TD][LEFT]gvectors -- wpforo_forum[/LEFT][/TD] [TD][LEFT]Insecure direct object references (IDOR) vulnerability in the wpForo Forum plugin <= 2.0.5 on WordPress allows attackers with subscriber or higher user roles to mark any forum post as private/public.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40206&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-40206]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40206') [CONFIRM]('https://wordpress.org/plugins/wpforo/') [CONFIRM]('https://patchstack.com/database/vulnerability/wpforo/wordpress-wpforo-forum-plugin-2-0-5-insecure-direct-object-references-idor-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]hcltech -- domino[/LEFT][/TD] [TD][LEFT]HCL Domino is susceptible to an information disclosure vulnerability. In some scenarios, local calls made on the server to search the Domino directory will ignore xACL read restrictions. An authenticated attacker could leverage this vulnerability to access attributes from a user's person record.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-38654&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-38654]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-38654') [MISC]('https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0101017')[/TD] [/TR] [TR] [TD][LEFT]highlight_focus_project -- highlight_focus[/LEFT][/TD] [TD][LEFT]The Highlight Focus WordPress plugin through 1.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3462&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3462]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3462') [CONFIRM]('https://wpscan.com/vulnerability/b583de48-1332-4984-8c0c-a7ed4a2397cd')[/TD] [/TR] [TR] [TD][LEFT]hotelmanager_project -- hotelmanager[/LEFT][/TD] [TD][LEFT]Saibamen HotelManager v1.2 is vulnerable to Cross Site Scripting (XSS) due to improper sanitization of comment and contact fields.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-39473&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2021-39473]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-39473') [MISC]('https://github.com/Saibamen/HotelManager/issues/49') [MISC]('https://github.com/Saibamen/HotelManager')[/TD] [/TR] [TR] [TD][LEFT]huawei -- harmonyos[/LEFT][/TD] [TD][LEFT]There is a race condition vulnerability in SD upgrade mode. Successful exploitation of this vulnerability may affect data confidentiality.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][5.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44563&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-44563]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44563') [MISC]('https://consumer.huawei.com/en/support/bulletin/2022/11/') [MISC]('https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202211-0000001441016433')[/TD] [/TR] [TR] [TD][LEFT]huawei -- harmonyos[/LEFT][/TD] [TD][LEFT]There is a vulnerability in permission verification during the Bluetooth pairing process. Successful exploitation of this vulnerability may cause the dialog box for confirming the pairing not to be displayed during Bluetooth pairing.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44548&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44548]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44548') [MISC]('https://consumer.huawei.com/en/support/bulletin/2022/11/') [MISC]('https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202211-0000001441016433')[/TD] [/TR] [TR] [TD][LEFT]human_resource_management_system_project -- human_resource_management_system[/LEFT][/TD] [TD][LEFT]A cross-site scripting (XSS) vulnerability in /hrm/index.php?msg of Human Resource Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43317&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-43317]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43317') [MISC]('https://github.com/ImaizumiYui/bug_report/blob/main/vendors/oretnom23/Human%20Resource%20Management%20System/XSS-1.md')[/TD] [/TR] [TR] [TD][LEFT]infotel -- tasklists[/LEFT][/TD] [TD][LEFT]tasklists is a tasklists plugin for GLPI (Kanban). Versions prior to 2.0.3 are vulnerable to Cross-site Scripting. Cross-site Scripting (XSS) - Create XSS in task content (when add it). This issue is patched in version 2.0.3. There are no known workarounds.[/LEFT][/TD] [TD][CENTER]2022-11-10[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39398&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-39398]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39398') [CONFIRM]('https://github.com/InfotelGLPI/tasklists/security/advisories/GHSA-3qv3-8393-777q') [MISC]('https://github.com/InfotelGLPI/tasklists/commit/4a1b30f3d9fa764695f98ce011c8542772530d47')[/TD] [/TR] [TR] [TD][LEFT]inhandnetworks -- ir302_firmware[/LEFT][/TD] [TD][LEFT]A leftover debug code vulnerability exists in the console verify functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted series of network requests can lead to disabling security features. An attacker can send a sequence of requests to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-26023&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-26023]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-26023') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2022-1520') [CONFIRM]('https://inhandnetworks.com/upload/attachment/202210/25/InHand-PSA-2022-02.pdf')[/TD] [/TR] [TR] [TD][LEFT]inhandnetworks -- ir302_firmware[/LEFT][/TD] [TD][LEFT]A leftover debug code vulnerability exists in the console nvram functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted series of network requests can lead to disabling security features. An attacker can send a sequence of requests to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-29481&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-29481]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-29481') [CONFIRM]('https://inhandnetworks.com/upload/attachment/202210/25/InHand-PSA-2022-02.pdf') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2022-1518')[/TD] [/TR] [TR] [TD][LEFT]intelliants -- subrion_cms[/LEFT][/TD] [TD][LEFT]A cross-site scripting (XSS) vulnerability in the /panel/fields/add component of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Field default value text field.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43120&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-43120]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43120') [MISC]('https://github.com/intelliants/subrion/issues/894')[/TD] [/TR] [TR] [TD][LEFT]intelliants -- subrion_cms[/LEFT][/TD] [TD][LEFT]A cross-site scripting (XSS) vulnerability in the CMS Field Add page of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tooltip text field.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43121&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-43121]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43121') [MISC]('https://github.com/intelliants/subrion/issues/895')[/TD] [/TR] [TR] [TD][LEFT]joomla -- joomla\![/LEFT][/TD] [TD][LEFT]An issue was discovered in Joomla! 4.0.0 through 4.2.4. Inadequate filtering of potentially malicious user input leads to reflected XSS vulnerabilities in com_media.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-27914&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-27914]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-27914') [MISC]('https://developer.joomla.org/security-centre/887-20221101-core-rxss-through-reflection-of-user-input-in-com-media.html')[/TD] [/TR] [TR] [TD][LEFT]kaden -- picoflux_air_water_meter[/LEFT][/TD] [TD][LEFT]In the Kaden PICOFLUX AiR water meter an adversary can read the values through wireless M-Bus mode 5 with a hardcoded shared key while being adjacent to the device.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-34577&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2021-34577]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-34577') [MISC]('https://www.fit.vutbr.cz/~polcak/CVE-2021-34577')[/TD] [/TR] [TR] [TD][LEFT]lenovo -- elan_miniport_touchpad_driver[/LEFT][/TD] [TD][LEFT]ELAN Miniport touchpad Windows driver before 24.21.51.2, as used in PC hardware from multiple manufacturers, allows local users to cause a system crash by sending a certain IOCTL request, because that request is handled twice.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][4.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-42205&vector=CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2021-42205]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-42205') [MISC]('https://www.emc.com.tw/upload/F2E/Vulnerability%20Report/Vulnerability%20Report_Miniport%20touchpad%20Windows%20driver_20221107.pdf')[/TD] [/TR] [TR] [TD][LEFT]mcafee -- data_exchange_layer[/LEFT][/TD] [TD][LEFT]Privilege escalation vulnerability in DXL Broker for Windows prior to 6.0.0.280 allows local users to gain elevated privileges by exploiting weak directory controls in the logs directory. This can lead to a denial-of-service attack on the DXL Broker.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2188&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-2188]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2188') [MISC]('https://kcm.trellix.com/corporate/index?page=content&id=SB10383')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- .net_framework[/LEFT][/TD] [TD][LEFT].NET Framework Information Disclosure Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][5.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41064&vector=CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-41064]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41064') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41064')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- bitlocker[/LEFT][/TD] [TD][LEFT]BitLocker Security Feature Bypass Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][4.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41099&vector=CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-41099]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41099') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41099')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- dynamics_365_business_central[/LEFT][/TD] [TD][LEFT]Microsoft Business Central Information Disclosure Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41066&vector=CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-41066]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41066') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41066')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- microsoft_word[/LEFT][/TD] [TD][LEFT]Microsoft Word Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-41103.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41060&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-41060]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41060') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41060')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- microsoft_word[/LEFT][/TD] [TD][LEFT]Microsoft Word Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-41060.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41103&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-41103]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41103') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41103')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- network_policy_server_radius[/LEFT][/TD] [TD][LEFT]Network Policy Server (NPS) RADIUS Protocol Information Disclosure Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41097&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-41097]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41097') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41097')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- office[/LEFT][/TD] [TD][LEFT]Microsoft Excel Information Disclosure Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41105&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-41105]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41105') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41105')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- sharepoint_foundation[/LEFT][/TD] [TD][LEFT]Microsoft SharePoint Server Spoofing Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41122&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-41122]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41122') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41122')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_10[/LEFT][/TD] [TD][LEFT]Windows Hyper-V Denial of Service Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-38015&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-38015]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-38015') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38015')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Group Policy Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37992.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][6.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41086&vector=CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41086]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41086') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41086')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2019[/LEFT][/TD] [TD][LEFT]Windows Human Interface Device Information Disclosure Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41055&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-41055]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41055') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41055')[/TD] [/TR] [TR] [TD][LEFT]net-snmp -- net-snmp[/LEFT][/TD] [TD][LEFT]handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker (who has write access) to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44792&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-44792]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44792') [MISC]('https://github.com/net-snmp/net-snmp/issues/474') [MISC]('https://gist.github.com/menglong2234/b7bc13ae1a144f47cc3c95a7ea062428')[/TD] [/TR] [TR] [TD][LEFT]net-snmp -- net-snmp[/LEFT][/TD] [TD][LEFT]handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44793&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-44793]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44793') [MISC]('https://github.com/net-snmp/net-snmp/issues/475') [MISC]('https://gist.github.com/menglong2234/d07a65b5028145c9f4e1d1db8c4c202f')[/TD] [/TR] [TR] [TD][LEFT]objectfirst -- object_first[/LEFT][/TD] [TD][LEFT]An issue was discovered in Object First 1.0.7.712. A flaw was found in the Web Service, which could lead to local information disclosure. The command that creates the URL for the support bundle uses an insecure RNG. That can lead to prediction of the generated URL. As a result, an attacker can get access to system logs. An attacker would need credentials to exploit this vulnerability. This is fixed in 1.0.13.1611.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44795&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-44795]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44795') [MISC]('https://objectfirst.com/security/of-20221024-0003/')[/TD] [/TR] [TR] [TD][LEFT]openzeppelin -- contracts[/LEFT][/TD] [TD][LEFT]OpenZeppelin Contracts is a library for secure smart contract development. Before version 4.4.1 but after 3.2.0, initializer functions that are invoked separate from contract creation (the most prominent example being minimal proxies) may be reentered if they make an untrusted non-view external call. Once an initializer has finished running it can never be re-executed. However, an exception put in place to support multiple inheritance made reentrancy possible in the scenario described above, breaking the expectation that there is a single execution. Note that upgradeable proxies are commonly initialized together with contract creation, where reentrancy is not feasible, so the impact of this issue is believed to be minor. This issue has been patched, please upgrade to version 4.4.1. As a workaround, avoid untrusted external calls during initialization.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][5.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39384&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L')[/CENTER][/TD] [TD][CVE-2022-39384]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39384') [MISC]('https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3006') [CONFIRM]('https://github.com/OpenZeppelin/openzeppelin-contracts/security/advisories/GHSA-9c22-pwxw-p6hx')[/TD] [/TR] [TR] [TD][LEFT]paloaltonetworks -- cortex_xsoar[/LEFT][/TD] [TD][LEFT]A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system allows a local attacker with shell access to the engine to execute programs with elevated privileges.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-0031&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-0031]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-0031') [MISC]('https://security.paloaltonetworks.com/CVE-2022-0031')[/TD] [/TR] [TR] [TD][LEFT]perfexcrm -- perfex_crm[/LEFT][/TD] [TD][LEFT]perfex crm 1.10 is vulnerable to Cross Site Scripting (XSS) via /clients/profile.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-40303&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2021-40303]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-40303') [MISC]('https://www.exploit-db.com/exploits/50097')[/TD] [/TR] [TR] [TD][LEFT]picoc_project -- picoc[/LEFT][/TD] [TD][LEFT]PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the ExpressionCoerceInteger function in expression.c when called from ExpressionInfixOperator.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44312&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-44312]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44312') [MISC]('https://gitlab.com/zsaleeba/picoc/-/issues/48') [MISC]('https://github.com/jpoirier/picoc/issues/37')[/TD] [/TR] [TR] [TD][LEFT]picoc_project -- picoc[/LEFT][/TD] [TD][LEFT]PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the ExpressionCoerceUnsignedInteger function in expression.c when called from ExpressionParseFunctionCall.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44313&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-44313]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44313') [MISC]('https://gitlab.com/zsaleeba/picoc/-/issues/48') [MISC]('https://github.com/jpoirier/picoc/issues/37')[/TD] [/TR] [TR] [TD][LEFT]picoc_project -- picoc[/LEFT][/TD] [TD][LEFT]PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the StringStrncpy function in cstdlib/string.c when called from ExpressionParseFunctionCall.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44314&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-44314]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44314') [MISC]('https://gitlab.com/zsaleeba/picoc/-/issues/48') [MISC]('https://github.com/jpoirier/picoc/issues/37')[/TD] [/TR] [TR] [TD][LEFT]picoc_project -- picoc[/LEFT][/TD] [TD][LEFT]PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the ExpressionAssign function in expression.c when called from ExpressionParseFunctionCall.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44315&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-44315]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44315') [MISC]('https://gitlab.com/zsaleeba/picoc/-/issues/48') [MISC]('https://github.com/jpoirier/picoc/issues/37')[/TD] [/TR] [TR] [TD][LEFT]picoc_project -- picoc[/LEFT][/TD] [TD][LEFT]PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the LexGetStringConstant function in lex.c when called from LexScanGetToken.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44316&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-44316]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44316') [MISC]('https://gitlab.com/zsaleeba/picoc/-/issues/48') [MISC]('https://github.com/jpoirier/picoc/issues/37')[/TD] [/TR] [TR] [TD][LEFT]picoc_project -- picoc[/LEFT][/TD] [TD][LEFT]PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the StdioOutPutc function in cstdlib/stdio.c when called from ExpressionParseFunctionCall.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44317&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-44317]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44317') [MISC]('https://gitlab.com/zsaleeba/picoc/-/issues/48') [MISC]('https://github.com/jpoirier/picoc/issues/37')[/TD] [/TR] [TR] [TD][LEFT]picoc_project -- picoc[/LEFT][/TD] [TD][LEFT]PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the StringStrcat function in cstdlib/string.c when called from ExpressionParseFunctionCall.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44318&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-44318]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44318') [MISC]('https://gitlab.com/zsaleeba/picoc/-/issues/48') [MISC]('https://github.com/jpoirier/picoc/issues/37')[/TD] [/TR] [TR] [TD][LEFT]picoc_project -- picoc[/LEFT][/TD] [TD][LEFT]PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the StdioBasePrintf function in cstdlib/string.c when called from ExpressionParseFunctionCall.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44319&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-44319]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44319') [MISC]('https://gitlab.com/zsaleeba/picoc/-/issues/48') [MISC]('https://github.com/jpoirier/picoc/issues/37')[/TD] [/TR] [TR] [TD][LEFT]picoc_project -- picoc[/LEFT][/TD] [TD][LEFT]PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the ExpressionCoerceFP function in expression.c when called from ExpressionParseFunctionCall.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44320&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-44320]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44320') [MISC]('https://gitlab.com/zsaleeba/picoc/-/issues/48') [MISC]('https://github.com/jpoirier/picoc/issues/37')[/TD] [/TR] [TR] [TD][LEFT]picoc_project -- picoc[/LEFT][/TD] [TD][LEFT]PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the LexSkipComment function in lex.c when called from LexScanGetToken.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44321&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-44321]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44321') [MISC]('https://gitlab.com/zsaleeba/picoc/-/issues/48') [MISC]('https://github.com/jpoirier/picoc/issues/37')[/TD] [/TR] [TR] [TD][LEFT]powercom_co_ltd -- upsmon_pro[/LEFT][/TD] [TD][LEFT]UPSMON PRO’s has a path traversal vulnerability. A remote attacker with general user privilege can exploit this vulnerability to bypass authentication and access arbitrary system files.[/LEFT][/TD] [TD][CENTER]2022-11-10[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-38120&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-38120]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-38120') [MISC]('https://www.twcert.org.tw/tw/cp-132-6679-a0695-1.html')[/TD] [/TR] [TR] [TD][LEFT]powercom_co_ltd -- upsmon_pro[/LEFT][/TD] [TD][LEFT]UPSMON PRO configuration file stores user password in plaintext under public user directory. A remote attacker with general user privilege can access all users‘ and administrators' account names and passwords via this unprotected configuration file.[/LEFT][/TD] [TD][CENTER]2022-11-10[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-38121&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-38121]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-38121') [MISC]('https://www.twcert.org.tw/tw/cp-132-6680-af0aa-1.html')[/TD] [/TR] [TR] [TD][LEFT]rymera -- advanced_coupons[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Advanced Coupons for WooCommerce Coupons plugin <= 4.5 on WordPress leading to notice dismissal.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43481&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-43481]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43481') [CONFIRM]('https://patchstack.com/database/vulnerability/advanced-coupons-for-woocommerce-free/wordpress-advanced-coupons-for-woocommerce-coupons-plugin-4-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve') [CONFIRM]('https://wordpress.org/plugins/advanced-coupons-for-woocommerce-free/')[/TD] [/TR] [TR] [TD][LEFT]samsung -- editor_lite[/LEFT][/TD] [TD][LEFT]Heap overflow vulnerability in parse_pce function in libsavsaudio.so in Editor Lite prior to version 4.0.41.3 allows attacker to get information.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39891&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-39891]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39891') [MISC]('https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=11')[/TD] [/TR] [TR] [TD][LEFT]sandhillsdev -- easy_digital_downloads[/LEFT][/TD] [TD][LEFT]The Easy Digital Downloads WordPress plugin before 3.0 does not have CSRF check in place when deleting payment history, and does not ensure that the post to be deleted is actually a payment history. As a result, attackers could make a logged in admin delete arbitrary post via a CSRF attack[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2387&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-2387]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2387') [CONFIRM]('https://wpscan.com/vulnerability/db3c3c78-1724-4791-9ab6-ebb2e8a4c8b8')[/TD] [/TR] [TR] [TD][LEFT]sanitization_management_system_project -- sanitization_management_system[/LEFT][/TD] [TD][LEFT]Sanitization Management System v1.0 was discovered to contain an arbitrary file deletion vulnerability via the component /classes/Master.php?f=delete_img.[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43351&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-43351]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43351') [MISC]('https://github.com/Hujozay/bug_report/blob/main/vendors/oretnom23/sanitization-management-system/delete-file-1.md')[/TD] [/TR] [TR] [TD][LEFT]sap -- biller_direct[/LEFT][/TD] [TD][LEFT]SAP Biller Direct allows an unauthenticated attacker to craft a legitimate looking URL. When clicked by an unsuspecting victim, it will use an unsensitized parameter to redirect the victim to a malicious site of the attacker's choosing which can result in disclosure or modification of the victim's information.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41207&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-41207]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41207') [MISC]('https://launchpad.support.sap.com/#/notes/3238042') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html')[/TD] [/TR] [TR] [TD][LEFT]sap -- financial_consolidation[/LEFT][/TD] [TD][LEFT]Due to insufficient input validation, SAP Financial Consolidation - version 1010, allows an authenticated attacker to inject malicious script when running a common query in the Web Administration Console. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality, integrity and availability of the application.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41258&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L')[/CENTER][/TD] [TD][CVE-2022-41258]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41258') [MISC]('https://launchpad.support.sap.com/#/notes/3260708') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html')[/TD] [/TR] [TR] [TD][LEFT]sap -- financial_consolidation[/LEFT][/TD] [TD][LEFT]SAP Financial Consolidation - version 1010, does not sufficiently encode user-controlled input which may allow an unauthenticated attacker to inject a web script via a GET request. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41260&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-41260]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41260') [MISC]('https://launchpad.support.sap.com/#/notes/3260708') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html')[/TD] [/TR] [TR] [TD][LEFT]sap -- financial_consolidation[/LEFT][/TD] [TD][LEFT]Due to insufficient input validation, SAP Financial Consolidation - version 1010, allows an authenticated attacker with user privileges to alter current user session. On successful exploitation, the attacker can view or modify information, causing a limited impact on confidentiality and integrity of the application.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41208&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-41208]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41208') [MISC]('https://launchpad.support.sap.com/#/notes/3260708') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html')[/TD] [/TR] [TR] [TD][LEFT]sap -- gui[/LEFT][/TD] [TD][LEFT]SAP GUI allows an authenticated attacker to execute scripts in the local network. On successful exploitation, the attacker can gain access to registries which can cause a limited impact on confidentiality and high impact on availability of the application.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41205&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41205]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41205') [MISC]('https://launchpad.support.sap.com/#/notes/3237251') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html')[/TD] [/TR] [TR] [TD][LEFT]sap -- netweaver_application_server_abap[/LEFT][/TD] [TD][LEFT]Due to insufficient input validation, SAP NetWeaver Application Server ABAP and ABAP Platform allows an attacker with high level privileges to use a remote enabled function to delete a file which is otherwise restricted. On successful exploitation an attacker can completely compromise the integrity and availability of the application.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41214&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41214]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41214') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html') [MISC]('https://launchpad.support.sap.com/#/notes/3256571')[/TD] [/TR] [TR] [TD][LEFT]sap -- netweaver_application_server_abap[/LEFT][/TD] [TD][LEFT]Due to insufficient input validation, SAP NetWeaver Application Server ABAP and ABAP Platform allows an attacker with high level privileges to use a remote enabled function to read a file which is otherwise restricted. On successful exploitation an attacker can completely compromise the confidentiality of the application.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][4.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41212&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-41212]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41212') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html') [MISC]('https://launchpad.support.sap.com/#/notes/3256571')[/TD] [/TR] [TR] [TD][LEFT]sap -- netweaver_application_server_abap[/LEFT][/TD] [TD][LEFT]SAP NetWeaver ABAP Server and ABAP Platform allows an unauthenticated attacker to redirect users to a malicious site due to insufficient URL validation. This could lead to the user being tricked to disclose personal information.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][4.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41215&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-41215]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41215') [MISC]('https://launchpad.support.sap.com/#/notes/3251202') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html')[/TD] [/TR] [TR] [TD][LEFT]sap -- sql_anywhere[/LEFT][/TD] [TD][LEFT]SAP SQL Anywhere - version 17.0, allows an authenticated attacker to prevent legitimate users from accessing a SQL Anywhere database server by crashing the server with some queries that use an ARRAY constructor.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41259&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41259]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41259') [MISC]('https://launchpad.support.sap.com/#/notes/3229987') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html')[/TD] [/TR] [TR] [TD][LEFT]searchwp -- searchwp[/LEFT][/TD] [TD][LEFT]Nonce token leakage and missing authorization in SearchWP premium plugin <= 4.2.5 on WordPress leading to plugin settings change.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40223&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-40223]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40223') [CONFIRM]('https://searchwp.com/documentation/changelog/') [CONFIRM]('https://patchstack.com/database/vulnerability/searchwp/wordpress-searchwp-premium-plugin-4-2-5-broken-authentication-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]shopwind -- shopwind[/LEFT][/TD] [TD][LEFT]Shopwind v3.4.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the component /common/library/Page.php.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43321&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-43321]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43321') [MISC]('https://github.com/shopwind/yii-shopwind/issues/1') [MISC]('http://yii-shopwind.com')[/TD] [/TR] [TR] [TD][LEFT]simple_video_embedder_project -- simple_video_embedder[/LEFT][/TD] [TD][LEFT]Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in James Lao's Simple Video Embedder plugin <= 2.2 on WordPress.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44590&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44590]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44590') [CONFIRM]('https://patchstack.com/database/vulnerability/simple-video-embedder/wordpress-simple-video-embedder-plugin-2-2-auth-stored-cross-site-scripting-xss-vulnerability?_s_id=cve') [CONFIRM]('https://wordpress.org/plugins/simple-video-embedder/')[/TD] [/TR] [TR] [TD][LEFT]splunk -- splunk[/LEFT][/TD] [TD][LEFT]In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, a remote user who can create search macros and schedule search reports can cause a denial of service through the use of specially crafted search macros.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43564&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-43564]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43564') [MISC]('https://www.splunk.com/en_us/product-security/announcements/svd-2022-1104.html')[/TD] [/TR] [TR] [TD][LEFT]splunk -- splunk[/LEFT][/TD] [TD][LEFT]In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, an authenticated user can perform an extensible markup language (XML) external entity (XXE) injection via a custom View. The XXE injection causes Splunk Web to embed incorrect documents into an error.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43570&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-43570]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43570') [MISC]('https://www.splunk.com/en_us/product-security/announcements/svd-2022-1110.html')[/TD] [/TR] [TR] [TD][LEFT]splunk -- splunk[/LEFT][/TD] [TD][LEFT]In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, sending a malformed file through the Splunk-to-Splunk (S2S) or HTTP Event Collector (HEC) protocols to an indexer results in a blockage or denial-of-service preventing further indexing.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43572&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-43572]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43572') [MISC]('https://www.splunk.com/en_us/product-security/announcements/svd-2022-1111.html')[/TD] [/TR] [TR] [TD][LEFT]splunk -- splunk[/LEFT][/TD] [TD][LEFT]In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, a View allows for a Reflected Cross Site Scripting via JavaScript Object Notation (JSON) in a query parameter when output_mode=radio.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43568&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-43568]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43568') [MISC]('https://www.splunk.com/en_us/product-security/announcements/svd-2022-1108.html') [MISC]('https://research.splunk.com/application/d532d105-c63f-4049-a8c4-e249127ca425/')[/TD] [/TR] [TR] [TD][LEFT]splunk -- splunk[/LEFT][/TD] [TD][LEFT]In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, Splunk Enterprise fails to properly validate and escape the Host header, which could let a remote authenticated user conduct various attacks against the system, including cross-site scripting and cache poisoning.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43562&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-43562]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43562') [MISC]('https://www.splunk.com/en_us/product-security/announcements/svd-2022-1102.html')[/TD] [/TR] [TR] [TD][LEFT]splunk -- splunk[/LEFT][/TD] [TD][LEFT]In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, an authenticated user can inject and store arbitrary scripts that can lead to persistent cross-site scripting (XSS) in the object name of a Data Model.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43569&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-43569]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43569') [MISC]('https://www.splunk.com/en_us/product-security/announcements/svd-2022-1109.html') [MISC]('https://research.splunk.com/application/062bff76-5f9c-496e-a386-cb1adcf69871/')[/TD] [/TR] [TR] [TD][LEFT]stiltsoft -- handy_macros_for_confluence[/LEFT][/TD] [TD][LEFT]The Handy Tip macro in Stiltsoft Handy Macros for Confluence Server/Data Center 3.x before 3.5.5 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44724&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44724]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44724') [MISC]('https://stiltsoft.atlassian.net/browse/VD-3')[/TD] [/TR] [TR] [TD][LEFT]systemd_project -- systemd[/LEFT][/TD] [TD][LEFT]An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3821&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-3821]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3821') [MISC]('https://github.com/systemd/systemd/issues/23928') [MISC]('https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e') [MISC]('https://github.com/systemd/systemd/pull/23933') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2139327')[/TD] [/TR] [TR] [TD][LEFT]vmware -- workspace_one_assist[/LEFT][/TD] [TD][LEFT]VMware Workspace ONE Assist prior to 22.10 contains a Reflected cross-site scripting (XSS) vulnerability. Due to improper user input sanitization, a malicious actor with some user interaction may be able to inject javascript code in the target user's window.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-31688&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-31688]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-31688') [MISC]('https://www.vmware.com/security/advisories/VMSA-2022-0028.html')[/TD] [/TR] [TR] [TD][LEFT]watchdog -- anti-virus[/LEFT][/TD] [TD][LEFT]Incorrect access control in the anti-virus driver wsdkd.sys of Watchdog Antivirus v1.4.158 allows attackers to write arbitrary files.[/LEFT][/TD] [TD][CENTER]2022-11-04[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-38582&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-38582]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-38582') [MISC]('https://gist.github.com/420SmokeBigWeedHackBadDrivers/53de9ff97d95fc3e79307345fddb0a30')[/TD] [/TR] [TR] [TD][LEFT]webartesanal -- mantenimiento_web[/LEFT][/TD] [TD][LEFT]Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Mantenimiento web plugin <= 0.13 on WordPress.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41980&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-41980]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41980') [CONFIRM]('https://patchstack.com/database/vulnerability/mantenimiento-web/wordpress-mantenimiento-web-plugin-0-13-auth-cross-site-scripting-xss-vulnerability?_s_id=cve') [CONFIRM]('https://wordpress.org/plugins/mantenimiento-web/')[/TD] [/TR] [TR] [TD][LEFT]weberge -- wp_hide[/LEFT][/TD] [TD][LEFT]The WP Hide WordPress plugin through 0.0.2 does not have authorisation and CSRF checks in place when updating the custom_wpadmin_slug settings, allowing unauthenticated attackers to update it with a crafted request[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3489&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3489]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3489') [CONFIRM]('https://wpscan.com/vulnerability/36d78b6c-0da5-44f8-b7b3-eae78edac505')[/TD] [/TR] [TR] [TD][LEFT]windows -- gdi+[/LEFT][/TD] [TD][LEFT]Windows GDI+ Information Disclosure Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41098&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-41098]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41098') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41098')[/TD] [/TR] [TR] [TD][LEFT]windows -- mark_of_the_web_security_feature[/LEFT][/TD] [TD][LEFT]Windows Mark of the Web Security Feature Bypass Vulnerability. This CVE ID is unique from CVE-2022-41091.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41049&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L')[/CENTER][/TD] [TD][CVE-2022-41049]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41049') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41049')[/TD] [/TR] [TR] [TD][LEFT]windows -- mark_of_the_web_security_feature[/LEFT][/TD] [TD][LEFT]Windows Mark of the Web Security Feature Bypass Vulnerability. This CVE ID is unique from CVE-2022-41049.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41091&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L')[/CENTER][/TD] [TD][CVE-2022-41091]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41091') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41091')[/TD] [/TR] [TR] [TD][LEFT]windows -- point-to-point_tunneling_protocol[/LEFT][/TD] [TD][LEFT]Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-41116.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][5.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41090&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41090]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41090') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41090')[/TD] [/TR] [TR] [TD][LEFT]windows -- point-to-point_tunneling_protocol[/LEFT][/TD] [TD][LEFT]Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-41090.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][5.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41116&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41116]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41116') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41116')[/TD] [/TR] [TR] [TD][LEFT]windows_and_linux -- nvidia_gpu_display_driver[/LEFT][/TD] [TD][LEFT]NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer dereference, which may lead to denial of service.[/LEFT][/TD] [TD][CENTER]2022-11-10[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-34666&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-34666]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-34666') [MISC]('https://nvidia.custhelp.com/app/answers/detail/a_id/5383')[/TD] [/TR] [TR] [TD][LEFT]wpadvancedads -- advanced_ads_-[I]ad_manager[/I]\&_adsense[/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Advanced Ads GmbH Advanced Ads – Ad Manager & AdSense plugin <= 1.31.1 on WordPress.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32776&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-32776]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32776') [CONFIRM]('https://patchstack.com/database/vulnerability/advanced-ads/wordpress-advanced-ads-ad-manager-adsense-plugin-1-31-1-authenticated-stored-cross-site-scripting-xss-vulnerability?_s_id=cve') [CONFIRM]('https://wordpress.org/plugins/advanced-ads/')[/TD] [/TR] [TR] [TD][LEFT]zkteco -- biotime[/LEFT][/TD] [TD][LEFT]ZKTeco BioTime 8.5.4 is missing authentication on folders containing employee photos, allowing an attacker to view them through filename enumeration.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-30515&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-30515]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-30515') [MISC]('https://www.zkteco.me/software-5') [MISC]('https://codingkoala.eu/posts/CVE202230515/')[/TD] [/TR] [TR] [TD][LEFT]zohocorp -- zoho_crm_lead_magnet[/LEFT][/TD] [TD][LEFT]Auth. (subscriber+) Arbitrary Options Update vulnerability in Zoho CRM Lead Magnet plugin <= 1.7.5.8 on WordPress.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41978&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-41978]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41978') [CONFIRM]('https://wordpress.org/plugins/zoho-crm-forms/#developers') [CONFIRM]('https://patchstack.com/database/vulnerability/zoho-crm-forms/wordpress-zoho-crm-lead-magnet-plugin-1-7-5-6-auth-arbitrary-options-update-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]zte -- zaip-aie[/LEFT][/TD] [TD][LEFT]There is a SQL injection vulnerability in ZTE ZAIP-AIE. Due to lack of input verification by the server, an attacker could trigger an attack by building malicious requests. Exploitation of this vulnerability could cause the leakage of the current table content.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39069&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-39069]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39069') [MISC]('https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1026604')[/TD] [/TR] [/TABLE][/CENTER] [Back to top]('https://us-cert.cisa.gov#top')

Low Vulnerabilities

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD][LEFT]f-secure -- safe[/LEFT][/TD] [TD][LEFT]WithSecure through 2022-08-10 allows attackers to cause a denial of service (issue 2 of 5).[/LEFT][/TD] [TD][CENTER]2022-11-07[/CENTER][/TD] [TD][CENTER][3.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-38163&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-38163]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-38163') [MISC]('https://www.f-secure.com/en/home/support/security-advisories') [MISC]('https://withsecure.com')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In AlwaysOnHotwordDetector of AlwaysOnHotwordDetector.java, there is a possible way to access the microphone from the background due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11Android ID: A-229793943[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20446&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-20446]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20446') [MISC]('https://source.android.com/security/bulletin/2022-11-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In factoryReset of WifiServiceImpl, there is a possible way to preserve WiFi settings due to a logic error in the code. This could lead to a local non-security issue across network factory resets with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-231985227[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20463&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-20463]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20463') [MISC]('https://source.android.com/security/bulletin/2022-11-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]Improper authorization vulnerability in?CallBGProvider prior to SMR Nov-2022 Release 1 allows local attacker to grant permission for accessing information with phone uid.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39879&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-39879]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39879') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=11')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]Improper access control vulnerability in IImsService prior to SMR Nov-2022 Release 1 allows local attacker to access to Call information.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39884&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-39884]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39884') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=11')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]Improper access control vulnerability in BootCompletedReceiver_CMCC in DeviceManagement prior to SMR Nov-2022 Release 1 allows local attacker to access to Device information.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39885&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-39885]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39885') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=11')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]Improper access control vulnerability in IpcRxServiceModeBigDataInfo in RIL prior to SMR Nov-2022 Release 1 allows local attacker to access Device information.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39886&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-39886]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39886') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=11')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]Improper access control vulnerability in clearAllGlobalProxy in MiscPolicy prior to SMR Nov-2022 Release 1 allows local attacker to configure EDM setting.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39887&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-39887]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39887') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=11')[/TD] [/TR] [TR] [TD][LEFT]samsung -- galaxy_buds_pro_manage[/LEFT][/TD] [TD][LEFT]Sensitive information exposure vulnerability in FmmBaseModel in Galaxy Buds Pro Manage prior to version 4.1.22092751 allows local attackers with log access permission to get device identifier data through device log.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39893&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-39893]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39893') [MISC]('https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=11')[/TD] [/TR] [TR] [TD][LEFT]samsung -- galaxywatch4plugin[/LEFT][/TD] [TD][LEFT]Improper access control vulnerability in GalaxyWatch4Plugin prior to versions 2.2.11.22101351 and 2.2.12.22101351 allows attackers to access wearable device information.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39889&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-39889]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39889') [MISC]('https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=11')[/TD] [/TR] [TR] [TD][LEFT]siemens -- simatic_wincc_runtime[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in SIMATIC Drive Controller family (All versions), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions < V3.2.19), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions < V3.2.19), SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.2.19), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.2.19), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.2.19), SIMATIC PC Station (All versions >= V2.1), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-1500 Software Controller (All versions), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions < V3.3.19), SIMATIC S7-300 CPU 315-2 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 317-2 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 319-3 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions < V3.2.19), SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-PLCSIM Advanced (All versions), SIMATIC WinCC Runtime Advanced (All versions), SINUMERIK ONE (All versions), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions < V3.2.19), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions < V3.2.19), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions < V3.3.19), SIPLUS S7-300 CPU 315-2 PN/DP (All versions < V3.2.19), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions < V3.2.19), SIPLUS S7-300 CPU 317-2 PN/DP (All versions < V3.2.19), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions < V3.2.19). The login endpoint /FormLogin in affected web services does not apply proper origin checking. This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack.[/LEFT][/TD] [TD][CENTER]2022-11-08[/CENTER][/TD] [TD][CENTER][3.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-30694&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-30694]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-30694') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-478960.pdf')[/TD] [/TR] [/TABLE][/CENTER] [Back to top]('https://us-cert.cisa.gov#top')

Severity Not Yet Assigned

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD][LEFT]agentflow --bpm_enterprise_management_system[/LEFT][/TD] [TD][LEFT]Agentflow BPM enterprise management system has improper authentication. A remote attacker with general user privilege can change the name of the user account to acquire arbitrary account privilege, and access, manipulate system or disrupt service.[/LEFT][/TD] [TD][CENTER]2022-11-10[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-39038]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39038') [MISC]('https://www.twcert.org.tw/tw/cp-132-6684-53149-1.html') [MISC]('https://www.flowring.com/2022/09/19/%e7%94%a2%e5%93%81%e6%9b%b4%e6%96%b0agentflow-v4-0%e3%80%81v3-7%e5%a4%be%e6%aa%94%e5%8a%9f%e8%83%bd%e8%b3%87%e5%ae%89%e4%bf%ae%e6%ad%a3/')[/TD] [/TR] [TR] [TD][LEFT]amd -- link_android[/LEFT][/TD] [TD][LEFT]Insufficient access controls in the AMD Link Android app may potentially result in information disclosure.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-27673]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-27673') [MISC]('https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1047')[/TD] [/TR] [TR] [TD][LEFT]amd -- multiple_products[/LEFT][/TD] [TD][LEFT]Improper parameters handling in AMD Secure Processor (ASP) drivers may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2020-12930]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-12930') [MISC]('https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029')[/TD] [/TR] [TR] [TD][LEFT]amd -- multiple_products[/LEFT][/TD] [TD][LEFT]Improper parameters handling in the AMD Secure Processor (ASP) kernel may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2020-12931]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-12931') [MISC]('https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029')[/TD] [/TR] [TR] [TD][LEFT]amd -- multiple_products[/LEFT][/TD] [TD][LEFT]An attacker with local access to the system can make unauthorized modifications of the security configuration of the SOC registers. This could allow potential corruption of AMD secure processor’s encrypted memory contents which may lead to arbitrary code execution in ASP.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-26360]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-26360') [MISC]('https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029')[/TD] [/TR] [TR] [TD][LEFT]amd -- multiple_products[/LEFT][/TD] [TD][LEFT]Insufficient verification of multiple header signatures while loading a Trusted Application (TA) may allow an attacker with privileges to gain code execution in that TA or the OS/kernel.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-26391]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-26391') [MISC]('https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029')[/TD] [/TR] [TR] [TD][LEFT]amd -- multiple_products[/LEFT][/TD] [TD][LEFT]Insufficient verification of missing size check in 'LoadModule' may lead to an out-of-bounds write potentially allowing an attacker with privileges to gain code execution of the OS/kernel by loading a malicious TA.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-26392]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-26392') [MISC]('https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029')[/TD] [/TR] [TR] [TD][LEFT]amd -- multiple_products[/LEFT][/TD] [TD][LEFT]Insufficient memory cleanup in the AMD Secure Processor (ASP) Trusted Execution Environment (TEE) may allow an authenticated attacker with privileges to generate a valid signed TA and potentially poison the contents of the process memory with attacker controlled data resulting in a loss of confidentiality.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-26393]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-26393') [MISC]('https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029')[/TD] [/TR] [TR] [TD][LEFT]amd -- processors[/LEFT][/TD] [TD][LEFT]IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-23824]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23824') [MISC]('https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1040') [MLIST]('http://www.openwall.com/lists/oss-security/2022/11/10/2')[/TD] [/TR] [TR] [TD][LEFT]amd -- μProf[/LEFT][/TD] [TD][LEFT]Insufficient validation of the IOCTL input buffer in AMD ?Prof may allow an attacker to send an arbitrary buffer leading to a potential Windows kernel crash resulting in denial of service.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-23831]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23831') [MISC]('https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1046')[/TD] [/TR] [TR] [TD][LEFT]amd -- μProf[/LEFT][/TD] [TD][LEFT]Insufficient validation in the IOCTL input/output buffer in AMD ?Prof may allow an attacker to bypass bounds checks potentially leading to a Windows kernel crash resulting in denial of service.[/LEFT][/TD] [TD][CENTER]2022-11-09[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-27674]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-27674') [MISC]('https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1046')[/TD] [/TR] [TR] [TD][LEFT] arches -- arches [/LEFT][/TD]

[TD][LEFT]Arches is a web platform for creating, managing, & visualizing geospatial data. Versions prior to 6.1.2, 6.2.1, and 7.1.2 are vulnerable to SQL Injection. With a carefully crafted web request, it’s possible to execute certain unwanted sql statements against the database. This issue is fixed in version 7.12, 6.2.1, and 6.1.2. Users are recommended to upgrade as soon as possible. There are no workarounds.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41892
CONFIRM[/TD]
[/TR]
[TR]
[TD][LEFT]ayacms – ayacms[/LEFT][/TD]
[TD][LEFT]AyaCMS v3.1.2 was discovered to contain an arbitrary file upload vulnerability via the component /admin/fst_upload.inc.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-43074
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]bmc_remedy – bmc_remedy[/LEFT][/TD]
[TD][LEFT]An issue was discovered in BMC Remedy before 22.1. Email-based Incident Forwarding allows remote authenticated users to inject HTML (such as an SSRF payload) into the Activity Log by placing it in the To: field. This affects rendering that occurs upon a click in the “number of recipients” field. NOTE: the vendor’s position is that “no real impact is demonstrated.”[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-26088
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]btcd – btcd[/LEFT][/TD]
[TD][LEFT]btcd before 0.23.2, as used in Lightning Labs lnd before 0.15.2-beta and other Bitcoin-related products, mishandles witness size checking.[/LEFT][/TD]
[TD][CENTER]2022-11-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-44797
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]cbrn-analysis – cbrn-analysis[/LEFT][/TD]
[TD][LEFT]CBRN-Analysis before 22 has weak file permissions under Public Profile, leading to disclosure of file contents or privilege escalation.[/LEFT][/TD]
[TD][CENTER]2022-11-12[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-45193
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]cbrn-analysis – cbrn-analysis[/LEFT][/TD]
[TD][LEFT]CBRN-Analysis before 22 allows XXE attacks via am mws XML document, leading to NTLMv2-SSP hash disclosure.[/LEFT][/TD]
[TD][CENTER]2022-11-12[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-45194
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
contiki-ng – contiki-ng
[/LEFT][/TD]

[TD][LEFT]Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Versions prior to 4.9 are vulnerable to an Out-of-bounds read. While processing the L2CAP protocol, the Bluetooth Low Energy stack of Contiki-NG needs to map an incoming channel ID to its metadata structure. While looking up the corresponding channel structure in get_channel_for_cid (in os/net/mac/ble/ble-l2cap.c), a bounds check is performed on the incoming channel ID, which is meant to ensure that the channel ID does not exceed the maximum number of supported channels.However, an integer truncation issue leads to only the lowest byte of the channel ID to be checked, which leads to an incomplete out-of-bounds check. A crafted channel ID leads to out-of-bounds memory to be read and written with attacker-controlled data. The vulnerability has been patched in the “develop” branch of Contiki-NG, and will be included in release 4.9. As a workaround, Users can apply the patch in Contiki-NG pull request 2081 on GitHub.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41873
CONFIRM
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]deeplearning4j – deeplearning4j[/LEFT][/TD]
[TD][LEFT]Deeplearning4J is a suite of tools for deploying and training deep learning models using the JVM. Packages org.deeplearning4j:dl4j-examples and org.deeplearning4j:platform-tests through version 1.0.0-M2.1 may use some unclaimed S3 buckets in tests in examples. This is likely affect people who use some older NLP examples that reference an old S3 bucket. The problem has been patched. Users should upgrade to snapshots as Deeplearning4J plan to publish a release with the fix at a later date. As a workaround, download a word2vec google news vector from a new source using git lfs from here.[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-36022
CONFIRM
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]dotcms – dotcms[/LEFT][/TD]
[TD][LEFT]dotCMS before 22.06 allows remote attackers to bypass intended access control and obtain sensitive information by using a semicolon in a URL to introduce a matrix parameter. (This is also fixed in 5.3.8.12, 21.06.9, and 22.03.2 for LTS users.) Some Java application frameworks, including those used by Spring or Tomcat, allow the use of matrix parameters: these are URI parameters separated by semicolons. Through precise semicolon placement in a URI, it is possible to exploit this feature to avoid dotCMS’s path-based XSS prevention (such as “require login” filters), and consequently access restricted resources. For example, an attacker could place a semicolon immediately before a / character that separates elements of a filesystem path. This could reveal file content that is ordinarily only visible to signed-in users. This issue can be chained with other exploit code to achieve XSS attacks against dotCMS.[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-35740
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
drogon – drogon
[/LEFT][/TD]

[TD][LEFT]A vulnerability, which was classified as problematic, has been found in drogon up to 1.8.1. Affected by this issue is some unknown functionality of the component Session Hash Handler. The manipulation leads to small space of random values. The attack may be launched remotely. Upgrading to version 1.8.2 is able to address this issue. The name of the patch is c0d48da99f66aaada17bcd28b07741cac8697647. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-213464.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3959
N/A
N/A
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]eclipse – californium[/LEFT][/TD]
[TD][LEFT]Eclipse Californium is a Java implementation of RFC7252 - Constrained Application Protocol for IoT Cloud services. In versions prior to 3.7.0, and 2.7.4, Californium is vulnerable to a Denial of Service. Failing handshakes don’t cleanup counters for throttling, causing the threshold to be reached without being released again. This results in permanently dropping records. The issue was reported for certificate based handshakes, but may also affect PSK based handshakes. It generally affects client and server as well. This issue is patched in version 3.7.0 and 2.7.4. There are no known workarounds. main: commit 726bac57659410da463dcf404b3e79a7312ac0b9 2.7.x: commit 5648a0c27c2c2667c98419254557a14bac2b1f3f[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39368
CONFIRM
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
element_ios – element_ios
[/LEFT][/TD]

[TD][LEFT]Element iOS is an iOS Matrix client provided by Element. It is based on MatrixSDK. Prior to version 1.9.7, events encrypted using Megolm for which trust could not be established did not get decorated accordingly (with warning shields). Therefore a malicious homeserver could inject messages into the room without the user being alerted that the messages were not sent by a verified group member, even if the user has previously verified all group members. This issue has been patched in Element iOS 1.9.7. There are currently no known workarounds.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41904
MISC
CONFIRM[/TD]
[/TR]
[TR]
[TD][LEFT]eolinker – goku_lite[/LEFT][/TD]
[TD][LEFT]A vulnerability classified as critical has been found in eolinker goku_lite. This affects an unknown part of the file /balance/service/list. The manipulation of the argument route/keyword leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-213453 was assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3947
N/A
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]eolinker – goku_lite[/LEFT][/TD]
[TD][LEFT]A vulnerability classified as critical was found in eolinker goku_lite. This vulnerability affects unknown code of the file /plugin/getList. The manipulation of the argument route/keyword leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-213454 is the identifier assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3948
N/A
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]
espcms – espcms
[/LEFT][/TD]

[TD][LEFT]ESPCMS P8.21120101 was discovered to contain a remote code execution (RCE) vulnerability in the component UPFILE_PIC_ZOOM_HIGHT.[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-44087
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
espcms – espcms
[/LEFT][/TD]

[TD][LEFT]ESPCMS P8.21120101 was discovered to contain a remote code execution (RCE) vulnerability in the component INPUT_ISDESCRIPTION.[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-44088
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
espcms – espcms
[/LEFT][/TD]

[TD][LEFT]ESPCMS P8.21120101 was discovered to contain a remote code execution (RCE) vulnerability in the component IS_GETCACHE.[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-44089
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]etic_telecom – remote_access_server[/LEFT][/TD]
[TD][LEFT]All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior’s web portal is vulnerable to accepting malicious firmware packages that could provide a backdoor to an attacker and provide privilege escalation to the device.[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3703
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]etic_telecom – remote_access_server[/LEFT][/TD]
[TD][LEFT]All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior is vulnerable to malicious file upload. An attacker could take advantage of this to store malicious files on the server, which could override sensitive and useful existing files on the filesystem, fill the hard disk to full capacity, or compromise the affected device or computers with administrator level privileges connected to the affected device.[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-40981
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]etic_telecom – remote_access_server[/LEFT][/TD]
[TD][LEFT]All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior’s application programmable interface (API) is vulnerable to directory traversal through several different methods. This could allow an attacker to read sensitive files from the server, including SSH private keys, passwords, scripts, python objects, database files, and more.[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41607
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]exiv2 – exiv2[/LEFT][/TD]
[TD][LEFT]A vulnerability was found in Exiv2. It has been classified as problematic. This affects the function QuickTimeVideo::multipleEntriesDecoder of the file quicktimevideo.cpp of the component QuickTime Video Handler. The manipulation leads to infinite loop. It is possible to initiate the attack remotely. The name of the patch is 771ead87321ae6e39e5c9f6f0855c58cde6648f1. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-213459.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3953
N/A
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]fortbridge – plesk_obsidian[/LEFT][/TD]
[TD][LEFT]Plesk Obsidian allows a CSRF attack, e.g., via the /api/v2/cli/commands REST API to change an Admin password. NOTE: Obsidian is a specific version of the Plesk product: version numbers were used through version 12, and then the convention was changed so that versions are identified by names (“Obsidian”), not numbers.[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-45130
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]foru – cms[/LEFT][/TD]
[TD][LEFT]A vulnerability was found in ForU CMS. It has been classified as problematic. Affected is an unknown function of the file cms_chip.php. The manipulation of the argument name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-213450 is the identifier assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3943
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]
foxit – foxit_reader
[/LEFT][/TD]

[TD][LEFT]An Uncontrolled Search Path Element in Foxit Software released Foxit Reader v11.2.118.51569 allows attackers to escalate privileges when searching for DLL libraries without specifying an absolute path.[/LEFT][/TD]
[TD][CENTER]2022-11-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-43310
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
gnuboard5 – gnuboard5
[/LEFT][/TD]

[TD][LEFT]A vulnerability was found in gnuboard5. It has been classified as problematic. Affected is an unknown function of the file bbs/faq.php of the component FAQ Key ID Handler. The manipulation of the argument fm_id leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 5.5.8.2.1 is able to address this issue. The name of the patch is ba062ca5b62809106d5a2f7df942ffcb44ecb5a9. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-213540.[/LEFT][/TD]
[TD][CENTER]2022-11-12[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3963
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]go – vela[/LEFT][/TD]
[TD][LEFT]Vela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. In Vela Server and Vela Worker prior to version 0.16.0 and Vela UI prior to version 0.17.0, some default configurations for Vela allow exploitation and container breakouts. Users should upgrade to Server 0.16.0, Worker 0.16.0, and UI 0.17.0 to fix the issue. After upgrading, Vela administrators will need to explicitly change the default settings to configure Vela as desired. Some of the fixes will interrupt existing workflows and will require Vela administrators to modify default settings. However, not applying the patch (or workarounds) will continue existing risk exposure. Some workarounds are available. Vela administrators can adjust the worker’s [ICODE]VELA_RUNTIME_PRIVILEGED_IMAGES[/ICODE] setting to be explicitly empty, leverage the [ICODE]VELA_REPO_ALLOWLIST[/ICODE] setting on the server component to restrict access to a list of repositories that are allowed to be enabled, and/or audit enabled repositories and disable pull_requests if they are not needed.[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39395
MISC
MISC
MISC
MISC
MISC
CONFIRM
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]gpac – gpac[/LEFT][/TD]
[TD][LEFT]A vulnerability classified as problematic was found in GPAC. Affected by this vulnerability is the function svg_parse_preserveaspectratio of the file scenegraph/svg_attributes.c of the component SVG Parser. The manipulation leads to memory leak. The attack can be launched remotely. The name of the patch is 2191e66aa7df750e8ef01781b1930bea87b713bb. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-213463.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3957
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]grafana – grafana[/LEFT][/TD]
[TD][LEFT]Grafana is an open-source platform for monitoring and observability. Versions prior to 9.2.4, or 8.5.15 on the 8.X branch, are subject to Improper Input Validation. Grafana admins can invite other members to the organization they are an admin for. When admins add members to the organization, non existing users get an email invite, existing members are added directly to the organization. When an invite link is sent, it allows users to sign up with whatever username/email address the user chooses and become a member of the organization. This introduces a vulnerability which can be used with malicious intent. This issue is patched in version 9.2.4, and has been backported to 8.5.15. There are no known workarounds.[/LEFT][/TD]
[TD][CENTER]2022-11-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39306
CONFIRM[/TD]
[/TR]
[TR]
[TD][LEFT]graphql – graphql[/LEFT][/TD]
[TD][LEFT]ezplatform-graphql is a GraphQL server implementation for Ibexa DXP and Ibexa Open Source. Versions prior to 2.3.12 and 1.0.13 are subject to Insecure Storage of Sensitive Information. Unauthenticated GraphQL queries for user accounts can expose password hashes of users that have created or modified content, typically administrators and editors. This issue has been patched in versions 2.3.12, and 1.0.13 on the 1.X branch. Users unable to upgrade can remove the “passwordHash” entry from “src/bundle/Resources/config/graphql/User.types.yaml” in the GraphQL package, and other properties like hash type, email, login if you prefer.[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41876
CONFIRM[/TD]
[/TR]
[TR]
[TD][LEFT]
hashicorp – nomad_enterprise
[/LEFT][/TD]

[TD][LEFT]HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 workload identity token can list non-sensitive metadata for paths under nomad/ that belong to other jobs in the same namespace. Fixed in 1.4.2.[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3866
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
hashicorp – nomad_enterprise
[/LEFT][/TD]

[TD][LEFT]HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 event stream subscribers using a token with TTL receive updates until token garbage is collected. Fixed in 1.4.2.[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3867
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]huawei – harmonyos[/LEFT][/TD]
[TD][LEFT]The iaware module has a vulnerability in thread security. Successful exploitation of this vulnerability will affect confidentiality, integrity, and availability.[/LEFT][/TD]
[TD][CENTER]2022-11-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-44551
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]huawei – harmonyos[/LEFT][/TD]
[TD][LEFT]The lock screen module has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability.[/LEFT][/TD]
[TD][CENTER]2022-11-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-44552
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]huawei – harmonyos[/LEFT][/TD]
[TD][LEFT]The HiView module has a vulnerability of not filtering third-party apps out when the HiView module traverses to invoke the system provider. Successful exploitation of this vulnerability may cause third-party apps to start periodically.[/LEFT][/TD]
[TD][CENTER]2022-11-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-44553
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]huawei – harmonyos[/LEFT][/TD]
[TD][LEFT]The power module has a vulnerability in permission verification. Successful exploitation of this vulnerability may cause abnormal status of a module on the device.[/LEFT][/TD]
[TD][CENTER]2022-11-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-44554
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]huawei – harmonyos[/LEFT][/TD]
[TD][LEFT]The DDMP/ODMF module has a service hijacking vulnerability. Successful exploit of this vulnerability may cause services to be unavailable.[/LEFT][/TD]
[TD][CENTER]2022-11-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-44555
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]huawei – harmonyos[/LEFT][/TD]
[TD][LEFT]The SmartTrimProcessEvent module has a vulnerability of obtaining the read and write permissions on arbitrary system files. Successful exploitation of this vulnerability may affect data confidentiality.[/LEFT][/TD]
[TD][CENTER]2022-11-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-44557
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]huawei – harmonyos[/LEFT][/TD]
[TD][LEFT]The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.[/LEFT][/TD]
[TD][CENTER]2022-11-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-44558
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]huawei – harmonyos[/LEFT][/TD]
[TD][LEFT]The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.[/LEFT][/TD]
[TD][CENTER]2022-11-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-44559
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]huawei – harmonyos[/LEFT][/TD]
[TD][LEFT]The launcher module has an Intent redirection vulnerability. Successful exploitation of this vulnerability may cause launcher module data to be modified.[/LEFT][/TD]
[TD][CENTER]2022-11-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-44560
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]huawei – harmonyos[/LEFT][/TD]
[TD][LEFT]The preset launcher module has a permission verification vulnerability. Successful exploitation of this vulnerability makes unauthorized apps add arbitrary widgets and shortcuts without interaction.[/LEFT][/TD]
[TD][CENTER]2022-11-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-44561
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
hyperledger – hyperledger_fabric
[/LEFT][/TD]

[TD][LEFT]Hyperledger Fabric 2.3 allows attackers to cause a denial of service (orderer crash) by repeatedly sending a crafted channel tx with the same Channel name. NOTE: the official Fabric with Raft prevents exploitation via a locking mechanism and a check for names that already exist.[/LEFT][/TD]
[TD][CENTER]2022-11-12[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-45196
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]ibm – cloud_pak_for_security[/LEFT][/TD]
[TD][LEFT]IBM Cloud Pak for Security (CP4S) 1.10.0.0 79and 1.10.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 233663.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-36776
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]ibm – cloud_pak_for_security[/LEFT][/TD]
[TD][LEFT]IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.2.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 233786.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-38387
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]ibm – multiple_products[/LEFT][/TD]
[TD][LEFT]IBM MQ 8.0, 9.0 LTS, 9.1 CD, 9.1 LTS, 9.2 CD, and 9.2 LTS could allow an authenticated and authorized user to cause a denial of service to the MQTT channels. IBM X-Force ID: 228335.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-31772
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]ibm – powervm_hypervisor[/LEFT][/TD]
[TD][LEFT]After performing a sequence of Power FW950, FW1010 maintenance operations a SRIOV network adapter can be improperly configured leading to desired VEPA configuration being disabled. IBM X-Force ID: 229695.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-34331
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]ibm – websphere_application_server[/LEFT][/TD]
[TD][LEFT]IBM WebSphere Application Server 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 236588.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-40750
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]inhand_networks-- inrouter302[/LEFT][/TD]
[TD][LEFT]The firmware of InHand Networks InRouter302 V3.5.45 introduces fixes for TALOS-2022-1472 and TALOS-2022-1474. The fixes are incomplete. An attacker can still perform, respectively, a privilege escalation and an information disclosure vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-11-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-25932
MISC
CONFIRM[/TD]
[/TR]
[TR]
[TD][LEFT]intel – advanced_link_analyzer_pro[/LEFT][/TD]
[TD][LEFT]Uncontrolled search path element in the Intel(R) Advanced Link Analyzer Pro before version 22.2 and Standard edition software before version 22.1.1 STD may allow an authenticated user to potentially enable escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-27638
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – amt[/LEFT][/TD]
[TD][LEFT]Improper authentication in subsystem for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow a privileged user to potentially enable escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2021-33159
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – amt[/LEFT][/TD]
[TD][LEFT]Improper authentication in firmware for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an unauthenticated user to potentially enable escalation of privilege via network access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-26845
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – amt[/LEFT][/TD]
[TD][LEFT]Null pointer dereference in firmware for Intel(R) AMT before version 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an unauthenticated user to potentially enable denial of service via network access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-27497
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
intel – amt
[/LEFT][/TD]

[TD][LEFT]Improper authentication in firmware for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an authenticated user to potentially enable escalation of privilege via network access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-29893
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
intel – dcm
[/LEFT][/TD]

[TD][LEFT]Protection mechanism failure in the Intel(R) DCM software before version 5.0 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-33942
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – distribution_of_openvino_toolkit[/LEFT][/TD]
[TD][LEFT]Improper input validation in the Intel(R) Distribution of OpenVINO™ Toolkit may allow an authenticated user to potentially enable denial of service via network access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2021-26251
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – ema[/LEFT][/TD]
[TD][LEFT]Cross-site scripting in the Intel(R) EMA software before version 1.8.0 may allow a privileged user to potentially enable escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-30297
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
intel – glorp
[/LEFT][/TD]

[TD][LEFT]Uncontrolled search path element in the Intel(R) Glorp software may allow an authenticated user to potentially enable escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-30548
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – hyperscan_library[/LEFT][/TD]
[TD][LEFT]Improper buffer restrictions in the Hyperscan library maintained by Intel(R) all versions downloaded before 04/29/2022 may allow an unauthenticated user to potentially enable escalation of privilege via network access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-29486
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – multiple_products[/LEFT][/TD]
[TD][LEFT]Improper authentication in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC Business, Intel(R) NUC Enthusiast, Intel(R) NUC Kits before version HN0067 may allow a privileged user to potentially enable escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-21794
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – multiple_products[/LEFT][/TD]
[TD][LEFT]Improper access control in the Intel(R) NUC HDMI Firmware Update Tool for NUC7i3DN, NUC7i5DN and NUC7i7DN before version 1.78.2.0.7 may allow an authenticated user to potentially enable escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-26024
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – multiple_products[/LEFT][/TD]
[TD][LEFT]Improper buffer restrictions in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC 8 Boards, Intel(R) NUC 8 Rugged Boards and Intel(R) NUC 8 Rugged Kits before version CHAPLCEL.0059 may allow a privileged user to potentially enable escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-26124
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – multiple_products[/LEFT][/TD]
[TD][LEFT]Insufficiently protected credentials in software in Intel(R) AMT SDK before version 16.0.4.1, Intel(R) EMA before version 1.7.1 and Intel(R) MC before version 2.3.2 may allow an authenticated user to potentially enable escalation of privilege via network access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-26341
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
intel – multiple_products
[/LEFT][/TD]

[TD][LEFT]Improper input validation in BIOS firmware for some Intel(R) NUC 11 Performance kits and Intel(R) NUC 11 Performance Mini PCs before version PATGL357.0042 may allow a privileged user to potentially enable escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-33176
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – multiple_products[/LEFT][/TD]
[TD][LEFT]Improper input validation in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC Kits before version TY0070 may allow a privileged user to potentially enable escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-34152
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – multiple_products[/LEFT][/TD]
[TD][LEFT]Insecure default variable initialization in BIOS firmware for some Intel(R) NUC Boards and Intel(R) NUC Kits before version MYi30060 may allow an authenticated user to potentially enable denial of service via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-36349
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
intel – multiple_products
[/LEFT][/TD]

[TD][LEFT]Improper authentication in BIOS firmware for some Intel(R) NUC Boards and Intel(R) NUC Kits before version MYi30060 may allow a privileged user to potentially enable escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-36370
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – multiple_products[/LEFT][/TD]
[TD][LEFT]Improper access control in BIOS firmware for some Intel(R) NUC 10 Performance Kits and Intel(R) NUC 10 Performance Mini PCs before version FNCML357.0053 may allow a privileged user to potentially enable escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-36789
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
intel – multiple_products
[/LEFT][/TD]

[TD][LEFT]Improper initialization in BIOS firmware for some Intel(R) NUC 11 Pro Kits and Intel(R) NUC 11 Pro Boards before version TNTGL357.0064 may allow an authenticated user to potentially enable escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-37334
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
intel – nuc
[/LEFT][/TD]

[TD][LEFT]Improper access control in BIOS firmware for some Intel(R) NUC 8 Compute Elements before version CBWHL357.0096 may allow a privileged user to potentially enable escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-35276
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
intel – nuc_11_compute_elements
[/LEFT][/TD]

[TD][LEFT]Improper input validation in BIOS firmware for some Intel(R) NUC 11 Compute Elements before version EBTGL357.0065 may allow a privileged user to potentially enable escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-38099
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
intel – nuc_kit_wireless_adapter
[/LEFT][/TD]

[TD][LEFT]Incorrect default permissions in the installer software for some Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-36377
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – nuc_kit_wireless_adapter[/LEFT][/TD]
[TD][LEFT]Uncontrolled search path in the installer software for some Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-36380
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – nuc_kit_wireless_adapter[/LEFT][/TD]
[TD][LEFT]Unquoted search path in the installer software for some Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-36384
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – nuc_kit_wireless_adapter[/LEFT][/TD]
[TD][LEFT]Path traversal in the installer software for some Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-36400
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – nuc_kits[/LEFT][/TD]
[TD][LEFT]Improper authentication in BIOS firmware[A1] for some Intel(R) NUC Kits before version RY0386 may allow an authenticated user to potentially enable escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-37345
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
intel – nuc_m15_laptop_kits
[/LEFT][/TD]

[TD][LEFT]Improper buffer restrictions in BIOS firmware for some Intel(R) NUC M15 Laptop Kits before version BCTGL357.0074 may allow a privileged user to potentially enable escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-32569
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – nucs[/LEFT][/TD]
[TD][LEFT]Improper access control in BIOS firmware for some Intel(R) NUCs before version INWHL357.0046 may allow a privileged user to potentially enable escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2021-33164
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – presentmon[/LEFT][/TD]
[TD][LEFT]Uncontrolled search path element in the PresentMon software maintained by Intel(R) before version 1.7.1 may allow an authenticated user to potentially enable escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-26086
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – processors[/LEFT][/TD]
[TD][LEFT]Time-of-check time-of-use race condition in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-21198
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – processors[/LEFT][/TD]
[TD][LEFT]Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-26006
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – proset/wireless_wifi[/LEFT][/TD]
[TD][LEFT]Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi software before version 22.140 may allow an unauthenticated user to potentially enable denial of service via adjacent access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-28667
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – quartus_prime_pro[/LEFT][/TD]
[TD][LEFT]XML injection in the Intel(R) Quartus Prime Pro and Standard edition software may allow an unauthenticated user to potentially enable information disclosure via network access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-27233
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – quartus_prime_standard[/LEFT][/TD]
[TD][LEFT]Uncontrolled search path element in the Intel(R) Quartus Prime Standard edition software before version 21.1 Patch 0.02std may allow an authenticated user to potentially enable escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-27187
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – sdp_tool[/LEFT][/TD]
[TD][LEFT]Improper authentication in the Intel(R) SDP Tool before version 3.0.0 may allow an unauthenticated user to potentially enable information disclosure via network access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-26508
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – server_board_m10jnp_family[/LEFT][/TD]
[TD][LEFT]Improper input validation in the firmware for some Intel(R) Server Board M10JNP Family before version 7.216 may allow a privileged user to potentially enable an escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2021-0185
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – server_board_m50cyp_family[/LEFT][/TD]
[TD][LEFT]Uncaught exception in the firmware for some Intel(R) Server Board M50CYP Family before version R01.01.0005 may allow a privileged user to potentially enable a denial of service via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-25917
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
intel – server_systems
[/LEFT][/TD]

[TD][LEFT]Improper input validation in the firmware for some Intel(R) Server Board S2600WF, Intel(R) Server System R1000WF and Intel(R) Server System R2000WF families before version R02.01.0014 may allow a privileged user to potentially enable an escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-30542
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – sgx_sdk[/LEFT][/TD]
[TD][LEFT]Premature release of resource during expected lifetime in the Intel(R) SGX SDK software may allow a privileged user to potentially enable information disclosure via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-27499
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – sps[/LEFT][/TD]
[TD][LEFT]Improper input validation in firmware for Intel(R) SPS before version SPS_E3_04.01.04.700.0 may allow an authenticated user to potentially enable denial of service via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-29466
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
intel – sps_chipsets
[/LEFT][/TD]

[TD][LEFT]Missing release of memory after effective lifetime in firmware for Intel(R) SPS before versions SPS_E3_06.00.03.035.0 may allow a privileged user to potentially enable denial of service via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-29515
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – support_android_application[/LEFT][/TD]
[TD][LEFT]Uncontrolled resource consumption in the Intel(R) Support Android application before version 22.02.28 may allow an authenticated user to potentially enable denial of service via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-30691
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
intel – support_android_application
[/LEFT][/TD]

[TD][LEFT]Incorrect default permissions in the Intel(R) Support Android application before version v22.02.28 may allow a privileged user to potentially enable information disclosure via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-36367
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – system_studio[/LEFT][/TD]
[TD][LEFT]Uncontrolled search path in the software installer for Intel(R) System Studio for all versions, may allow an authenticated user to potentially enable escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2021-33064
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – vtune_profiler[/LEFT][/TD]
[TD][LEFT]Uncontrolled search path in the Intel(R) VTune™ Profiler software before version 2022.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-26028
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – wapi[/LEFT][/TD]
[TD][LEFT]Improper access control in the Intel(R) WAPI Security software for Windows 10/11 before version 22.2150.0.1 may allow an authenticated user to potentially enable information disclosure via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-33973
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – xmm_7560_modem[/LEFT][/TD]
[TD][LEFT]Improper buffer restrictions in some Intel(R) XMM™ 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via physical access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-26045
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – xmm_7560_modem[/LEFT][/TD]
[TD][LEFT]Improper conditions check in some Intel(R) XMM™ 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-26079
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – xmm_7560_modem[/LEFT][/TD]
[TD][LEFT]Improper buffer restrictions in some Intel(R) XMM™ 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-26367
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – xmm_7560_modem[/LEFT][/TD]
[TD][LEFT]Out-of-bounds read in some Intel(R) XMM™ 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via adjacent access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-26369
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – xmm_7560_modem[/LEFT][/TD]
[TD][LEFT]Out-of-bounds write in some Intel(R) XMM™ 7560 Modem software before version M2_7560_R_01.2146.00 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-26513
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – xmm_7560_modem[/LEFT][/TD]
[TD][LEFT]Incomplete cleanup in some Intel(R) XMM™ 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via adjacent access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-27639
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – xmm_7560_modem[/LEFT][/TD]
[TD][LEFT]Improper authentication in some Intel(R) XMM™ 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via physical access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-27874
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – xmm_7560_modem[/LEFT][/TD]
[TD][LEFT]Improper input validation in some Intel(R) XMM™ 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-28126
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – xmm_7560_modem[/LEFT][/TD]
[TD][LEFT]Improper input validation in some Intel(R) XMM™ 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via physical access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-28611
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]intel – multiple_products
[/LEFT][/TD]
[TD][LEFT]Improper input validation for some Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and Killer™ WiFi products may allow unauthenticated user to potentially enable denial of service via local access.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-26047
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
istio – istio
[/LEFT][/TD]

[TD][LEFT]Istio is an open platform to connect, manage, and secure microservices. In versions on the 1.15.x branch prior to 1.15.3, a user can impersonate any workload identity within the service mesh if they have localhost access to the Istiod control plane. Version 1.15.3 contains a patch for this issue. There are no known workarounds.[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39388
CONFIRM
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
jerryhanjj – erp
[/LEFT][/TD]

[TD][LEFT]A vulnerability was found in jerryhanjj ERP. It has been declared as critical. Affected by this vulnerability is the function uploadImages of the file application/controllers/basedata/inventory.php of the component Commodity Management. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-213451.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3944
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]
kareadita – kavita
[/LEFT][/TD]

[TD][LEFT]Improper Restriction of Excessive Authentication Attempts in GitHub repository kareadita/kavita prior to 0.6.0.3.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3945
CONFIRM
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
lanyulei – ferry
[/LEFT][/TD]

[TD][LEFT]A vulnerability, which was classified as critical, has been found in lanyulei ferry. Affected by this issue is some unknown functionality of the file apis/public/file.go of the component API. The manipulation of the argument file leads to path traversal. The attack may be launched remotely. VDB-213446 is the identifier assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3939
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]
lanyulei – ferry
[/LEFT][/TD]

[TD][LEFT]A vulnerability, which was classified as problematic, was found in lanyulei ferry. This affects an unknown part of the file apis/process/task.go. The manipulation of the argument file_name leads to path traversal. The associated identifier of this vulnerability is VDB-213447.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3940
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]
lin-cms – lin-cms
[/LEFT][/TD]

[TD][LEFT]An authentication bypass in Lin-CMS v0.2.1 allows attackers to escalate privileges to Super Administrator.[/LEFT][/TD]
[TD][CENTER]2022-11-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-44244
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]manageengine – mobile_device_manager_plus[/LEFT][/TD]
[TD][LEFT]In Zoho ManageEngine Mobile Device Manager Plus before 10.1.2207.5, the User Administration module allows privilege escalation.[/LEFT][/TD]
[TD][CENTER]2022-11-12[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41339
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]manageengine – multiple_products[/LEFT][/TD]
[TD][LEFT]Zoho ManageEngine Password Manager Pro before 12122, PAM360 before 5711, and Access Manager Plus before 4306 allow SQL Injection.[/LEFT][/TD]
[TD][CENTER]2022-11-12[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-43671
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]manageengine – multiple_products[/LEFT][/TD]
[TD][LEFT]Zoho ManageEngine Password Manager Pro before 12122, PAM360 before 5711, and Access Manager Plus before 4306 allow SQL Injection (in a different software component relative to CVE-2022-43671.[/LEFT][/TD]
[TD][CENTER]2022-11-12[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-43672
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
manageengine – servicedesk_plus_msp
[/LEFT][/TD]

[TD][LEFT]Zoho ManageEngine ServiceDesk Plus MSP before 10609 and SupportCenter Plus before 11025 are vulnerable to privilege escalation. This allows users to obtain sensitive data during an exportMickeyList export of requests from the list view.[/LEFT][/TD]
[TD][CENTER]2022-11-12[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-40773
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
mitsubishi_electric – multiple_products
[/LEFT][/TD]

[TD][LEFT]Cleartext Transmission of Sensitive Information vulnerability due to the use of Basic Authentication for HTTP connections in Mitsubishi Electric consumer electronics products (PHOTOVOLTAIC COLOR MONITOR ECO-GUIDE, HEMS adapter, Wi-Fi Interface, Air Conditioning, Induction hob, Mitsubishi Electric HEMS Energy Measurement Unit, Refrigerator, Remote control with Wi-Fi Interface, BATHROOM THERMO VENTILATOR, Rice cooker, Mitsubishi Electric HEMS control adapter, Energy Recovery Ventilator, Smart Switch, Ventilating Fan, Range hood fan, Energy Measurement Unit and Air Purifier) allows a remote unauthenticated attacker to disclose information in the products or cause a denial of service (DoS) condition as a result by sniffing credential information (username and password). The wide range of models/versions of Mitsubishi Electric consumer electronics products are affected by this vulnerability. As for the affected product models/versions, see the Mitsubishi Electric’s advisory which is listed in [References] section.[/LEFT][/TD]
[TD][CENTER]2022-11-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-33321
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
mitsubishi_electric – multiple_products
[/LEFT][/TD]

[TD][LEFT]Cross-site scripting vulnerability in Mitsubishi Electric consumer electronics products (Air Conditioning, Wi-Fi Interface, Refrigerator, HEMS adapter, Remote control with Wi-Fi Interface, BATHROOM THERMO VENTILATOR, Rice cooker, Mitsubishi Electric HEMS control adapter, Energy Recovery Ventilator, Smart Switch and Air Purifier) allows a remote unauthenticated attacker to execute an malicious script on a user’s browser to disclose information, etc. The wide range of models/versions of Mitsubishi Electric consumer electronics products are affected by this vulnerability. As for the affected product models/versions, see the Mitsubishi Electric’s advisory which is listed in [References] section.[/LEFT][/TD]
[TD][CENTER]2022-11-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-33322
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]mm-wki – mm-wki[/LEFT][/TD]
[TD][LEFT]mm-wki v0.2.1 is vulnerable to Cross Site Scripting (XSS).[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2021-40289
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]netatalk – netatalk[/LEFT][/TD]
[TD][LEFT]Netatalk through 3.1.13 has an afp_getappl heap-based buffer overflow resulting in code execution via a crafted .appl file. This provides remote root access on some platforms such as FreeBSD (used for TrueNAS).[/LEFT][/TD]
[TD][CENTER]2022-11-12[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-45188
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
nextcloud – desktop_client
[/LEFT][/TD]

[TD][LEFT]The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. In version 3.6.0, if a user received a malicious file share and has it synced locally or the virtual filesystem enabled and clicked a nc://open/ link it will open the default editor for the file type of the shared file, which on Windows can also sometimes mean that a file depending on the type, e.g. “vbs”, is being executed. It is recommended that the Nextcloud Desktop client is upgraded to version 3.6.1. As a workaround, users can block the Nextcloud Desktop client 3.6.0 by setting the [ICODE]minimum.supported.desktop.version[/ICODE] system config to [ICODE]3.6.1[/ICODE] on the server, so new files designed to use this attack vector are not downloaded anymore. Already existing files can still be used. Another workaround would be to enforce shares to be accepted by setting the [ICODE]sharing.force_share_accept[/ICODE] system config to [ICODE]true[/ICODE] on the server, so new files designed to use this attack vector are not downloaded anymore. Already existing shares can still be abused.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41882
MISC
CONFIRM
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]novell_products – multiple_products[/LEFT][/TD]
[TD][LEFT]A Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in spacewalk/Uyuni of SUSE Linux Enterprise Module for SUSE Manager Server 4.2, SUSE Linux Enterprise Module for SUSE Manager Server 4.3, SUSE Manager Server 4.2 allows remote attackers to read files available to the user running the process, typically tomcat. This issue affects: SUSE Linux Enterprise Module for SUSE Manager Server 4.2 hub-xmlrpc-api-0.7-150300.3.9.2, inter-server-sync-0.2.4-150300.8.25.2, locale-formula-0.3-150300.3.3.2, py27-compat-salt-3000.3-150300.7.7.26.2, python-urlgrabber-3.10.2.1py2_3-150300.3.3.2, spacecmd-4.2.20-150300.4.30.2, spacewalk-backend-4.2.25-150300.4.32.4, spacewalk-client-tools-4.2.21-150300.4.27.3, spacewalk-java-4.2.43-150300.3.48.2, spacewalk-utils-4.2.18-150300.3.21.2, spacewalk-web-4.2.30-150300.3.30.3, susemanager-4.2.38-150300.3.44.3, susemanager-doc-indexes-4.2-150300.12.36.3, susemanager-docs_en-4.2-150300.12.36.2, susemanager-schema-4.2.25-150300.3.30.3, susemanager-sls versions prior to 4.2.28. SUSE Linux Enterprise Module for SUSE Manager Server 4.3 spacewalk-java versions prior to 4.3.39. SUSE Manager Server 4.2 release-notes-susemanager versions prior to 4.2.10.[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-43753
CONFIRM[/TD]
[/TR]
[TR]
[TD][LEFT]novell_products – multiple_products[/LEFT][/TD]
[TD][LEFT]An Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in spacewalk/Uyuni of SUSE Linux Enterprise Module for SUSE Manager Server 4.2, SUSE Linux Enterprise Module for SUSE Manager Server 4.3, SUSE Manager Server 4.2 allows remote attackers to embed Javascript code via /rhn/audit/scap/Search.do This issue affects: SUSE Linux Enterprise Module for SUSE Manager Server 4.2 hub-xmlrpc-api-0.7-150300.3.9.2, inter-server-sync-0.2.4-150300.8.25.2, locale-formula-0.3-150300.3.3.2, py27-compat-salt-3000.3-150300.7.7.26.2, python-urlgrabber-3.10.2.1py2_3-150300.3.3.2, spacecmd-4.2.20-150300.4.30.2, spacewalk-backend-4.2.25-150300.4.32.4, spacewalk-client-tools-4.2.21-150300.4.27.3, spacewalk-java-4.2.43-150300.3.48.2, spacewalk-utils-4.2.18-150300.3.21.2, spacewalk-web-4.2.30-150300.3.30.3, susemanager-4.2.38-150300.3.44.3, susemanager-doc-indexes-4.2-150300.12.36.3, susemanager-docs_en-4.2-150300.12.36.2, susemanager-schema-4.2.25-150300.3.30.3, susemanager-sls versions prior to 4.2.28. SUSE Linux Enterprise Module for SUSE Manager Server 4.3 spacewalk-java versions prior to 4.3.39. SUSE Manager Server 4.2 release-notes-susemanager versions prior to 4.2.10.[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-43754
CONFIRM[/TD]
[/TR]
[TR]
[TD][LEFT]
opensearch – opensearch_notifications
[/LEFT][/TD]

[TD][LEFT]OpenSearch Notifications is a notifications plugin for OpenSearch that enables other plugins to send notifications via Email, Slack, Amazon Chime, Custom web-hook etc channels. A potential SSRF issue in OpenSearch Notifications Plugin 2.2.0 and below could allow an existing privileged user to enumerate listening services or interact with configured resources via HTTP requests exceeding the Notification plugin’s intended scope. OpenSearch 2.2.1+ contains the fix for this issue. There are currently no recommended workarounds.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41906
MISC
CONFIRM
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]owncloud – server[/LEFT][/TD]
[TD][LEFT]The Docker image of ownCloud Server through 10.11 contains a misconfiguration that renders the trusted_domains config useless. This could be abused to spoof the URL in password-reset e-mail messages.[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-43679
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]parse_server – parse_server[/LEFT][/TD]
[TD][LEFT]Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In versions prior to 5.3.2 or 4.10.19, keywords that are specified in the Parse Server option [ICODE]requestKeywordDenylist[/ICODE] can be injected via Cloud Code Webhooks or Triggers. This will result in the keyword being saved to the database, bypassing the [ICODE]requestKeywordDenylist[/ICODE] option. This issue is fixed in versions 4.10.19, and 5.3.2. If upgrade is not possible, the following Workarounds may be applied: Configure your firewall to only allow trusted servers to make request to the Parse Server Cloud Code Webhooks API, or block the API completely if you are not using the feature.[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41878
CONFIRM[/TD]
[/TR]
[TR]
[TD][LEFT]parse_server – parse_server[/LEFT][/TD]
[TD][LEFT]Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In versions prior to 5.3.3 or 4.10.20, a compromised Parse Server Cloud Code Webhook target endpoint allows an attacker to use prototype pollution to bypass the Parse Server [ICODE]requestKeywordDenylist[/ICODE] option. This issue has been patched in versions 5.3.3 and 4.10.20. There are no known workarounds.[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41879
CONFIRM[/TD]
[/TR]
[TR]
[TD][LEFT]payara – payara[/LEFT][/TD]
[TD][LEFT]Payara before 2022-11-04, when deployed to the root context, allows attackers to visit META-INF and WEB-INF, a different vulnerability than CVE-2022-37422. This affects Payara Platform Community before 4.1.2.191.38, 5.x before 5.2022.4, and 6.x before 6.2022.1, and Payara Platform Enterprise before 5.45.0.[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-45129
MISC
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]pi-star – pi-star_dv_dash[/LEFT][/TD]
[TD][LEFT]Pi-Star_DV_Dash (for Pi-Star DV) before 5aa194d mishandles the module parameter.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-45182
MISC
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
portofino – manydesigns
[/LEFT][/TD]

[TD][LEFT]A vulnerability has been found in ManyDesigns Portofino 5.3.2 and classified as problematic. Affected by this vulnerability is the function createTempDir of the file WarFileLauncher.java. The manipulation leads to creation of temporary file in directory with insecure permissions. Upgrading to version 5.3.3 is able to address this issue. The name of the patch is 94653cb357806c9cf24d8d294e6afea33f8f0775. It is recommended to upgrade the affected component. The identifier VDB-213457 was assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3952
N/A
N/A
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]prestashop – eu_cookie_law_gdpr_module[/LEFT][/TD]
[TD][LEFT]The EU Cookie Law GDPR (Banner + Blocker) module before 2.1.3 for PrestaShop allows SQL Injection via a cookie ( lgcookieslaw or __lglaw ).[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-44727
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]redex – redex[/LEFT][/TD]
[TD][LEFT]DexLoader function get_stringidx_fromdex() in Redex prior to commit 3b44c64 can load an out of bound address when loading the string index table, potentially allowing remote code execution during processing of a 3rd party Android APK file.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-36938
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
sandisk – multiple_products
[/LEFT][/TD]

[TD][LEFT]Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability was discovered via an HTTP API on Western Digital My Cloud Home; My Cloud Home Duo; and SanDisk ibi devices that could allow an attacker to abuse certain parameters to point to random locations on the file system. This could also allow the attacker to initiate the installation of custom packages at these locations. This can only be exploited once the attacker has been authenticated to the device. This issue affects: Western Digital My Cloud Home and My Cloud Home Duo versions prior to 8.11.0-113 on Linux; SanDisk ibi versions prior to 8.11.0-113 on Linux.[/LEFT][/TD]
[TD][CENTER]2022-11-09[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-29836
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
sanluan – publiccms
[/LEFT][/TD]

[TD][LEFT]A vulnerability, which was classified as problematic, was found in sanluan PublicCMS. Affected is the function initLink of the file dwz.min.js of the component Tab Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is a972dc9b1c94aea2d84478bf26283904c21e4ca2. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-213456.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3950
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]simplex – simplexmq[/LEFT][/TD]
[TD][LEFT]SimpleXMQ before 3.4.0, as used in SimpleX Chat before 4.2, does not apply a key derivation function to intended data, which can interfere with forward secrecy and can have other impacts if there is a compromise of a single private key. This occurs in the X3DH key exchange for the double ratchet protocol.[/LEFT][/TD]
[TD][CENTER]2022-11-12[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-45195
MISC
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]snakeyaml – snakeyaml[/LEFT][/TD]
[TD][LEFT]Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41854
CONFIRM[/TD]
[/TR]
[TR]
[TD][LEFT]
sourcecodester – sanitization_management_system
[/LEFT][/TD]

[TD][LEFT]A vulnerability was found in SourceCodester Sanitization Management System and classified as problematic. This issue affects some unknown processing of the file php-sms/?p=request_quote. The manipulation leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-213449 was assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3942
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]sourcecodester – simple_cashiering_system[/LEFT][/TD]
[TD][LEFT]A vulnerability, which was classified as problematic, has been found in Sourcecodester Simple Cashiering System. This issue affects some unknown processing of the component User Account Handler. The manipulation of the argument fullname leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-213455.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3949
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]suse – multiple_products[/LEFT][/TD]
[TD][LEFT]An Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in spacewalk/Uyuni of SUSE Linux Enterprise Module for SUSE Manager Server 4.2, SUSE Linux Enterprise Module for SUSE Manager Server 4.3, SUSE Manager Server 4.2 allows remote attackers to read files available to the user running the process, typically tomcat. This issue affects: SUSE Linux Enterprise Module for SUSE Manager Server 4.2 hub-xmlrpc-api-0.7-150300.3.9.2, inter-server-sync-0.2.4-150300.8.25.2, locale-formula-0.3-150300.3.3.2, py27-compat-salt-3000.3-150300.7.7.26.2, python-urlgrabber-3.10.2.1py2_3-150300.3.3.2, spacecmd-4.2.20-150300.4.30.2, spacewalk-backend-4.2.25-150300.4.32.4, spacewalk-client-tools-4.2.21-150300.4.27.3, spacewalk-java-4.2.43-150300.3.48.2, spacewalk-utils-4.2.18-150300.3.21.2, spacewalk-web-4.2.30-150300.3.30.3, susemanager-4.2.38-150300.3.44.3, susemanager-doc-indexes-4.2-150300.12.36.3, susemanager-docs_en-4.2-150300.12.36.2, susemanager-schema-4.2.25-150300.3.30.3, susemanager-sls versions prior to 4.2.28. SUSE Linux Enterprise Module for SUSE Manager Server 4.3 spacewalk-java versions prior to 4.3.39. SUSE Manager Server 4.2 release-notes-susemanager versions prior to 4.2.10.[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-31255
CONFIRM[/TD]
[/TR]
[TR]
[TD][LEFT]
sysstat – sa_common.c
[/LEFT][/TD]

[TD][LEFT]sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1, allocate_structures contains a size_t overflow in sa_common.c. The allocate_structures function insufficiently checks bounds before arithmetic multiplication, allowing for an overflow in the size allocated for the buffer representing system activities. This issue may lead to Remote Code Execution (RCE). This issue has been patched in version 12.7.1.[/LEFT][/TD]
[TD][CENTER]2022-11-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39377
CONFIRM[/TD]
[/TR]
[TR]
[TD][LEFT]
tauri – tauri
[/LEFT][/TD]

[TD][LEFT]Tauri is a framework for building binaries for all major desktop platforms. In versions prior to 1.0.7 and 1.1.2, Tauri is vulnerable to an Incorrectly-Resolved Name. Due to incorrect escaping of special characters in paths selected via the file dialog and drag and drop functionality, it is possible to partially bypass the [ICODE]fs[/ICODE] scope definition. It is not possible to traverse into arbitrary paths, as the issue is limited to neighboring files and sub folders of already allowed paths. The impact differs on Windows, MacOS and Linux due to different specifications of valid path characters. This bypass depends on the file picker dialog or dragged files, as user selected paths are automatically added to the allow list at runtime. A successful bypass requires the user to select a pre-existing malicious file or directory during the file picker dialog and an adversary controlled logic to access these files. The issue has been patched in versions 1.0.7, 1.1.2 and 1.2.0. As a workaround, disable the dialog and fileDropEnabled component inside the tauri.conf.json.[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41874
CONFIRM[/TD]
[/TR]
[TR]
[TD][LEFT]
tholum – crm42
[/LEFT][/TD]

[TD][LEFT]A vulnerability was found in tholum crm42. It has been rated as critical. This issue affects some unknown processing of the file crm42\class\class.user.php of the component Login. The manipulation of the argument user_name leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-213461 was assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3955
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]tsruban – hhims[/LEFT][/TD]
[TD][LEFT]A vulnerability classified as critical has been found in tsruban HHIMS 2.1. Affected is an unknown function of the component Patient Portrait Handler. The manipulation of the argument PID leads to sql injection. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. VDB-213462 is the identifier assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3956
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]unmarshal – unmarshal[/LEFT][/TD]
[TD][LEFT]Unmarshal can panic on some inputs, possibly allowing for denial of service attacks.[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41719
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]wasmtime – webassembly[/LEFT][/TD]
[TD][LEFT]Wasmtime is a standalone runtime for WebAssembly. Prior to version 2.0.2, there is a bug in Wasmtime’s implementation of its pooling instance allocator when the allocator is configured to give WebAssembly instances a maximum of zero pages of memory. In this configuration, the virtual memory mapping for WebAssembly memories did not meet the compiler-required configuration requirements for safely executing WebAssembly modules. Wasmtime’s default settings require virtual memory page faults to indicate that wasm reads/writes are out-of-bounds, but the pooling allocator’s configuration would not create an appropriate virtual memory mapping for this meaning out of bounds reads/writes can successfully read/write memory unrelated to the wasm sandbox within range of the base address of the memory mapping created by the pooling allocator. This bug is not applicable with the default settings of the [ICODE]wasmtime[/ICODE] crate. This bug can only be triggered by setting [ICODE]InstanceLimits::memory_pages[/ICODE] to zero. This is expected to be a very rare configuration since this means that wasm modules cannot allocate any pages of linear memory. All wasm modules produced by all current toolchains are highly likely to use linear memory, so it’s expected to be unlikely that this configuration is set to zero by any production embedding of Wasmtime. This bug has been patched and users should upgrade to Wasmtime 2.0.2. This bug can be worked around by increasing the [ICODE]memory_pages[/ICODE] allotment when configuring the pooling allocator to a value greater than zero. If an embedding wishes to still prevent memory from actually being used then the [ICODE]Store::limiter[/ICODE] method can be used to dynamically disallow growth of memory beyond 0 bytes large. Note that the default [ICODE]memory_pages[/ICODE] value is greater than zero.[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39392
CONFIRM
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]wasmtime – webassembly[/LEFT][/TD]
[TD][LEFT]Wasmtime is a standalone runtime for WebAssembly. Prior to version 2.0.2, there is a bug in Wasmtime’s implementation of its pooling instance allocator where when a linear memory is reused for another instance the initial heap snapshot of the prior instance can be visible, erroneously to the next instance. This bug has been patched and users should upgrade to Wasmtime 2.0.2. Other mitigations include disabling the pooling allocator and disabling the [ICODE]memory-init-cow[/ICODE].[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39393
MISC
CONFIRM[/TD]
[/TR]
[TR]
[TD][LEFT]wasmtime – webassembly[/LEFT][/TD]
[TD][LEFT]Wasmtime is a standalone runtime for WebAssembly. Prior to version 2.0.2, there is a bug in Wasmtime’s C API implementation where the definition of the [ICODE]wasmtime_trap_code[/ICODE] does not match its declared signature in the [ICODE]wasmtime/trap.h[/ICODE] header file. This discrepancy causes the function implementation to perform a 4-byte write into a 1-byte buffer provided by the caller. This can lead to three zero bytes being written beyond the 1-byte location provided by the caller. This bug has been patched and users should upgrade to Wasmtime 2.0.2. This bug can be worked around by providing a 4-byte buffer casted to a 1-byte buffer when calling [ICODE]wasmtime_trap_code[/ICODE]. Users of the [ICODE]wasmtime[/ICODE] crate are not affected by this issue, only users of the C API function [ICODE]wasmtime_trap_code[/ICODE] are affected.[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39394
CONFIRM
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]wiesemann_&_theis – comserver[/LEFT][/TD]
[TD][LEFT]Multiple W&T products of the Comserver Series use a small number space for allocating sessions ids. An unathenticated remote attacker can brute force the session id and gets access to an account on the the device.[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42787
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]wordpress – wordpress[/LEFT][/TD]
[TD][LEFT]A vulnerability has been found in Activity Log Plugin and classified as critical. This vulnerability affects unknown code of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to improper output neutralization for logs. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-213448.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3941
N/A
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]wordpress – wordpress[/LEFT][/TD]
[TD][LEFT]Broken Access Control vulnerability leading to Stored Cross-Site Scripting (XSS) in Traffic Manager plugin <= 1.4.5 on WordPress.[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42460
CONFIRM
CONFIRM[/TD]
[/TR]
[TR]
[TD][LEFT]
wsgidav – wsgidav
[/LEFT][/TD]

[TD][LEFT]WsgiDAV is a generic and extendable WebDAV server based on WSGI. Implementations using this library with directory browsing enabled may be susceptible to Cross Site Scripting (XSS) attacks. This issue has been patched, users can upgrade to version 4.1.0. As a workaround, set [ICODE]dir_browser.enable = False[/ICODE] in the configuration.[/LEFT][/TD]
[TD][CENTER]2022-11-11[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41905
MISC
CONFIRM[/TD]
[/TR]
[TR]
[TD][LEFT]xpdfreader – xpdfreader[/LEFT][/TD]
[TD][LEFT]xpdfreader 4.03 is vulnerable to Buffer Overflow.[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2021-40226
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]xterm – xterm[/LEFT][/TD]
[TD][LEFT]xterm before 375 allows code execution via font ops, e.g., because an OSC 50 response may have Ctrl-g and therefore lead to command execution within the vi line-editing mode of Zsh. NOTE: font ops are not allowed in the xterm default configurations of some Linux distributions.[/LEFT][/TD]
[TD][CENTER]2022-11-10[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-45063
MISC
MISC
MISC
MLIST
MLIST[/TD]
[/TR]
[/TABLE][/CENTER]
Back to top

This product is provided subject to this Notification and this Privacy & Use policy.

Continue reading…