Original release date: October 11, 2022

High Vulnerabilities

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD][LEFT]actian -- psql[/LEFT][/TD] [TD][LEFT]If folder security is misconfigured for Actian Zen PSQL BEFORE Patch Update 1 for Zen 15 SP1 (v15.11.005), Patch Update 4 for Zen 15 (v15.01.017), or Patch Update 5 for Zen 14 SP2 (v14.21.022), it can allow an attacker (with file read/write access) to remove specific security files in order to reset the master password and gain access to the database.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40756&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40756]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40756') [MISC]('https://www.actian.com/support-services/') [MISC]('https://actian.my.salesforce.com/sfc/p/#300000001XnW/a/4y000000LhjZ/s7Hk0dFM1Z9nLuAPa50rMaZie7mqCR5u33NZFbdKT7Q')[/TD] [/TR] [TR] [TD][LEFT]apache -- airflow[/LEFT][/TD] [TD][LEFT]In Apache Airflow, prior to version 2.4.1, deactivating a user wouldn't prevent an already authenticated user from being able to continue using the UI or API.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41672&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-41672]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41672') [CONFIRM]('https://github.com/apache/airflow/pull/26635') [CONFIRM]('https://lists.apache.org/thread/ohf3pvd3dftb8zb01yngbn1jtkq5m08y')[/TD] [/TR] [TR] [TD][LEFT]apache -- commons_jxpath[/LEFT][/TD] [TD][LEFT]Those using JXPath to interpret untrusted XPath expressions may be vulnerable to a remote code execution attack. All JXPathContext class functions processing a XPath string are vulnerable except compile() and compilePath() function. The XPath expression can be used by an attacker to load any Java class from the classpath resulting in code execution.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41852&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41852]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41852') [MISC]('https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47133')[/TD] [/TR] [TR] [TD][LEFT]arubanetworks -- instant[/LEFT][/TD] [TD][LEFT]There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user on the underlying operating system of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS 8.6.x: 8.6.0.18 and below; Aruba InstantOS 8.7.x: 8.7.1.9 and below; Aruba InstantOS 8.10.x: 8.10.0.1 and below; ArubaOS 10.3.x: 10.3.1.0 and below; Aruba has released upgrades for Aruba InnstantOS that address these security vulnerabilities.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37888&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-37888]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37888') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-014.txt')[/TD] [/TR] [TR] [TD][LEFT]asus -- rt-ax56u_firmware[/LEFT][/TD] [TD][LEFT]A stack overflow vulnerability exists in the httpd service in ASUS RT-AX56U Router Version 3.0.0.4.386.44266. This vulnerability is caused by the strcat function called by "caupload" input handle function allowing the user to enter 0xFFFF bytes into the stack. This vulnerability allows an attacker to execute commands remotely. The vulnerability requires authentication.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-40556&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2021-40556]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-40556') [CONFIRM]('https://www.asus.com/tw/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX56U/HelpDesk_BIOS/') [MISC]('https://x1ng.top/2021/10/14/ASUS%E6%A0%88%E6%BA%A2%E5%87%BA%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/')[/TD] [/TR] [TR] [TD][LEFT]autodesk -- autocad[/LEFT][/TD] [TD][LEFT]A maliciously crafted X_B, CATIA, and PDF file when parsed through Autodesk AutoCAD 2023 and 2022 can be used to write beyond the allocated buffer. This vulnerability can lead to arbitrary code execution.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-33885&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-33885]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-33885') [MISC]('https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0020')[/TD] [/TR] [TR] [TD][LEFT]autodesk -- autocad[/LEFT][/TD] [TD][LEFT]A maliciously crafted MODEL and SLDPRT file can be used to write beyond the allocated buffer while parsing through Autodesk AutoCAD 2023 and 2022. The vulnerability exists because the application fails to handle crafted MODEL and SLDPRT files, which causes an unhandled exception. An attacker can leverage this vulnerability to execute arbitrary code.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-33886&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-33886]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-33886') [MISC]('https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0020')[/TD] [/TR] [TR] [TD][LEFT]autodesk -- autocad[/LEFT][/TD] [TD][LEFT]A maliciously crafted PDF file when parsed through Autodesk AutoCAD 2023 causes an unhandled exception. An attacker can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code in the context of the current process.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-33887&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-33887]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-33887') [MISC]('https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0020')[/TD] [/TR] [TR] [TD][LEFT]autodesk -- autocad[/LEFT][/TD] [TD][LEFT]A malicious crafted Dwg2Spd file when processed through Autodesk DWG application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-33888&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-33888]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-33888') [MISC]('https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0020')[/TD] [/TR] [TR] [TD][LEFT]autodesk -- autocad[/LEFT][/TD] [TD][LEFT]Parsing a maliciously crafted X_B file can force Autodesk AutoCAD 2023 and 2022 to read beyond allocated boundaries. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-33884&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-33884]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-33884') [MISC]('https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0020')[/TD] [/TR] [TR] [TD][LEFT]autodesk -- autodesk_desktop[/LEFT][/TD] [TD][LEFT]Under certain conditions, an attacker could create an unintended sphere of control through a vulnerability present in file delete operation in Autodesk desktop app (ADA). An attacker could leverage this vulnerability to escalate privileges and execute arbitrary code.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-33882&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-33882]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-33882') [MISC]('https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0015')[/TD] [/TR] [TR] [TD][LEFT]autodesk -- design_review[/LEFT][/TD] [TD][LEFT]A maliciously crafted GIF or JPEG files when parsed through Autodesk Design Review 2018, and AutoCAD 2023 and 2022 could be used to write beyond the allocated heap buffer. This vulnerability could lead to arbitrary code execution.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-33889&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-33889]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-33889') [MISC]('https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0021')[/TD] [/TR] [TR] [TD][LEFT]autodesk -- design_review[/LEFT][/TD] [TD][LEFT]A maliciously crafted PCT or DWF file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-33890&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-33890]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-33890') [MISC]('https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0021')[/TD] [/TR] [TR] [TD][LEFT]autodesk -- moldflow_synergy[/LEFT][/TD] [TD][LEFT]A malicious crafted file consumed through Moldflow Synergy, Moldflow Adviser, Moldflow Communicator, and Advanced Material Exchange applications could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-33883&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-33883]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-33883') [MISC]('https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0019')[/TD] [/TR] [TR] [TD][LEFT]autodesk -- subassembly_composer[/LEFT][/TD] [TD][LEFT]A maliciously crafted PKT file when consumed through SubassemblyComposer.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41301&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41301]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41301') [MISC]('https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0018')[/TD] [/TR] [TR] [TD][LEFT]axiosys -- bento4[/LEFT][/TD] [TD][LEFT]Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadBits function in mp4mux.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41428&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41428]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41428') [MISC]('https://github.com/axiomatic-systems/Bento4/issues/773')[/TD] [/TR] [TR] [TD][LEFT]axiosys -- bento4[/LEFT][/TD] [TD][LEFT]Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_Atom::TypeFromString function in mp4tag.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41429&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41429]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41429') [MISC]('https://github.com/axiomatic-systems/Bento4/issues/773')[/TD] [/TR] [TR] [TD][LEFT]axiosys -- bento4[/LEFT][/TD] [TD][LEFT]Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadBit function in mp4mux.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41430&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41430]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41430') [MISC]('https://github.com/axiomatic-systems/Bento4/issues/773')[/TD] [/TR] [TR] [TD][LEFT]backdropcms -- backdrop_cms[/LEFT][/TD] [TD][LEFT]Backdrop CMS 1.22.0 has Unrestricted File Upload vulnerability via 'themes' that allows attackers to Remote Code Execution.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42092&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-42092]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42092') [MISC]('https://grimthereaperteam.medium.com/backdrop-cms-1-22-0-unrestricted-file-upload-themes-ad42a599561c')[/TD] [/TR] [TR] [TD][LEFT]billing_system_project_project -- billing_system_project[/LEFT][/TD] [TD][LEFT]Billing System Project v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the component /php_action/createProduct.php.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41437&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41437]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41437') [MISC]('https://github.com/chi645190147/bug_report/blob/main/vendors/mayuri_k/billing-system-project/RCE-1.md')[/TD] [/TR] [TR] [TD][LEFT]billing_system_project_project -- billing_system_project[/LEFT][/TD] [TD][LEFT]Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /phpinventory/edituser.php.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41439&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41439]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41439') [MISC]('https://github.com/chi645190147/bug_report/blob/main/vendors/mayuri_k/billing-system-project/SQLi-2.md')[/TD] [/TR] [TR] [TD][LEFT]billing_system_project_project -- billing_system_project[/LEFT][/TD] [TD][LEFT]Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /phpinventory/editcategory.php.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41440&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41440]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41440') [MISC]('https://github.com/chi645190147/bug_report/blob/main/vendors/mayuri_k/billing-system-project/SQLi-1.md')[/TD] [/TR] [TR] [TD][LEFT]bookingultrapro -- booking_ultra_pro_appointments_booking_calendar[/LEFT][/TD] [TD][LEFT]Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Booking Ultra Pro plugin <= 1.1.4 at WordPress.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-36854&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2021-36854]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-36854') [CONFIRM]('https://patchstack.com/database/vulnerability/booking-ultra-pro/wordpress-booking-ultra-pro-plugin-1-1-4-multiple-cross-site-request-forgery-csrf-vulnerabilities?_s_id=cve') [CONFIRM]('https://wordpress.org/plugins/booking-ultra-pro/')[/TD] [/TR] [TR] [TD][LEFT]bus_pass_management_system_project -- bus_pass_management_system[/LEFT][/TD] [TD][LEFT]Bus Pass Management System 1.0 was discovered to contain a SQL Injection vulnerability via the searchdata parameter at /buspassms/download-pass.php..[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-35156&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-35156]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-35156') [MISC]('http://bus.com') [MISC]('https://packetstormsecurity.com/files/168555/Bus-Pass-Management-System-1.0-Cross-Site-Scripting.html') [MISC]('http://phpgurukul.com')[/TD] [/TR] [TR] [TD][LEFT]cisco -- ios_xe[/LEFT][/TD] [TD][LEFT]A vulnerability in the DHCP processing functionality of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of DHCP messages. An attacker could exploit this vulnerability by sending malicious DHCP messages to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20847&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-20847]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20847') [CISCO]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-dhcp-dos-76pCjPxK')[/TD] [/TR] [TR] [TD][LEFT]cisco -- ios_xe[/LEFT][/TD] [TD][LEFT]A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of UDP datagrams. An attacker could exploit this vulnerability by sending malicious UDP datagrams to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20848&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-20848]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20848') [CISCO]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-udp-dos-XDyEwhNz')[/TD] [/TR] [TR] [TD][LEFT]cisco -- ios_xe[/LEFT][/TD] [TD][LEFT]A vulnerability in the processing of Control and Provisioning of Wireless Access Points (CAPWAP) Mobility messages in Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a logic error and improper management of resources related to the handling of CAPWAP Mobility messages. An attacker could exploit this vulnerability by sending crafted CAPWAP Mobility packets to an affected device. A successful exploit could allow the attacker to exhaust resources on the affected device. This would cause the device to reload, resulting in a DoS condition.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20856&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-20856]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20856') [CISCO]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9800-mob-dos-342YAc6J')[/TD] [/TR] [TR] [TD][LEFT]cisco -- ios_xe[/LEFT][/TD] [TD][LEFT]A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient input validation during processing of CIP packets. An attacker could exploit this vulnerability by sending a malformed CIP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20919&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-20919]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20919') [CISCO]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-cip-dos-9rTbKLt9')[/TD] [/TR] [TR] [TD][LEFT]cisco -- ios_xe[/LEFT][/TD] [TD][LEFT]A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI API. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. To exploit this vulnerability, an attacker must have valid Administrator privileges on the affected device.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20851&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20851]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20851') [CISCO]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-cmdinj-Gje47EMn')[/TD] [/TR] [TR] [TD][LEFT]cisco -- sd-wan_vbond_orchestrator[/LEFT][/TD] [TD][LEFT]Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these vulnerabilities by running a malicious command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20818&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20818]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20818') [CISCO]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF')[/TD] [/TR] [TR] [TD][LEFT]cisco -- sd-wan_vmanage[/LEFT][/TD] [TD][LEFT]Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these vulnerabilities by running a malicious command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20775&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20775]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20775') [CISCO]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF')[/TD] [/TR] [TR] [TD][LEFT]cisco -- sd-wan_vsmart_controller[/LEFT][/TD] [TD][LEFT]A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary file path information when using commands in the CLI of an affected device. A successful exploit could allow the attacker to delete arbitrary files from the file system of the affected device.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][7.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20850&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20850]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20850') [CISCO]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arb-file-delete-VB2rVcQv')[/TD] [/TR] [TR] [TD][LEFT]cloudflare -- goflow[/LEFT][/TD] [TD][LEFT]sflow decode package does not employ sufficient packet sanitisation which can lead to a denial of service attack. Attackers can craft malformed packets causing the process to consume large amounts of memory resulting in a denial of service.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2529&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-2529]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2529') [MISC]('https://github.com/cloudflare/goflow/security/advisories/GHSA-9rpw-2h95-666c')[/TD] [/TR] [TR] [TD][LEFT]codeigniter -- codeigniter[/LEFT][/TD] [TD][LEFT]B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where() function.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40824&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40824]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40824') [MISC]('https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md')[/TD] [/TR] [TR] [TD][LEFT]codeigniter -- codeigniter[/LEFT][/TD] [TD][LEFT]B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where_in() function.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40825&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40825]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40825') [MISC]('https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md')[/TD] [/TR] [TR] [TD][LEFT]codeigniter -- codeigniter[/LEFT][/TD] [TD][LEFT]B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_having() function.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40826&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40826]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40826') [MISC]('https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md')[/TD] [/TR] [TR] [TD][LEFT]codeigniter -- codeigniter[/LEFT][/TD] [TD][LEFT]B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where() function.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40827&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40827]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40827') [MISC]('https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md')[/TD] [/TR] [TR] [TD][LEFT]codeigniter -- codeigniter[/LEFT][/TD] [TD][LEFT]B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where_not_in() function.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40828&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40828]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40828') [MISC]('https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md')[/TD] [/TR] [TR] [TD][LEFT]codeigniter -- codeigniter[/LEFT][/TD] [TD][LEFT]B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_like() function.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40829&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40829]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40829') [MISC]('https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md')[/TD] [/TR] [TR] [TD][LEFT]codeigniter -- codeigniter[/LEFT][/TD] [TD][LEFT]B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where_not_in() function.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40830&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40830]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40830') [MISC]('https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md')[/TD] [/TR] [TR] [TD][LEFT]codeigniter -- codeigniter[/LEFT][/TD] [TD][LEFT]B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php like() function.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40831&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40831]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40831') [MISC]('https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md')[/TD] [/TR] [TR] [TD][LEFT]codeigniter -- codeigniter[/LEFT][/TD] [TD][LEFT]B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php having() function.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40832&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40832]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40832') [MISC]('https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md')[/TD] [/TR] [TR] [TD][LEFT]codeigniter -- codeigniter[/LEFT][/TD] [TD][LEFT]B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where_in() function.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40833&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40833]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40833') [MISC]('https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md')[/TD] [/TR] [TR] [TD][LEFT]codeigniter -- codeigniter[/LEFT][/TD] [TD][LEFT]B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_not_like() function.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40834&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40834]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40834') [MISC]('https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md')[/TD] [/TR] [TR] [TD][LEFT]codeigniter -- codeigniter[/LEFT][/TD] [TD][LEFT]B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40835&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40835]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40835') [MISC]('https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md')[/TD] [/TR] [TR] [TD][LEFT]creativedream_file_uploader_project -- creativedream_file_uploader[/LEFT][/TD] [TD][LEFT]Arbitrary file upload vulnerability in php uploader[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40721&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40721]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40721') [MISC]('http://www.vapidlabs.com/advisory.php?v=216') [MISC]('https://github.com/CreativeDream/php-uploader/issues/23,') [MLIST]('http://www.openwall.com/lists/oss-security/2022/10/03/3')[/TD] [/TR] [TR] [TD][LEFT]css-what_project -- css-what[/LEFT][/TD] [TD][LEFT]The package css-what before 2.1.3 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of insecure regular expression in the re_attr variable of index.js. The exploitation of this vulnerability could be triggered via the parse function.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-21222&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-21222]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-21222') [CONFIRM]('https://security.snyk.io/vuln/SNYK-JS-CSSWHAT-3035488') [CONFIRM]('https://github.com/fb55/css-what/blob/a38effd5a8f5506d75c7f8f13cbd8c76248a3860/index.js%23L12')[/TD] [/TR] [TR] [TD][LEFT]dairy_farm_shop_management_system_project -- dairy_farm_shop_management_system[/LEFT][/TD] [TD][LEFT]Dairy Farm Shop Management System 1.0 is vulnerable to SQL Injection via bwdate-report-ds.php file.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40943&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40943]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40943') [MISC]('https://github.com/Qrayyy/CVE/blob/main/Dairy%20Farm%20Shop%20Management%20System/bwdate-report-ds-sql(CVE-2022-40943).md') [MISC]('https://phpgurukul.com/dairy-farm-shop-management-system-using-php-and-mysql/')[/TD] [/TR] [TR] [TD][LEFT]dairy_farm_shop_management_system_project -- dairy_farm_shop_management_system[/LEFT][/TD] [TD][LEFT]Dairy Farm Shop Management System 1.0 is vulnerable to SQL Injection via sales-report-ds.php file.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40944&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40944]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40944') [MISC]('https://caicaizi.top/archives/9/') [MISC]('https://phpgurukul.com/dairy-farm-shop-management-system-using-php-and-mysql/') [MISC]('https://github.com/Qrayyy/CVE/blob/main/Dairy%20Farm%20Shop%20Management%20System/sales-report-ds-sql(CVE-2022-40944).md')[/TD] [/TR] [TR] [TD][LEFT]dedecms -- dedecms[/LEFT][/TD] [TD][LEFT]DedeCMS 5.7.98 has a file upload vulnerability in the background.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40886&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40886]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40886') [MISC]('https://github.com/Ephemeral1y/Vulnerability/blob/master/DedeCMS/5.7.98/DedeCMS-v5.7.98-RCE.md')[/TD] [/TR] [TR] [TD][LEFT]dell -- hybrid_client[/LEFT][/TD] [TD][LEFT]Dell Hybrid Client below 1.8 version contains a Zip Slip Vulnerability in UI. A guest privilege attacker could potentially exploit this vulnerability, leading to system files modification.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][7.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-34429&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-34429]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-34429') [MISC]('https://www.dell.com/support/kbdoc/en-us/000203345/dsa-2022-260-dell-hybrid-client-security-update-for-multiple-vulnerabilities')[/TD] [/TR] [TR] [TD][LEFT]fasterxml -- jackson-databind[/LEFT][/TD] [TD][LEFT]In FasterXML jackson-databind before 2.14.0-rc1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled.[/LEFT][/TD] [TD][CENTER]2022-10-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42003&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-42003]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42003') [MISC]('https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33') [MISC]('https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51020') [MISC]('https://github.com/FasterXML/jackson-databind/issues/3590')[/TD] [/TR] [TR] [TD][LEFT]fasterxml -- jackson-databind[/LEFT][/TD] [TD][LEFT]In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization.[/LEFT][/TD] [TD][CENTER]2022-10-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42004&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-42004]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42004') [MISC]('https://github.com/FasterXML/jackson-databind/issues/3582') [MISC]('https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50490') [MISC]('https://github.com/FasterXML/jackson-databind/commit/063183589218fec19a9293ed2f17ec53ea80ba88')[/TD] [/TR] [TR] [TD][LEFT]flyte -- flyteadmin[/LEFT][/TD] [TD][LEFT]FlyteAdmin is the control plane for the data processing platform Flyte. Users who enable the default Flyte’s authorization server without changing the default clientid hashes will be exposed to the public internet. In an effort to make enabling authentication easier for Flyte administrators, the default configuration for Flyte Admin allows access for Flyte Propeller even after turning on authentication via a hardcoded hashed password. This password is also set on the default Flyte Propeller configmap in the various Flyte Helm charts. Users who enable auth but do not override this setting in Flyte Admin’s configuration may unbeknownst to them be allowing public traffic in by way of this default password with attackers effectively impersonating propeller. This only applies to users who have not specified the ExternalAuthorizationServer setting. Usage of an external auth server automatically turns off this default configuration and are not susceptible to this vulnerability. This issue has been addressed in version 1.1.44. Users should manually set the staticClients in the selfAuthServer section of their configuration if they intend to rely on Admin’s internal auth server. Again, users who use an external auth server are automatically protected from this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39273&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-39273]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39273') [MISC]('https://github.com/flyteorg/flyteadmin/pull/478') [CONFIRM]('https://github.com/flyteorg/flyteadmin/security/advisories/GHSA-67x4-qr35-qvrm') [MISC]('https://docs.flyte.org/en/latest/deployment/cluster_config/auth_setup.html#oauth2-authorization-server')[/TD] [/TR] [TR] [TD][LEFT]generex -- cs141_firmware[/LEFT][/TD] [TD][LEFT]Generex CS141 before 2.08 allows remote command execution by administrators via a web interface that reaches run_update in /usr/bin/gxserve-update.sh (e.g., command execution can occur via a reverse shell installed by install.sh).[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42457&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-42457]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42457') [MISC]('https://www.generex.de/support/downloads/ups/cs141') [MISC]('https://www.generex.de/products/ups/') [MISC]('https://github.com/hubertfarnsworth12/Generex-CS141-Authenticated-Remote-Command-Execution')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]Improper protection in IOMMU prior to SMR Oct-2022 Release 1 allows unauthorized access to secure memory.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39854&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-39854]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39854') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=10')[/TD] [/TR] [TR] [TD][LEFT]gridea -- gridea[/LEFT][/TD] [TD][LEFT]Gridea version 0.9.3 allows an external attacker to execute arbitrary code remotely on any client attempting to view a malicious markdown file through Gridea. This is possible because the application has the 'nodeIntegration' option enabled.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40274&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40274]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40274') [MISC]('https://fluidattacks.com/advisories/marshmello/') [MISC]('https://github.com/getgridea/gridea')[/TD] [/TR] [TR] [TD][LEFT]hitachi -- storage_plug-in[/LEFT][/TD] [TD][LEFT]Incorrect Privilege Assignment vulnerability in Hitachi Storage Plug-in for VMware vCenter allows remote authenticated users to cause privilege escalation. This issue affects: Hitachi Storage Plug-in for VMware vCenter 04.8.0.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2637&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-2637]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2637') [MISC]('https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2022-131/index.html')[/TD] [/TR] [TR] [TD][LEFT]htmly -- htmly[/LEFT][/TD] [TD][LEFT]Directory Traversal vulnerability in htmly before 2.8.1 allows remote attackers to perform arbitrary file deletions via modified file parameter.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-33354&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H')[/CENTER][/TD] [TD][CVE-2021-33354]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-33354') [MISC]('https://github.com/danpros/htmly/issues/462')[/TD] [/TR] [TR] [TD][LEFT]ibm -- qradar_security_information_and_event_manager[/LEFT][/TD] [TD][LEFT]IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function correctly when using encrypted hosts which could result in information disclosure. IBM X-Force ID: 225889.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-22480&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-22480]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-22480') [XF]('https://exchange.xforce.ibmcloud.com/vulnerabilities/225889') [CONFIRM]('https://www.ibm.com/support/pages/node/6826695')[/TD] [/TR] [TR] [TD][LEFT]ibm -- websphere_automation_for_ibm_cloud_pak_for_watson_aiops[/LEFT][/TD] [TD][LEFT]IBM WebSphere Automation for Cloud Pak for Watson AIOps 1.4.2 is vulnerable to cross-site request forgery, caused by improper cookie attribute setting. IBM X-Force ID: 226449.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-22493&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-22493]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-22493') [XF]('https://exchange.xforce.ibmcloud.com/vulnerabilities/226449') [CONFIRM]('https://www.ibm.com/support/pages/node/6826727')[/TD] [/TR] [TR] [TD][LEFT]ikus-soft -- rdiffweb[/LEFT][/TD] [TD][LEFT]Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a4.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3273&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3273]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3273') [MISC]('https://github.com/ikus060/rdiffweb/commit/b5e3bb0a98268d18ceead36ab9b2b7eaacd659a8') [CONFIRM]('https://huntr.dev/bounties/a6df4bad-3382-4add-8918-760d885690f6')[/TD] [/TR] [TR] [TD][LEFT]ikus-soft -- rdiffweb[/LEFT][/TD] [TD][LEFT]Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a3.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3371&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-3371]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3371') [CONFIRM]('https://huntr.dev/bounties/4e8f6136-50c7-4fa1-ac98-699bcb7b35ce') [MISC]('https://github.com/ikus060/rdiffweb/commit/b62c479ff6979563c7c23e7182942bc4f460a2c7')[/TD] [/TR] [TR] [TD][LEFT]ikus-soft -- rdiffweb[/LEFT][/TD] [TD][LEFT]Path Traversal in GitHub repository ikus060/rdiffweb prior to 2.4.10.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3389&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-3389]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3389') [CONFIRM]('https://huntr.dev/bounties/f7d2a6ab-2faf-4719-bdb6-e4e5d6065752') [MISC]('https://github.com/ikus060/rdiffweb/commit/323383d1db656f1b1291be529947bd943a6b0e99')[/TD] [/TR] [TR] [TD][LEFT]innovaphone -- innovaphone_firmware[/LEFT][/TD] [TD][LEFT]AP Manager in Innovaphone before 13r2 Service Release 17 allows command injection via a modified service ID during app upload.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41870&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41870]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41870') [MISC]('http://wiki.innovaphone.com/index.php?title=Reference13r2:Release_Notes_Security')[/TD] [/TR] [TR] [TD][LEFT]joplinapp -- joplin[/LEFT][/TD] [TD][LEFT]Joplin version 2.8.8 allows an external attacker to execute arbitrary commands remotely on any client that opens a link in a malicious markdown file, via Joplin. This is possible because the application does not properly validate the schema/protocol of existing links in the markdown file before passing them to the 'shell.openExternal' function.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40277&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40277]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40277') [MISC]('https://github.com/laurent22/joplin') [MISC]('https://fluidattacks.com/advisories/skrillex/')[/TD] [/TR] [TR] [TD][LEFT]lighttpd -- lighttpd[/LEFT][/TD] [TD][LEFT]A resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use of mod_fastcgi is, for example, affected. This is fixed in 1.4.67.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41556&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41556]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41556') [MISC]('https://github.com/lighttpd/lighttpd1.4/pull/115') [MISC]('https://git.lighttpd.net/lighttpd/lighttpd1.4/commit/b18de6f9264f914f7bf493abd3b6059343548e50') [MISC]('https://github.com/lighttpd/lighttpd1.4/compare/lighttpd-1.4.66...lighttpd-1.4.67')[/TD] [/TR] [TR] [TD][LEFT]linuxfoundation -- dapr_dashboard[/LEFT][/TD] [TD][LEFT]Dapr Dashboard v0.1.0 through v0.10.0 is vulnerable to Incorrect Access Control that allows attackers to obtain sensitive data.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-38817&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-38817]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-38817') [MISC]('https://github.com/dapr/dashboard/issues/222') [MISC]('https://github.com/dapr/dashboard')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- exchange_server[/LEFT][/TD] [TD][LEFT]Microsoft Exchange Server Elevation of Privilege Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41040&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41040]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41040') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41040') [CERT-VN]('https://www.kb.cert.org/vuls/id/915563')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- exchange_server[/LEFT][/TD] [TD][LEFT]Microsoft Exchange Server Remote Code Execution Vulnerability.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41082&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41082]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41082') [MISC]('https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41082') [CERT-VN]('https://www.kb.cert.org/vuls/id/915563')[/TD] [/TR] [TR] [TD][LEFT]mojoportal -- mojoportal[/LEFT][/TD] [TD][LEFT]mojoPortal v2.7 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted PNG file.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40341&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40341]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40341') [MISC]('http://mojoportal.com') [MISC]('https://weed-1.gitbook.io/cve/mojoportal/upload-malicious-file-in-mojoportal-v2.7-cve-2022-40341')[/TD] [/TR] [TR] [TD][LEFT]moodle -- moodle[/LEFT][/TD] [TD][LEFT]A remote code execution risk when restoring backup files originating from Moodle 1.9 was identified.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40314&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40314]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40314') [MISC]('https://moodle.org/mod/forum/discuss.php?d=438393') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2128147')[/TD] [/TR] [TR] [TD][LEFT]moodle -- moodle[/LEFT][/TD] [TD][LEFT]A limited SQL injection risk was identified in the "browse list of users" site administration page.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40315&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40315]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40315') [MISC]('https://moodle.org/mod/forum/discuss.php?d=438394') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2128150')[/TD] [/TR] [TR] [TD][LEFT]moodle -- moodle[/LEFT][/TD] [TD][LEFT]Enabling and disabling installed H5P libraries did not include the necessary token to prevent a CSRF risk.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2986&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-2986]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2986') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2121360') [MISC]('http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-75326')[/TD] [/TR] [TR] [TD][LEFT]moodle -- moodle[/LEFT][/TD] [TD][LEFT]Recursive rendering of Mustache template helpers containing user input could, in some cases, result in an XSS risk or a page failing to load.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][7.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40313&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L')[/CENTER][/TD] [TD][CVE-2022-40313]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40313') [MISC]('https://moodle.org/mod/forum/discuss.php?d=438392') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2128146')[/TD] [/TR] [TR] [TD][LEFT]mybb -- mybb[/LEFT][/TD] [TD][LEFT]MyBB is a free and open source forum software. The _Mail Settings_ ? Additional Parameters for PHP's mail() function mail_parameters setting value, in connection with the configured mail program's options and behavior, may allow access to sensitive information and Remote Code Execution (RCE). The vulnerable module requires Admin CP access with the `_Can manage settings?_` permission and may depend on configured file permissions. MyBB 1.8.31 resolves this issue with the commit `0cd318136a`. Users are advised to upgrade. There are no known workarounds for this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39265&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-39265]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39265') [MISC]('https://mybb.com/versions/1.8.31/') [CONFIRM]('https://github.com/mybb/mybb/security/advisories/GHSA-hxhm-rq9f-7xj7') [MISC]('https://github.com/mybb/mybb/commit/0cd318136a10b029bb5c8a8f6dddf39d87519797') [MISC]('https://github.com/mybb/mybb/blob/mybb_1830/install/resources/settings.xml#L2331-L2338')[/TD] [/TR] [TR] [TD][LEFT]najeebmedia -- frontend_file_manager[/LEFT][/TD] [TD][LEFT]The Frontend File Manager Plugin WordPress plugin before 21.3 allows any authenticated users, such as subscriber, to rename a file to an arbitrary extension, like PHP, which could allow them to basically be able to upload arbitrary files on the server and achieve RCE[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3125&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3125]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3125') [MISC]('https://wpscan.com/vulnerability/d3d9dc9a-226b-4f76-995e-e2af1dd6b17e')[/TD] [/TR] [TR] [TD][LEFT]nedi -- nedi[/LEFT][/TD] [TD][LEFT]In certain Nedi products, a vulnerability in the web UI of NeDi login & Community login could allow an unauthenticated, remote attacker to affect the integrity of a device via a User Enumeration vulnerability. The vulnerability is due to insecure design, where a difference in forgot password utility could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users. This affects NeDi 1.0.7 for OS X 1.0.7 <= and NeDi for Suse 1.0.7 <= and NeDi for FreeBSD 1.0.7 <=.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40895&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-40895]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40895') [MISC]('http://forum.nedi.ch/index.php') [MISC]('https://www.nedi.ch/') [MISC]('https://gist.github.com/UditChavda/2f2effa477a429b485ae7e2dc3bbd04f')[/TD] [/TR] [TR] [TD][LEFT]octopus -- octopus_server[/LEFT][/TD] [TD][LEFT]In affected versions of Octopus Deploy it is possible to bypass rate limiting on login using null bytes.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2778&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-2778]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2778') [MISC]('https://advisories.octopus.com/post/2022/sa2022-15/')[/TD] [/TR] [TR] [TD][LEFT]omron -- cx-programmer[/LEFT][/TD] [TD][LEFT]OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3396&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3396]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3396') [CONFIRM]('https://www.cisa.gov/uscert/ics/advisories/icsa-22-277-04')[/TD] [/TR] [TR] [TD][LEFT]omron -- cx-programmer[/LEFT][/TD] [TD][LEFT]OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3397&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3397]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3397') [CONFIRM]('https://www.cisa.gov/uscert/ics/advisories/icsa-22-277-04')[/TD] [/TR] [TR] [TD][LEFT]omron -- cx-programmer[/LEFT][/TD] [TD][LEFT]OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3398&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3398]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3398') [CONFIRM]('https://www.cisa.gov/uscert/ics/advisories/icsa-22-277-04')[/TD] [/TR] [TR] [TD][LEFT]online_diagnostic_lab_management_system_project -- online_diagnostic_lab_management_system[/LEFT][/TD] [TD][LEFT]An arbitrary file upload vulnerability in the component /php_action/editFile.php of Online Diagnostic Lab Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41512&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41512]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41512') [MISC]('https://github.com/TGAyouman/bug_report/blob/main/vendors/mayuri_k/online-diagnostic-lab-management-system/RCE-1.md')[/TD] [/TR] [TR] [TD][LEFT]online_diagnostic_lab_management_system_project -- online_diagnostic_lab_management_system[/LEFT][/TD] [TD][LEFT]Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /diagnostic/edittest.php.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41513&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41513]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41513') [MISC]('https://github.com/TGAyouman/bug_report/blob/main/vendors/mayuri_k/online-diagnostic-lab-management-system/SQLi-1.md')[/TD] [/TR] [TR] [TD][LEFT]online_diagnostic_lab_management_system_project -- online_diagnostic_lab_management_system[/LEFT][/TD] [TD][LEFT]Online Diagnostic Lab Management System v1.0 is vulnerable to SQL Injection via /diagnostic/editclient.php?id=.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42073&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-42073]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42073') [MISC]('https://github.com/f0w4rD/bug_report/blob/main/vendors/mayuri_k/online-diagnostic-lab-management-system/SQLi-1.md')[/TD] [/TR] [TR] [TD][LEFT]online_diagnostic_lab_management_system_project -- online_diagnostic_lab_management_system[/LEFT][/TD] [TD][LEFT]Online Diagnostic Lab Management System v1.0 is vulnerable to SQL Injection via /diagnostic/editcategory.php?id=.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42074&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-42074]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42074') [MISC]('https://github.com/f0w4rD/bug_report/blob/main/vendors/mayuri_k/online-diagnostic-lab-management-system/SQLi-2.md')[/TD] [/TR] [TR] [TD][LEFT]online_leave_management_system_project -- online_leave_management_system[/LEFT][/TD] [TD][LEFT]Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /leave_system/classes/Master.php?f=delete_department.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41355&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41355]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41355') [MISC]('https://github.com/Cvedig/Bug_report/blob/main/vendors/oretnom23/online-leave-management-system/SQLi-1.md')[/TD] [/TR] [TR] [TD][LEFT]online_pet_shop_we_app_project -- online_pet_shop_we_app[/LEFT][/TD] [TD][LEFT]Online Pet Shop We App v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /pet_shop/admin/?page=maintenance/manage_category.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41377&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41377]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41377') [MISC]('https://github.com/hegeoo/bug_report/blob/main/vendors/oretnom23/online-pet-shop-we-app/SQLi-2.md')[/TD] [/TR] [TR] [TD][LEFT]online_pet_shop_we_app_project -- online_pet_shop_we_app[/LEFT][/TD] [TD][LEFT]Online Pet Shop We App v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /pet_shop/admin/?page=inventory/manage_inventory.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41378&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41378]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41378') [MISC]('https://github.com/hegeoo/bug_report/blob/main/vendors/oretnom23/online-pet-shop-we-app/SQLi-1.md')[/TD] [/TR] [TR] [TD][LEFT]open_source_sacco_management_system_project -- open_source_sacco_management_system[/LEFT][/TD] [TD][LEFT]Open Source SACCO Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /sacco_shield/ajax.php?action=delete_loan.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41514&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41514]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41514') [MISC]('https://github.com/TGAyouman/bug_report/blob/main/vendors/mayuri_k/open-source-sacco-management-system/SQLi-1.md')[/TD] [/TR] [TR] [TD][LEFT]open_source_sacco_management_system_project -- open_source_sacco_management_system[/LEFT][/TD] [TD][LEFT]Open Source SACCO Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /sacco_shield/ajax.php?action=delete_payment.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41515&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41515]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41515') [MISC]('https://github.com/TGAyouman/bug_report/blob/main/vendors/mayuri_k/open-source-sacco-management-system/SQLi-2.md')[/TD] [/TR] [TR] [TD][LEFT]orchest -- orchest[/LEFT][/TD] [TD][LEFT]### Impact In a CSRF attack, an innocent end user is tricked by an attacker into submitting a web request that they did not intend. This may cause actions to be performed on the website that can include inadvertent client or server data leakage, change of session state, or manipulation of an end user's account. ### Patch Upgrade to v2022.09.10 to patch this vulnerability. ### Workarounds Rebuild and redeploy the Orchest `auth-server` with this commit: https://github.com/orchest/orchest/commit/c2587a963cca742c4a2503bce4cfb4161bf64c2d ### References https://en.wikipedia.org/wiki/Cross-site_request_forgery https://cwe.mitre.org/data/definitions/352.html ### For more information If you have any questions or comments about this advisory: * Open an issue in https://github.com/orchest/orchest * Email us at [email][email protected][/email][/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39268&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-39268]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39268') [MISC]('https://github.com/orchest/orchest/pull/1324') [MISC]('https://github.com/orchest/orchest/commit/c2587a963cca742c4a2503bce4cfb4161bf64c2d') [MISC]('https://github.com/orchest/orchest/releases/tag/v2022.09.10') [CONFIRM]('https://github.com/orchest/orchest/security/advisories/GHSA-q44f-8jpw-qv4j')[/TD] [/TR] [TR] [TD][LEFT]phpipam -- phpipam[/LEFT][/TD] [TD][LEFT]phpipam v1.5.0 was discovered to contain a header injection vulnerability via the component /admin/subnets/ripe-query.php.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41443&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41443]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41443') [MISC]('https://gist.github.com/enferas/7acd9636cc221bbf61d51425ab91ef01')[/TD] [/TR] [TR] [TD][LEFT]pjsip -- pjsip[/LEFT][/TD] [TD][LEFT]PJSIP is a free and open source multimedia communication library written in C. In versions of PJSIP prior to 2.13 the PJSIP parser, PJMEDIA RTP decoder, and PJMEDIA SDP parser are affeced by a buffer overflow vulnerability. Users connecting to untrusted clients are at risk. This issue has been patched and is available as commit c4d3498 in the master branch and will be included in releases 2.13 and later. Users are advised to upgrade. There are no known workarounds for this issue.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39244&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-39244]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39244') [MISC]('https://github.com/pjsip/pjproject/commit/c4d34984ec92b3d5252a7d5cddd85a1d3a8001ae') [CONFIRM]('https://github.com/pjsip/pjproject/security/advisories/GHSA-fq45-m3f7-3mhj')[/TD] [/TR] [TR] [TD][LEFT]pjsip -- pjsip[/LEFT][/TD] [TD][LEFT]PJSIP is a free and open source multimedia communication library written in C. When processing certain packets, PJSIP may incorrectly switch from using SRTP media transport to using basic RTP upon SRTP restart, causing the media to be sent insecurely. The vulnerability impacts all PJSIP users that use SRTP. The patch is available as commit d2acb9a in the master branch of the project and will be included in version 2.13. Users are advised to manually patch or to upgrade. There are no known workarounds for this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39269&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-39269]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39269') [MISC]('https://github.com/pjsip/pjproject/commit/d2acb9af4e27b5ba75d658690406cec9c274c5cc') [CONFIRM]('https://github.com/pjsip/pjproject/security/advisories/GHSA-wx5m-cj97-4wwg')[/TD] [/TR] [TR] [TD][LEFT]pyup -- dependency_parser[/LEFT][/TD] [TD][LEFT]dparse is a parser for Python dependency files. dparse in versions before 0.5.2 contain a regular expression that is vulnerable to a Regular Expression Denial of Service. All the users parsing index server URLs with dparse are impacted by this vulnerability. A patch has been applied in version `0.5.2`, all the users are advised to upgrade to `0.5.2` as soon as possible. Users unable to upgrade should avoid passing index server URLs in the source file to be parsed.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39280&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-39280]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39280') [MISC]('https://github.com/pyupio/dparse/commit/8c990170bbd6c0cf212f1151e9025486556062d5') [MISC]('https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS') [MISC]('https://github.com/pyupio/dparse/commit/d87364f9db9ab916451b1b036cfeb039e726e614') [CONFIRM]('https://github.com/pyupio/dparse/security/advisories/GHSA-8fg9-p83m-x5pq')[/TD] [/TR] [TR] [TD][LEFT]realvnc -- vnc_server[/LEFT][/TD] [TD][LEFT]RealVNC VNC Server before 6.11.0 and VNC Viewer before 6.22.826 on Windows allow local privilege escalation via MSI installer Repair mode.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41975&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41975]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41975') [MISC]('https://help.realvnc.com/hc/en-us/articles/360002253138-Release-Notes#vnc-server-6-11-0-released-0-2')[/TD] [/TR] [TR] [TD][LEFT]samsung -- factorycamera[/LEFT][/TD] [TD][LEFT]Path traversal vulnerability in AtBroadcastReceiver in FactoryCamera prior to version 3.5.51 allows attackers to write arbitrary file as FactoryCamera privilege.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39858&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-39858]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39858') [MISC]('https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=10')[/TD] [/TR] [TR] [TD][LEFT]semtech -- loramac-node[/LEFT][/TD] [TD][LEFT]LoRaMac-node is a reference implementation and documentation of a LoRa network node. Versions of LoRaMac-node prior to 4.7.0 are vulnerable to a buffer overflow. Improper size validation of the incoming radio frames can lead to an 65280-byte out-of-bounds write. The function `ProcessRadioRxDone` implicitly expects incoming radio frames to have at least a payload of one byte or more. An empty payload leads to a 1-byte out-of-bounds read of user controlled content when the payload buffer is reused. This allows an attacker to craft a FRAME_TYPE_PROPRIETARY frame with size -1 which results in an 65280-byte out-of-bounds memcopy likely with partially controlled attacker data. Corrupting a large part if the data section is likely to cause a DoS. If the large out-of-bounds write does not immediately crash the attacker may gain control over the execution due to now controlling large parts of the data section. Users are advised to upgrade either by updating their package or by manually applying the patch commit `e851b079`.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39274&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-39274]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39274') [MISC]('https://github.com/Lora-net/LoRaMac-node/commit/e851b079c82ba1bcf3f4d291ab69a571b0bf458a') [MISC]('https://github.com/Lora-net/LoRaMac-node/releases/tag/v4.7.0') [CONFIRM]('https://github.com/Lora-net/LoRaMac-node/security/advisories/GHSA-7vv8-73pc-63c2')[/TD] [/TR] [TR] [TD][LEFT]simple_cold_storage_management_system_project -- simple_cold_storage_management_system[/LEFT][/TD] [TD][LEFT]Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/classes/Master.php?f=delete_message.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42241&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-42241]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42241') [MISC]('https://github.com/aabbcc8997/bug_report/blob/main/vendors/oretnom23/simple-cold-storage-management-system/SQLi-3.md')[/TD] [/TR] [TR] [TD][LEFT]simple_cold_storage_management_system_project -- simple_cold_storage_management_system[/LEFT][/TD] [TD][LEFT]Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/classes/Master.php?f=delete_booking.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42242&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-42242]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42242') [MISC]('https://github.com/aabbcc8997/bug_report/blob/main/vendors/oretnom23/simple-cold-storage-management-system/SQLi-2.md')[/TD] [/TR] [TR] [TD][LEFT]simple_cold_storage_management_system_project -- simple_cold_storage_management_system[/LEFT][/TD] [TD][LEFT]Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/storages/manage_storage.php?id=.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42243&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-42243]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42243') [MISC]('https://github.com/aabbcc8997/bug_report/blob/main/vendors/oretnom23/simple-cold-storage-management-system/SQLi-1.md')[/TD] [/TR] [TR] [TD][LEFT]simple_cold_storage_management_system_project -- simple_cold_storage_management_system[/LEFT][/TD] [TD][LEFT]Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/storages/view_storage.php?id=.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42249&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-42249]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42249') [MISC]('https://github.com/fateroot/bug_report/blob/main/vendors/oretnom23/simple-cold-storage-management-system/SQLi-2.md')[/TD] [/TR] [TR] [TD][LEFT]simple_cold_storage_management_system_project -- simple_cold_storage_management_system[/LEFT][/TD] [TD][LEFT]Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/inquiries/view_details.php?id=.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42250&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-42250]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42250') [MISC]('https://github.com/fateroot/bug_report/blob/main/vendors/oretnom23/simple-cold-storage-management-system/SQLi-1.md')[/TD] [/TR] [TR] [TD][LEFT]simple_e-learning_system_project -- simple_e-learning_system[/LEFT][/TD] [TD][LEFT]An SQL injection vulnerability issue was discovered in Sourcecodester Simple E-Learning System 1.0., in /vcs/classRoom.php?classCode=, classCode.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40872&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40872]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40872') [MISC]('https://github.com/xtxxueyan/bug_report/blob/main/vendors/onetnom23/Simple%20E-Learning%20System/SQLi-1.md')[/TD] [/TR] [TR] [TD][LEFT]snyk -- cli[/LEFT][/TD] [TD][LEFT]Snyk CLI before 1.996.0 allows arbitrary command execution, affecting Snyk IDE plugins and the snyk npm package. Exploitation could follow from the common practice of viewing untrusted files in the Visual Studio Code editor, for example. The original demonstration was with shell metacharacters in the vendor.json ignore field, affecting snyk-go-plugin before 1.19.1. This affects, for example, the Snyk TeamCity plugin (which does not update automatically) before 20220930.142957.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40764&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40764]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40764') [MISC]('https://github.com/snyk/snyk-go-plugin/releases/tag/v1.19.1') [MISC]('https://github.com/snyk/cli/releases/tag/v1.996.0') [MISC]('https://support.snyk.io/hc/en-us/articles/7015908293789-CVE-2022-40764-Command-Injection-vulnerability-affecting-Snyk-CLI-versions-prior-to-1-996-0') [MISC]('https://www.imperva.com/blog/how-scanning-your-projects-for-security-issues-can-lead-to-remote-code-execution/')[/TD] [/TR] [TR] [TD][LEFT]solarwinds -- orion_platform[/LEFT][/TD] [TD][LEFT]A vulnerable component of Orion Platform was vulnerable to SQL Injection, an authenticated attacker could leverage this for privilege escalation or remote code execution.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-36961&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-36961]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-36961') [MISC]('https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36961') [MISC]('https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-3_release_notes.htm')[/TD] [/TR] [TR] [TD][LEFT]sonicjs -- sonicjs[/LEFT][/TD] [TD][LEFT]SonicJS through 0.6.0 allows file overwrite. It has the following mutations that are used for updating files: fileCreate and fileUpdate. Both of these mutations can be called without any authentication to overwrite any files on a SonicJS application, leading to Arbitrary File Write and Delete.[/LEFT][/TD] [TD][CENTER]2022-10-01[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42002&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-42002]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42002') [MISC]('https://snyk.io/blog/graphql-security-static-analysis-snyk-code/') [MISC]('https://github.com/lane711/sonicjs/tags')[/TD] [/TR] [TR] [TD][LEFT]swmansion -- react_native_reanimated[/LEFT][/TD] [TD][LEFT]The package react-native-reanimated before 3.0.0-rc.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper usage of regular expression in the parser of Colors.js.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-24373&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-24373]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-24373') [CONFIRM]('https://security.snyk.io/vuln/SNYK-JS-REACTNATIVEREANIMATED-2949507') [CONFIRM]('https://github.com/software-mansion/react-native-reanimated/releases/tag/3.0.0-rc.1') [CONFIRM]('https://github.com/software-mansion/react-native-reanimated/pull/3382/commits/7adf06d0c59382d884a04be86a96eede3d0432fa') [CONFIRM]('https://github.com/software-mansion/react-native-reanimated/pull/3382')[/TD] [/TR] [TR] [TD][LEFT]sylabs -- singularity_image_format[/LEFT][/TD] [TD][LEFT]syslabs/sif is the Singularity Image Format (SIF) reference implementation. In versions prior to 2.8.1the `github.com/sylabs/sif/v2/pkg/integrity` package did not verify that the hash algorithm(s) used are cryptographically secure when verifying digital signatures. A patch is available in version >= v2.8.1 of the module. Users are encouraged to upgrade. Users unable to upgrade may independently validate that the hash algorithm(s) used for metadata digest(s) and signature hash are cryptographically secure.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39237&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-39237]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39237') [CONFIRM]('https://github.com/sylabs/sif/security/advisories/GHSA-m5m3-46gj-wch8') [MISC]('https://github.com/sylabs/sif/commit/07fb86029a12e3210f6131e065570124605daeaa')[/TD] [/TR] [TR] [TD][LEFT]tooljet -- tooljet[/LEFT][/TD] [TD][LEFT]Account Takeover :: when see the info i can see the hash pass i can creaked it ............... Account Takeover :: when see the info i can see the forgot_password_token the hacker can send the request and changed the pass[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3422&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-3422]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3422') [CONFIRM]('https://huntr.dev/bounties/02da53ab-f613-4171-8766-96b31c671551') [MISC]('https://github.com/tooljet/tooljet/commit/7879d8a76000c014533a97a22bc276afe3ae3e54')[/TD] [/TR] [TR] [TD][LEFT]veritas -- netbackup[/LEFT][/TD] [TD][LEFT]An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a SQL Injection attack affecting the NBFSMCLIENT service.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42302&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-42302]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42302') [MISC]('https://www.veritas.com/content/support/en_US/security/VTS22-011#C1')[/TD] [/TR] [TR] [TD][LEFT]veritas -- netbackup[/LEFT][/TD] [TD][LEFT]An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a second-order SQL Injection attack affecting the NBFSMCLIENT service by leveraging CVE-2022-42302.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42303&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-42303]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42303') [MISC]('https://www.veritas.com/content/support/en_US/security/VTS22-011#H1')[/TD] [/TR] [TR] [TD][LEFT]veritas -- netbackup[/LEFT][/TD] [TD][LEFT]An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a SQL Injection attack affecting idm, nbars, and SLP manager code.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42304&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-42304]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42304') [MISC]('https://www.veritas.com/content/support/en_US/security/VTS22-011#H2')[/TD] [/TR] [TR] [TD][LEFT]veritas -- netbackup[/LEFT][/TD] [TD][LEFT]An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to an XML External Entity (XXE) Injection attack through the DiscoveryService service.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42307&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-42307]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42307') [MISC]('https://www.veritas.com/content/support/en_US/security/VTS22-012#M2')[/TD] [/TR] [TR] [TD][LEFT]veritas -- netbackup[/LEFT][/TD] [TD][LEFT]An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to an XML External Entity (XXE) injection attack through the nbars process.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42301&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-42301]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42301') [MISC]('https://www.veritas.com/content/support/en_US/security/VTS22-013#M1')[/TD] [/TR] [TR] [TD][LEFT]veritas -- netbackup[/LEFT][/TD] [TD][LEFT]An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to a denial of service attack through the DiscoveryService service.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42299&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-42299]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42299') [MISC]('https://www.veritas.com/content/support/en_US/security/VTS22-012#M3')[/TD] [/TR] [TR] [TD][LEFT]veritas -- netbackup[/LEFT][/TD] [TD][LEFT]An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to a Path traversal attack through the DiscoveryService service.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42305&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-42305]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42305') [MISC]('https://www.veritas.com/content/support/en_US/security/VTS22-012#M1')[/TD] [/TR] [TR] [TD][LEFT]veritas -- netbackup[/LEFT][/TD] [TD][LEFT]An issue was discovered in Veritas NetBackup through 8.2 and related Veritas products. An attacker with local access can delete arbitrary files by leveraging a path traversal in the pbx_exchange registration code.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][7.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42308&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-42308]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42308') [MISC]('https://www.veritas.com/content/support/en_US/security/VTS22-010#C1')[/TD] [/TR] [TR] [TD][LEFT]vmware -- rabbitmq[/LEFT][/TD] [TD][LEFT]RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation in their worker (link) state. The encryption key used to encrypt the URI was seeded with a predictable secret. This means that in case of certain exceptions related to Shovel and Federation plugins, reasonably easily deobfuscatable data could appear in the node log. Patched versions correctly use a cluster-wide secret for that purpose. This issue has been addressed and Patched versions: `3.10.2`, `3.9.18`, `3.8.32` are available. Users unable to upgrade should disable the Shovel and Federation plugins.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-31008&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-31008]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-31008') [MISC]('https://github.com/rabbitmq/rabbitmq-server/pull/4841') [CONFIRM]('https://github.com/rabbitmq/rabbitmq-server/security/advisories/GHSA-v9gv-xp36-jgj8')[/TD] [/TR] [TR] [TD][LEFT]web-based_student_clearance_system_project -- web-based_student_clearance_system[/LEFT][/TD] [TD][LEFT]A vulnerability was found in SourceCodester Web-Based Student Clearance System. It has been classified as critical. Affected is an unknown function of the file /Admin/login.php of the component POST Parameter Handler. The manipulation of the argument txtusername leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-210246 is the identifier assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3414&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3414]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3414') [N/A]('https://www.jianshu.com/p/8f7b7b532c02') [N/A]('https://vuldb.com/?id.210246')[/TD] [/TR] [/TABLE][/CENTER] [Back to top]('https://us-cert.cisa.gov#top')

Medium Vulnerabilities

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD][LEFT]adobe -- experience_manager[/LEFT][/TD] [TD][LEFT]Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. Exploitation of this issue requires low-privilege access to AEM.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-28851&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-28851]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-28851') [MISC]('https://helpx.adobe.com/security/products/experience-manager/apsb22-40.html')[/TD] [/TR] [TR] [TD][LEFT]apache -- commons_jxpath[/LEFT][/TD] [TD][LEFT]Those using JXPath to interpret XPath may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40157&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-40157]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40157') [MISC]('https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47061')[/TD] [/TR] [TR] [TD][LEFT]apache -- commons_jxpath[/LEFT][/TD] [TD][LEFT]Those using JXPath to interpret XPath may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40158&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-40158]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40158') [MISC]('https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47058')[/TD] [/TR] [TR] [TD][LEFT]apache -- commons_jxpath[/LEFT][/TD] [TD][LEFT]Those using JXPath to interpret XPath may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40159&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-40159]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40159') [MISC]('https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47057')[/TD] [/TR] [TR] [TD][LEFT]apache -- commons_jxpath[/LEFT][/TD] [TD][LEFT]Those using JXPath to interpret XPath may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40160&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-40160]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40160') [MISC]('https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47053')[/TD] [/TR] [TR] [TD][LEFT]apache -- commons_jxpath[/LEFT][/TD] [TD][LEFT]Those using JXPath to interpret XPath may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40161&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-40161]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40161') [MISC]('https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47097')[/TD] [/TR] [TR] [TD][LEFT]avaya -- aura_application_enablement_services[/LEFT][/TD] [TD][LEFT]A vulnerability related to weak permissions was detected in Avaya Aura Application Enablement Services web application, allowing an administrative user to modify accounts leading to execution of arbitrary code as the root user. This issue affects Application Enablement Services versions 8.0.0.0 through 8.1.3.4 and 10.1.0.0 through 10.1.0.1. Versions prior to 8.0.0.0 are end of manufacturing support and were not evaluated.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2975&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-2975]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2975') [MISC]('https://download.avaya.com/css/public/documents/101083688')[/TD] [/TR] [TR] [TD][LEFT]axiosys -- bento4[/LEFT][/TD] [TD][LEFT]Bento4 v1.6.0-639 was discovered to contain a memory leak via the AP4_Processor::Process function in the mp4encrypt binary.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41419&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41419]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41419') [MISC]('https://github.com/axiomatic-systems/Bento4/issues/766')[/TD] [/TR] [TR] [TD][LEFT]axiosys -- bento4[/LEFT][/TD] [TD][LEFT]Bento4 v1.6.0-639 was discovered to contain a segmentation violation in the mp4fragment component.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41423&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41423]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41423') [MISC]('https://github.com/axiomatic-systems/Bento4/issues/767')[/TD] [/TR] [TR] [TD][LEFT]axiosys -- bento4[/LEFT][/TD] [TD][LEFT]Bento4 v1.6.0-639 was discovered to contain a memory leak via the AP4_SttsAtom::Create function in mp42hls.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41424&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41424]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41424') [MISC]('https://github.com/axiomatic-systems/Bento4/issues/768')[/TD] [/TR] [TR] [TD][LEFT]axiosys -- bento4[/LEFT][/TD] [TD][LEFT]Bento4 v1.6.0-639 was discovered to contain a segmentation violation via the AP4_Processor::ProcessFragments function in mp4decrypt.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41425&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41425]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41425') [MISC]('https://github.com/axiomatic-systems/Bento4/issues/772')[/TD] [/TR] [TR] [TD][LEFT]axiosys -- bento4[/LEFT][/TD] [TD][LEFT]Bento4 v1.6.0-639 was discovered to contain a memory leak via the AP4_AtomFactory::CreateAtomFromStream function in mp4split.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41426&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41426]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41426') [MISC]('https://github.com/axiomatic-systems/Bento4/issues/772')[/TD] [/TR] [TR] [TD][LEFT]axiosys -- bento4[/LEFT][/TD] [TD][LEFT]Bento4 v1.6.0-639 was discovered to contain a memory leak in the AP4_AvcFrameParser::Feed function in mp4mux.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41427&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41427]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41427') [MISC]('https://github.com/axiomatic-systems/Bento4/issues/772')[/TD] [/TR] [TR] [TD][LEFT]axiosys -- bento4[/LEFT][/TD] [TD][LEFT]An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_File::ParseStream in Core/Ap4File.cpp, which is called from AP4_File::AP4_File.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41841&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41841]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41841') [MISC]('https://github.com/axiomatic-systems/Bento4/issues/779')[/TD] [/TR] [TR] [TD][LEFT]axiosys -- bento4[/LEFT][/TD] [TD][LEFT]An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in the function AP4_Array::EnsureCapacity in Core/Ap4Array.h.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41845&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41845]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41845') [MISC]('https://github.com/axiomatic-systems/Bento4/issues/747') [MISC]('https://github.com/axiomatic-systems/Bento4/issues/770')[/TD] [/TR] [TR] [TD][LEFT]axiosys -- bento4[/LEFT][/TD] [TD][LEFT]An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in the function AP4_DataBuffer::ReallocateBuffer in Core/Ap4DataBuffer.cpp.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41846&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41846]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41846') [MISC]('https://github.com/axiomatic-systems/Bento4/issues/342') [MISC]('https://github.com/axiomatic-systems/Bento4/issues/770')[/TD] [/TR] [TR] [TD][LEFT]axiosys -- bento4[/LEFT][/TD] [TD][LEFT]An issue was discovered in Bento4 1.6.0-639. A memory leak exists in AP4_StdcFileByteStream::Create(AP4_FileByteStream*, char const*, AP4_FileByteStream::Mode, AP4_ByteStream*&) in System/StdC/Ap4StdCFileByteStream.cpp.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41847&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41847]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41847') [MISC]('https://github.com/axiomatic-systems/Bento4/issues/775') [MISC]('https://github.com/axiomatic-systems/Bento4/issues/750') [MISC]('https://github.com/axiomatic-systems/Bento4/issues/759')[/TD] [/TR] [TR] [TD][LEFT]beckmancoulter -- remisol_advance[/LEFT][/TD] [TD][LEFT]The default privileges for the running service Normand Viewer Service in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows non-privileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-26237&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-26237]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-26237') [MISC]('https://www.beckmancoulter.com/products/clinical-information-management-tools/remisol-advance') [MISC]('https://pastebin.com/DREqM7AT')[/TD] [/TR] [TR] [TD][LEFT]beckmancoulter -- remisol_advance[/LEFT][/TD] [TD][LEFT]The default privileges for the running service Normand License Manager in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows unprivileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-26239&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-26239]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-26239') [MISC]('https://www.beckmancoulter.com/products/clinical-information-management-tools/remisol-advance') [MISC]('https://pastebin.com/1QEHrj01')[/TD] [/TR] [TR] [TD][LEFT]bookingultrapro -- booking_ultra_pro_appointments_booking_calendar[/LEFT][/TD] [TD][LEFT]Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability in Booking Ultra Pro plugin <= 1.1.4 at WordPress.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-36855&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2021-36855]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-36855') [CONFIRM]('https://wordpress.org/plugins/booking-ultra-pro/') [CONFIRM]('https://patchstack.com/database/vulnerability/booking-ultra-pro/wordpress-booking-ultra-pro-plugin-1-1-4-cross-site-scripting-xss-via-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]bosch -- bosch_video_management_system[/LEFT][/TD] [TD][LEFT]Information Disclosure in Operator Client application in BVMS 10.1.1, 11.0 and 11.1.0 and VIDEOJET Decoder VJD-7513 versions 10.23 and 10.30 allows man-in-the-middle attacker to compromise confidential video stream. This is only applicable for UDP encryption when target system contains cameras with platform CPP13 or CPP14 and firmware version 8.x.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][5.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32540&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-32540]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32540') [CONFIRM]('https://psirt.bosch.com/security-advisories/bosch-sa-464066.html')[/TD] [/TR] [TR] [TD][LEFT]bus_pass_management_system_project -- bus_pass_management_system[/LEFT][/TD] [TD][LEFT]Bus Pass Management System v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the searchdata parameter.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-35155&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-35155]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-35155') [MISC]('http://bus.com') [MISC]('https://github.com/shellshok3/Cross-Site-Scripting-XSS/blob/main/Bus%20Pass%20Management%20System%201.0.md') [MISC]('http://phpgurukul.com')[/TD] [/TR] [TR] [TD][LEFT]canon -- medical_vitrea_view[/LEFT][/TD] [TD][LEFT]Multiple cross-site scripting (XSS) vulnerabilities in Canon Medical Vitrea View 7.x before 7.7.6 allow remote attackers to inject arbitrary web script or HTML via (1) the input after the error subdirectory to the /vitrea-view/error/ subdirectory, or the (2) groupID, (3) offset, or (4) limit parameter to an Administrative Panel (Group and Users) page. There is a risk of an attacker retrieving patient information.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37461&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-37461]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37461') [MISC]('https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=30693') [MISC]('https://www.vitalimages.com/vitrea-vision/vitrea-view/') [CONFIRM]('https://www.vitalimages.com/customer-success-support-program/vital-images-software-security-updates/')[/TD] [/TR] [TR] [TD][LEFT]centreon -- centreon[/LEFT][/TD] [TD][LEFT]A cross-site scripting (XSS) vulnerability in Centreon 22.04.0 allows attackers to execute arbitrary web script or HTML via a crafted payload injected into the Service>Templates service_alias parameter.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39988&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-39988]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39988') [MISC]('http://packetstormsecurity.com/files/168585/Centreon-22.04.0-Cross-Site-Scripting.html')[/TD] [/TR] [TR] [TD][LEFT]cisco -- aironet_1542d_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability in the client forwarding code of multiple Cisco Access Points (APs) could allow an unauthenticated, adjacent attacker to inject packets from the native VLAN to clients within nonnative VLANs on an affected device. This vulnerability is due to a logic error on the AP that forwards packets that are destined to a wireless client if they are received on the native VLAN. An attacker could exploit this vulnerability by obtaining access to the native VLAN and directing traffic directly to the client through their MAC/IP combination. A successful exploit could allow the attacker to bypass VLAN separation and potentially also bypass any Layer 3 protection mechanisms that are deployed.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][4.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20728&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-20728]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20728') [CISCO]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apvlan-TDTtb4FY')[/TD] [/TR] [TR] [TD][LEFT]cisco -- catalyst_9800-l_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability in the 802.11 association frame validation of Cisco Catalyst 9100 Series Access Points (APs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of certain parameters within association request frames received by the AP. An attacker could exploit this vulnerability by sending a crafted 802.11 association request to a nearby device. An exploit could allow the attacker to unexpectedly reload the device, resulting in a DoS condition.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20945&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-20945]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20945') [CISCO]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-assoc-dos-EgVqtON8')[/TD] [/TR] [TR] [TD][LEFT]cisco -- duo[/LEFT][/TD] [TD][LEFT]A vulnerability in the smart card login authentication of Cisco Duo for macOS could allow an unauthenticated attacker with physical access to bypass authentication. This vulnerability exists because the assigned user of a smart card is not properly matched with the authenticating user. An attacker could exploit this vulnerability by configuring a smart card login to bypass Duo authentication. A successful exploit could allow the attacker to use any personal identity verification (PIV) smart card for authentication, even if the smart card is not assigned to the authenticating user.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][6.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20662&vector=CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20662]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20662') [CISCO]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-duo-macOS-bypass-uKZNpXE6')[/TD] [/TR] [TR] [TD][LEFT]cisco -- ios_xe[/LEFT][/TD] [TD][LEFT]A vulnerability in the self-healing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst Access Points could allow an authenticated, local attacker to escape the restricted controller shell and execute arbitrary commands on the underlying operating system of the access point. This vulnerability is due to improper checks throughout the restart of certain system processes. An attacker could exploit this vulnerability by logging on to an affected device and executing certain CLI commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS as root. To successfully exploit this vulnerability, an attacker would need valid credentials for a privilege level 15 user of the wireless controller.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20855&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20855]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20855') [CISCO]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewc-priv-esc-nderYLtK')[/TD] [/TR] [TR] [TD][LEFT]cisco -- ios_xe[/LEFT][/TD] [TD][LEFT]A vulnerability in the Simple Network Management Protocol (SNMP) of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an authenticated, remote attacker to access sensitive information. This vulnerability is due to insufficient restrictions that allow a sensitive configuration detail to be disclosed. An attacker could exploit this vulnerability by retrieving data through SNMP read-only community access. A successful exploit could allow the attacker to view Service Set Identifier (SSID) preshared keys (PSKs) that are configured on the affected device.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20810&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-20810]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20810') [CISCO]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cwlc-snmpidv-rnyyQzUZ')[/TD] [/TR] [TR] [TD][LEFT]cisco -- sd-wan[/LEFT][/TD] [TD][LEFT]A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control (SD-AVC) on Cisco vManage could allow an unauthenticated, remote attacker to access the GUI of Cisco SD-AVC using a default static username and password combination. This vulnerability exists because the GUI is accessible on self-managed cloud installations or local server installations of Cisco vManage. An attacker could exploit this vulnerability by accessing the exposed GUI of Cisco SD-AVC. A successful exploit could allow the attacker to view managed device names, SD-AVC logs, and SD-AVC DNS server IP addresses.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20844&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-20844]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20844') [CISCO]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdavc-ZA5fpXX2')[/TD] [/TR] [TR] [TD][LEFT]cisco -- sd-wan_vmanage[/LEFT][/TD] [TD][LEFT]A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary commands that are executed as the root user account. A successful exploit could allow the attacker to overwrite arbitrary system files, which could result in a denial of service (DoS) condition.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20930&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-20930]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20930') [CISCO]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-cli-xkGwmqKu')[/TD] [/TR] [TR] [TD][LEFT]cisco -- wireless_lan_controller_software[/LEFT][/TD] [TD][LEFT]A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error validation. An attacker could exploit this vulnerability by sending crafted packets to an affected device. A successful exploit could allow the attacker to cause the wireless LAN controller to crash, resulting in a DoS condition. Note: This vulnerability affects only devices that have Federal Information Processing Standards (FIPS) mode enabled.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-20769&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-20769]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-20769') [CISCO]('https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-dos-mKGRrsCB')[/TD] [/TR] [TR] [TD][LEFT]comment_guestbook_project -- comment_guestbook[/LEFT][/TD] [TD][LEFT]Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Comment Guestbook plugin <= 0.8.0 at WordPress.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-36830&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2021-36830]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-36830') [CONFIRM]('https://wordpress.org/plugins/comment-guestbook/') [CONFIRM]('https://patchstack.com/database/vulnerability/comment-guestbook/wordpress-comment-guestbook-plugin-0-8-0-authenticated-stored-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]discourse -- discotoc[/LEFT][/TD] [TD][LEFT]DiscoTOC is a Discourse theme component that generates a table of contents for topics. Users that can create topics in TOC-enabled categories (and have sufficient trust level - configured in component's settings) are able to inject arbitrary HTML on that topic's page. The issue has been fixed on the `main` branch. Admins can update the theme component through the admin UI (Customize -> Themes -> Components -> DiscoTOC -> Check for Updates). Alternatively, admins can temporarily disable the DiscoTOC theme component.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39270&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-39270]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39270') [MISC]('https://github.com/discourse/DiscoTOC/commit/f80c215a283cd045d2a371403e6eba88b2911192') [CONFIRM]('https://github.com/discourse/DiscoTOC/security/advisories/GHSA-m44p-w923-w32h')[/TD] [/TR] [TR] [TD][LEFT]dnnsoftware -- dotnetnuke[/LEFT][/TD] [TD][LEFT]Relative Path Traversal in GitHub repository dnnsoftware/dnn.platform prior to 9.11.0.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][4.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2922&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-2922]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2922') [MISC]('https://github.com/dnnsoftware/dnn.platform/commit/9b17351592fbde376506ba6705dbcc7a74a2a195') [CONFIRM]('https://huntr.dev/bounties/74918f40-dc11-4218-abef-064eb71a0703')[/TD] [/TR] [TR] [TD][LEFT]donation_thermometer_project -- donation_thermometer[/LEFT][/TD] [TD][LEFT]The Donation Thermometer WordPress plugin before 2.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3128&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3128]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3128') [MISC]('https://wpscan.com/vulnerability/97201998-1859-4428-9b81-9c2748806cf4')[/TD] [/TR] [TR] [TD][LEFT]dsgvo-for-wp -- dsgvo_all_in_one_for_wp[/LEFT][/TD] [TD][LEFT]The DSGVO All in one for WP WordPress plugin before 4.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2628&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-2628]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2628') [MISC]('https://wpscan.com/vulnerability/e712f83e-b437-4bc6-9511-2b0290ed315d')[/TD] [/TR] [TR] [TD][LEFT]goolytics_project -- goolytics[/LEFT][/TD] [TD][LEFT]The Goolytics WordPress plugin before 1.1.2 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3132&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3132]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3132') [MISC]('https://wpscan.com/vulnerability/ed2dc1b9-f9f9-4e99-87b3-a614c223dd64')[/TD] [/TR] [TR] [TD][LEFT]heartex -- label_studio[/LEFT][/TD] [TD][LEFT]A Server Side Request Forgery (SSRF) in the Data Import module in Heartex - Label Studio Community Edition versions 1.5.0 and earlier allows an authenticated user to access arbitrary files on the system. Furthermore, self-registration is enabled by default in these versions of Label Studio enabling a remote attacker to create a new account and then exploit the SSRF.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-36551&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-36551]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-36551') [MISC]('http://heartex.com') [MISC]('http://labelstud.io') [MISC]('https://github.com/heartexlabs/label-studio/pull/2840')[/TD] [/TR] [TR] [TD][LEFT]ibm -- cics_tx[/LEFT][/TD] [TD][LEFT]IBM CICS TX 11.1 could allow a local user to cause a denial of service due to improper load handling. IBM X-Force ID: 229437.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-34308&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-34308]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-34308') [CONFIRM]('https://www.ibm.com/support/pages/node/6826647') [XF]('https://exchange.xforce.ibmcloud.com/vulnerabilities/229437') [CONFIRM]('https://www.ibm.com/support/pages/node/6826645')[/TD] [/TR] [TR] [TD][LEFT]ibm -- infosphere_information_server[/LEFT][/TD] [TD][LEFT]IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that should only be available to a privileged user.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-36772&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-36772]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-36772') [XF]('https://exchange.xforce.ibmcloud.com/vulnerabilities/233299') [CONFIRM]('https://www.ibm.com/support/pages/node/6612325')[/TD] [/TR] [TR] [TD][LEFT]ibm -- infosphere_information_server[/LEFT][/TD] [TD][LEFT]IBM InfoSphere Information Server 11.7 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 236699.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41291&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-41291]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41291') [XF]('https://exchange.xforce.ibmcloud.com/vulnerabilities/236699') [CONFIRM]('https://www.ibm.com/support/pages/node/6823109')[/TD] [/TR] [TR] [TD][LEFT]ibm -- qradar_security_information_and_event_manager[/LEFT][/TD] [TD][LEFT]IBM QRadar SIEM 7.4 and 7.5 could disclose sensitive information via a local service to a privileged user. IBM X-Force ID: 227366.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-30613&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-30613]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-30613') [XF]('https://exchange.xforce.ibmcloud.com/vulnerabilities/227366') [CONFIRM]('https://www.ibm.com/support/pages/node/6826693')[/TD] [/TR] [TR] [TD][LEFT]ibm -- robotic_process_automation[/LEFT][/TD] [TD][LEFT]IBM Robotic Process Automation 21.0.0, 21.0.1, 21.0.2, 21.0.3, and 21.0.4 is vulnerable to cross origin resource sharing using the bot api. IBM X-Force ID: 236807.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41294&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-41294]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41294') [XF]('https://exchange.xforce.ibmcloud.com/vulnerabilities/236807') [CONFIRM]('https://www.ibm.com/support/pages/node/6825985')[/TD] [/TR] [TR] [TD][LEFT]ibm -- robotic_process_automation[/LEFT][/TD] [TD][LEFT]IBM Robotic Process Automation 21.0.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 227125.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-22503&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-22503]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-22503') [XF]('https://exchange.xforce.ibmcloud.com/vulnerabilities/227125') [CONFIRM]('https://www.ibm.com/support/pages/node/6825995')[/TD] [/TR] [TR] [TD][LEFT]ibm -- robotic_process_automation[/LEFT][/TD] [TD][LEFT]IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to man in the middle attacks through manipulation of the client proxy configuration. IBM X-Force ID: 233575.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-36774&vector=CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-36774]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-36774') [XF]('https://exchange.xforce.ibmcloud.com/vulnerabilities/233575') [CONFIRM]('https://www.ibm.com/support/pages/node/6826013')[/TD] [/TR] [TR] [TD][LEFT]ibm -- robotic_process_automation_for_cloud_pak[/LEFT][/TD] [TD][LEFT]IBM Robotic Process Automation 21.0.1, 21.0.2, and 21.0.3 for Cloud Pak is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 234291.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-38709&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-38709]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-38709') [XF]('https://exchange.xforce.ibmcloud.com/vulnerabilities/234291') [CONFIRM]('https://www.ibm.com/support/pages/node/6826011')[/TD] [/TR] [TR] [TD][LEFT]lief-project -- lief[/LEFT][/TD] [TD][LEFT]A vulnerability in the LIEF::MachO::BinaryParser::init_and_parse function of LIEF v0.12.1 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted MachO file.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40922&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-40922]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40922') [MISC]('https://github.com/lief-project/LIEF/issues/781')[/TD] [/TR] [TR] [TD][LEFT]lief-project -- lief[/LEFT][/TD] [TD][LEFT]A vulnerability in the LIEF::MachO::SegmentCommand::virtual_address function of LIEF v0.12.1 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted MachO file.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40923&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-40923]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40923') [MISC]('https://github.com/lief-project/LIEF/issues/784')[/TD] [/TR] [TR] [TD][LEFT]linux -- linux_kernel[/LEFT][/TD] [TD][LEFT]roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][4.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41850&vector=CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41850]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41850') [MISC]('https://lore.kernel.org/all/20220904193115.GA28134@ubuntu/t/#u')[/TD] [/TR] [TR] [TD][LEFT]linux -- linux_kernel[/LEFT][/TD] [TD][LEFT]drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling ioctl, aka a race condition between mgslpc_ioctl and mgslpc_detach.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][4.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41848&vector=CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41848]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41848') [MISC]('https://lore.kernel.org/lkml/20220919040251.GA302541@ubuntu/T/#rc85e751f467b3e6f9ccef92cfa7fb8a6cc50c270') [MISC]('https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/log/drivers/char/pcmcia/synclink_cs.c')[/TD] [/TR] [TR] [TD][LEFT]linux -- linux_kernel[/LEFT][/TD] [TD][LEFT]drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][4.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41849&vector=CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41849]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41849') [MISC]('https://lore.kernel.org/all/20220925133243.GA383897@ubuntu/T/')[/TD] [/TR] [TR] [TD][LEFT]linuxfoundation -- dex[/LEFT][/TD] [TD][LEFT]Dex is an identity service that uses OpenID Connect to drive authentication for other apps. Dex instances with public clients (and by extension, clients accepting tokens issued by those Dex instances) are affected by this vulnerability if they are running a version prior to 2.35.0. An attacker can exploit this vulnerability by making a victim navigate to a malicious website and guiding them through the OIDC flow, stealing the OAuth authorization code in the process. The authorization code then can be exchanged by the attacker for a token, gaining access to applications accepting that token. Version 2.35.0 has introduced a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39222&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-39222]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39222') [CONFIRM]('https://github.com/dexidp/dex/security/advisories/GHSA-vh7g-p26c-j2cw') [MISC]('https://github.com/dexidp/dex/commit/49471b14c8080ddb034d4855841123d378b7a634')[/TD] [/TR] [TR] [TD][LEFT]mojoportal -- mojoportal[/LEFT][/TD] [TD][LEFT]mojoPortal v2.7 was discovered to contain a path traversal vulnerability via the "f" parameter at /DesignTools/CssEditor.aspx. This vulnerability allows authenticated attackers to read arbitrary files in the system.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40123&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-40123]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40123') [MISC]('https://weed-1.gitbook.io/cve/mojoportal/directory-traversal-in-mojoportal-v2.7-cve-2022-40123') [MISC]('http://mojoportal.com')[/TD] [/TR] [TR] [TD][LEFT]moodle -- moodle[/LEFT][/TD] [TD][LEFT]The H5P activity attempts report did not filter by groups, which in separate groups mode could reveal information to non-editing teachers about attempts/users in groups they should not have access to.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40316&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-40316]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40316') [MISC]('https://moodle.org/mod/forum/discuss.php?d=438395') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2128151')[/TD] [/TR] [TR] [TD][LEFT]najeebmedia -- frontend_file_manager[/LEFT][/TD] [TD][LEFT]The Frontend File Manager Plugin WordPress plugin before 21.3 allows any unauthenticated user to rename uploaded files from users. Furthermore, due to the lack of validation in the destination filename, this could allow allow them to change the content of arbitrary files on the web server[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3124&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3124]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3124') [MISC]('https://wpscan.com/vulnerability/00f76765-95af-4dbc-8c37-f1b15a0e8608')[/TD] [/TR] [TR] [TD][LEFT]nasm -- netwide_assembler[/LEFT][/TD] [TD][LEFT]nasm v2.16 was discovered to contain a stack overflow in the Ndisasm component[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41420&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41420]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41420') [MISC]('https://bugzilla.nasm.us/show_bug.cgi?id=3392810')[/TD] [/TR] [TR] [TD][LEFT]octopus -- octopus_server[/LEFT][/TD] [TD][LEFT]In affected versions of Octopus Server it was identified that the same encryption process was used for both encrypting session cookies and variables.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2781&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-2781]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2781') [MISC]('https://advisories.octopus.com/post/2022/sa2022-16/')[/TD] [/TR] [TR] [TD][LEFT]octopus -- octopus_server[/LEFT][/TD] [TD][LEFT]In affected versions of Octopus Server it was identified that a session cookie could be used as the CSRF token[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2783&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-2783]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2783') [MISC]('https://advisories.octopus.com/post/2022/sa2022-17/')[/TD] [/TR] [TR] [TD][LEFT]online_diagnostic_lab_management_system_project -- online_diagnostic_lab_management_system[/LEFT][/TD] [TD][LEFT]Two cross-site scripting vulnerabilities were fixed in Bodhi 5.6.1.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-15855&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2020-15855]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-15855') [MISC]('https://pyup.io/packages/pypi/bodhi/changelog#5.6.1')[/TD] [/TR] [TR] [TD][LEFT]orchardcore -- orchardcore[/LEFT][/TD] [TD][LEFT]In OrchardCore rc1-11259 to v1.2.2 vulnerable to HTML injection, allow an authenticated user with an editor security role to inject a persistent HTML modal dialog component into the dashboard that will affect admin users.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32173&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-32173]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32173') [MISC]('https://www.mend.io/vulnerability-database/CVE-2022-32173') [MISC]('https://github.com/OrchardCMS/OrchardCore/commit/0163c88ddeaca39815d7e6e5ea1c8391085cc136')[/TD] [/TR] [TR] [TD][LEFT]pfsense -- pfsense[/LEFT][/TD] [TD][LEFT]pfSense v2.5.2 was discovered to contain a cross-site scripting (XSS) vulnerability in the browser.php component. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into a file name.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42247&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-42247]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42247') [MISC]('https://github.com/pfsense/pfsense/commit/73ca6743954ac9f35ca293e3f2af63eac20cf32e') [MISC]('https://gist.github.com/enferas/b4ca7a4fb52e1b5e698f87e4d655a70a')[/TD] [/TR] [TR] [TD][LEFT]pingidentity -- pingcentral[/LEFT][/TD] [TD][LEFT]PingCentral versions prior to listed versions expose Spring Boot actuator endpoints that with administrative authentication return large amounts of sensitive environmental and application information.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][4.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23726&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-23726]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23726') [MISC]('https://www.pingidentity.com/en/resources/downloads/pingcentral.html') [CONFIRM]('https://docs.pingidentity.com/bundle/pingcentral-110/page/sdd1651696160285.html')[/TD] [/TR] [TR] [TD][LEFT]pulsesecure -- pulse_connect_secure[/LEFT][/TD] [TD][LEFT]Pulse Secure version 9.115 and below may be susceptible to client-side http request smuggling, When the application receives a POST request, it ignores the request's Content-Length header and leaves the POST body on the TCP/TLS socket. This body ends up prefixing the next HTTP request sent down that connection, this means when someone loads website attacker may be able to make browser issue a POST to the application, enabling XSS.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-21826&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-21826]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-21826') [MISC]('https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/Client-Side-Desync-Attack/')[/TD] [/TR] [TR] [TD][LEFT]pyup -- dependency_parser[/LEFT][/TD] [TD][LEFT]Saleor is a headless, GraphQL commerce platform. In affected versions some GraphQL mutations were not properly checking the ID type input which allowed to access database objects that the authenticated user may not be allowed to access. This vulnerability can be used to expose the following information: Estimating database row counts from tables with a sequential primary key or Exposing staff user and customer email addresses and full name through the `assignNavigation()` mutation. This issue has been patched in main and backported to multiple releases (3.7.17, 3.6.18, 3.5.23, 3.4.24, 3.3.26, 3.2.14, 3.1.24). Users are advised to upgrade. There are no known workarounds for this issue.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39275&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-39275]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39275') [CONFIRM]('https://github.com/saleor/saleor/security/advisories/GHSA-xhq8-8c5v-w8ff') [MISC]('https://github.com/saleor/saleor/commit/96e04c092ddcac17b14f2e31554aa02d9006d0ce')[/TD] [/TR] [TR] [TD][LEFT]quizandsurveymaster -- quiz_and_survey_master[/LEFT][/TD] [TD][LEFT]Insecure direct object references (IDOR) vulnerability in ExpressTech Quiz And Survey Master plugin <= 7.3.4 at WordPress allows attackers to change the content of the quiz.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-36865&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2021-36865]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-36865') [CONFIRM]('https://wordpress.org/plugins/quiz-master-next/#developers') [CONFIRM]('https://patchstack.com/database/vulnerability/quiz-master-next/wordpress-quiz-and-survey-master-plugin-7-3-4-insecure-direct-object-references-idor-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]samsung -- factorycamerafb[/LEFT][/TD] [TD][LEFT]Improper access control vulnerability in CameraTestActivity in FactoryCameraFB prior to version 3.5.51 allows attackers to access broadcasting Intent as system uid privilege.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39857&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-39857]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39857') [MISC]('https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=10')[/TD] [/TR] [TR] [TD][LEFT]samsung -- group_sharing[/LEFT][/TD] [TD][LEFT]Improper access control vulnerability in ProfileSharingAccount in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and below allows attackers to identify the device.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39877&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-39877]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39877') [MISC]('https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=10')[/TD] [/TR] [TR] [TD][LEFT]samsung -- internet[/LEFT][/TD] [TD][LEFT]Improper authorization vulnerability in Samsung Internet prior to version 18.0.4.14 allows physical attackers to add bookmarks in secret mode without user authentication.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][4.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39873&vector=CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-39873]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39873') [MISC]('https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=10')[/TD] [/TR] [TR] [TD][LEFT]solarwinds -- solarwinds_platform[/LEFT][/TD] [TD][LEFT]Insufficient sanitization of inputs in QoE application input field could lead to stored and Dom based XSS attack. This issue is fixed and released in SolarWinds Platform (2022.3.0).[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-36965&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-36965]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-36965') [CONFIRM]('https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-3_release_notes.htm#:~:text=Release%20date%3A%20May%2024%2C%202022%20These%20release%20notes,issues.%20New%20features%20and%20improvements%20in%20SolarWinds%20Platform') [CONFIRM]('https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36965')[/TD] [/TR] [TR] [TD][LEFT]spacexchimp -- social_media_follow_buttons_bar[/LEFT][/TD] [TD][LEFT]Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Social Media Follow Buttons Bar plugin <= 4.73 at WordPress.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-36839&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2021-36839]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-36839') [CONFIRM]('https://patchstack.com/database/vulnerability/social-media-buttons-toolbar/wordpress-social-media-follow-buttons-bar-plugin-4-73-authenticated-stored-cross-site-scripting-xss-vulnerability?_s_id=cve') [CONFIRM]('https://wordpress.org/plugins/social-media-buttons-toolbar/')[/TD] [/TR] [TR] [TD][LEFT]spsoftmobile -- applock[/LEFT][/TD] [TD][LEFT]AppLock version 7.9.29 allows an attacker with physical access to the device to bypass biometric authentication. This is possible because the application did not correctly implement fingerprint validations.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][6.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-1959&vector=CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-1959]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-1959') [MISC]('https://www.spsoftmobile.com/') [MISC]('https://fluidattacks.com/advisories/walker/')[/TD] [/TR] [TR] [TD][LEFT]suse -- linux_enterprise_server[/LEFT][/TD] [TD][LEFT]A Incorrect Authorization vulnerability in chkstat of SUSE Linux Enterprise Server 12-SP5; openSUSE Leap 15.3, openSUSE Leap 15.4, openSUSE Leap Micro 5.2 did not consider group writable path components, allowing local attackers with access to a group what can write to a location included in the path to a privileged binary to influence path resolution. This issue affects: SUSE Linux Enterprise Server 12-SP5 permissions versions prior to 20170707. openSUSE Leap 15.3 permissions versions prior to 20200127. openSUSE Leap 15.4 permissions versions prior to 20201225. openSUSE Leap Micro 5.2 permissions versions prior to 20181225.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-31252&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-31252]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-31252') [CONFIRM]('https://bugzilla.suse.com/show_bug.cgi?id=1203018')[/TD] [/TR] [TR] [TD][LEFT]veritas -- netbackup[/LEFT][/TD] [TD][LEFT]An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server nbars process can be crashed resulting in a denial of service. (Note: the watchdog service will automatically restart the process.)[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42300&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-42300]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42300') [MISC]('https://www.veritas.com/content/support/en_US/security/VTS22-013#M2')[/TD] [/TR] [TR] [TD][LEFT]veritas -- netbackup[/LEFT][/TD] [TD][LEFT]An issue was discovered in Veritas NetBackup through 8.2 and related Veritas products. An attacker with local access can send a crafted packet to pbx_exchange during registration and cause a NULL pointer exception, effectively crashing the pbx_exchange process.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42306&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-42306]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42306') [MISC]('https://www.veritas.com/content/support/en_US/security/VTS22-010#M1')[/TD] [/TR] [TR] [TD][LEFT]wp_socializer_project -- wp_socializer[/LEFT][/TD] [TD][LEFT]The WP Socializer WordPress plugin before 7.3 does not sanitise and escape some of its Icons settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2763&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-2763]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2763') [MISC]('https://wpscan.com/vulnerability/36a7b872-31fa-4375-9be7-8f787e616ed5')[/TD] [/TR] [TR] [TD][LEFT]xgenecloud -- nocodb[/LEFT][/TD] [TD][LEFT]Denial of Service in GitHub repository nocodb/nocodb prior to 0.92.0.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3423&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-3423]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3423') [CONFIRM]('https://huntr.dev/bounties/94639d8e-8301-4432-ab80-e76e1346e631') [MISC]('https://github.com/nocodb/nocodb/commit/000ecd886738b965b5997cd905825e3244f48b95')[/TD] [/TR] [TR] [TD][LEFT]xpdfreader -- xpdf[/LEFT][/TD] [TD][LEFT]An issue was discovered in Xpdf 4.04. There is a crash in gfseek(_IO_FILE*, long, int) in goo/gfile.cc.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41842&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41842]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41842') [MISC]('http://www.xpdfreader.com/download.html') [MISC]('https://forum.xpdfreader.com/viewtopic.php?f=1&t=42340&p=43928&hilit=gfseek#p43928')[/TD] [/TR] [TR] [TD][LEFT]xpdfreader -- xpdf[/LEFT][/TD] [TD][LEFT]An issue was discovered in Xpdf 4.04. There is a crash in convertToType0 in fofi/FoFiType1C.cc, a different vulnerability than CVE-2022-38928.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41843&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41843]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41843') [MISC]('https://forum.xpdfreader.com/viewtopic.php?f=3&t=42325&sid=7b08ba9a518a99ce3c5ff40e53fc6421') [MISC]('https://forum.xpdfreader.com/viewtopic.php?f=1&t=42344')[/TD] [/TR] [TR] [TD][LEFT]xpdfreader -- xpdf[/LEFT][/TD] [TD][LEFT]An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetch(int, int, Object*, int) in xpdf/XRef.cc, a different vulnerability than CVE-2018-16369 and CVE-2019-16088.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41844&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-41844]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41844') [MISC]('https://forum.xpdfreader.com/viewtopic.php?f=3&t=42308&p=43844&hilit=XRef%3A%3Afetch#p43844') [MISC]('http://www.xpdfreader.com/download.html') [MISC]('https://forum.xpdfreader.com/viewtopic.php?f=1&t=42340&p=43928&hilit=gfseek#p43928')[/TD] [/TR] [TR] [TD][LEFT]yetiforce -- yetiforce_customer_relationship_management[/LEFT][/TD] [TD][LEFT]Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3002&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-3002]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3002') [MISC]('https://github.com/yetiforcecompany/yetiforcecrm/commit/54728becfdad9b6e686bbe336007cba2ce518248') [CONFIRM]('https://huntr.dev/bounties/d213d7ea-fe92-40b2-a1f9-2ba32dec50f5')[/TD] [/TR] [TR] [TD][LEFT]zephyr-one -- zephyr_project_manager[/LEFT][/TD] [TD][LEFT]The Zephyr Project Manager WordPress plugin before 3.2.55 does not have any authorisation as well as CSRF in all its AJAX actions, allowing unauthenticated users to call them either directly or via CSRF attacks. Furthermore, due to the lack of sanitisation and escaping, it could also allow them to perform Stored Cross-Site Scripting attacks against logged in admins.[/LEFT][/TD] [TD][CENTER]2022-10-03[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-2839&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-2839]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-2839') [MISC]('https://wpscan.com/vulnerability/82e01f95-81c2-46d8-898e-07b3b8a3f8c9')[/TD] [/TR] [TR] [TD][LEFT]zinclabs -- zinc[/LEFT][/TD] [TD][LEFT]In Zinc, versions v0.1.9 through v0.3.1 are vulnerable to Stored Cross-Site Scripting when using the delete user functionality. When an authenticated user deletes a user having a XSS payload in the user id field, the javascript payload will be executed and allow an attacker to access the user’s credentials.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32171&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-32171]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32171') [MISC]('https://www.mend.io/vulnerability-database/CVE-2022-32171') [MISC]('https://github.com/zinclabs/zinc/commit/3376c248bade163430f9347742428f0a82cd322d')[/TD] [/TR] [TR] [TD][LEFT]zinclabs -- zinc[/LEFT][/TD] [TD][LEFT]In Zinc, versions v0.1.9 through v0.3.1 are vulnerable to Stored Cross-Site Scripting when using the delete template functionality. When an authenticated user deletes a template with a XSS payload in the name field, the Javascript payload will be executed and allow an attacker to access the user’s credentials.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32172&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-32172]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32172') [MISC]('https://www.mend.io/vulnerability-database/CVE-2022-32172') [MISC]('https://github.com/zinclabs/zinc/commit/3376c248bade163430f9347742428f0a82cd322d')[/TD] [/TR] [/TABLE][/CENTER] [Back to top]('https://us-cert.cisa.gov#top')

Low Vulnerabilities

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD][LEFT]dell -- hybrid_client[/LEFT][/TD] [TD][LEFT]Dell Hybrid Client prior to version 1.8 contains a Regular Expression Denial of Service Vulnerability in the UI. An adversary with WMS group admin access could potentially exploit this vulnerability, leading to temporary denial-of-service.[/LEFT][/TD] [TD][CENTER]2022-09-30[/CENTER][/TD] [TD][CENTER][2.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-34428&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L')[/CENTER][/TD] [TD][CVE-2022-34428]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-34428') [MISC]('https://www.dell.com/support/kbdoc/en-us/000203345/dsa-2022-260-dell-hybrid-client-security-update-for-multiple-vulnerabilities')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]Exposure of sensitive information in AT_Distributor prior to SMR Oct-2022 Release 1 allows local attacker to access SerialNo via log.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39848&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-39848]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39848') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=10')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]Improper access control in knox_vpn_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39849&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-39849]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39849') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=10')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]Improper access control in mum_container_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39850&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-39850]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39850') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=10')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]Improper access control vulnerability in imsservice application prior to SMR Oct-2022 Release 1 allows local attackers to access call information.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39856&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-39856]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39856') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=10')[/TD] [/TR] [TR] [TD][LEFT]samsung -- uphelper_library[/LEFT][/TD] [TD][LEFT]Implicit intent hijacking vulnerability in UPHelper library prior to version 3.0.12 allows attackers to access sensitive information via implicit intent.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-39859&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-39859]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39859') [MISC]('https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=10')[/TD] [/TR] [/TABLE][/CENTER] [Back to top]('https://us-cert.cisa.gov#top')

Severity Not Yet Assigned

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD][LEFT]aruba -- multiple_products[/LEFT][/TD] [TD][LEFT]There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user on the underlying operating system of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS 8.6.x: 8.6.0.18 and below; Aruba InstantOS 8.7.x: 8.7.1.9 and below; Aruba InstantOS 8.10.x: 8.10.0.1 and below; ArubaOS 10.3.x: 10.3.1.0 and below; Aruba has released upgrades for Aruba InnstantOS that address these security vulnerabilities.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-37885]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37885') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-014.txt')[/TD] [/TR] [TR] [TD][LEFT]aruba -- multiple_products[/LEFT][/TD] [TD][LEFT]An unauthenticated Denial of Service (DoS) vulnerability exists in the handling of certain SSID strings by Aruba InstantOS and ArubaOS 10. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected AP of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS 8.6.x: 8.6.0.18 and below; Aruba InstantOS 8.7.x: 8.7.1.9 and below; Aruba InstantOS 8.10.x: 8.10.0.1 and below; ArubaOS 10.3.x: 10.3.1.0 and below; Aruba has released upgrades for Aruba InstantOS that address this security vulnerability.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-37894]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37894') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-014.txt')[/TD] [/TR] [TR] [TD][LEFT]aruba -- multiple_products[/LEFT][/TD] [TD][LEFT]An unauthenticated Denial of Service (DoS) vulnerability exists in the handling of certain SSID strings by Aruba InstantOS and ArubaOS 10. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected AP of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS 8.6.x: 8.6.0.18 and below; Aruba InstantOS 8.7.x: 8.7.1.9 and below; Aruba InstantOS 8.10.x: 8.10.0.1 and below; ArubaOS 10.3.x: 10.3.1.0 and below; Aruba has released upgrades for Aruba InstantOS that address this security vulnerability.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-37895]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37895') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-014.txt')[/TD] [/TR] [TR] [TD][LEFT]aruba -- multiple_products[/LEFT][/TD] [TD][LEFT]A vulnerability in the Aruba InstantOS and ArubaOS 10 web management interface could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim’s browser in the context of the affected interface of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS 8.6.x: 8.6.0.18 and below; Aruba InstantOS 8.7.x: 8.7.1.9 and below; Aruba InstantOS 8.10.x: 8.10.0.1 and below; ArubaOS 10.3.x: 10.3.1.0 and below; Aruba has released upgrades for Aruba InstantOS that address this security vulnerability.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-37896]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37896') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-014.txt')[/TD] [/TR] [TR] [TD][LEFT]aruba -- multiple_products [/LEFT][/TD] [TD][LEFT]There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user on the underlying operating system of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS 8.6.x: 8.6.0.18 and below; Aruba InstantOS 8.7.x: 8.7.1.9 and below; Aruba InstantOS 8.10.x: 8.10.0.1 and below; ArubaOS 10.3.x: 10.3.1.0 and below; Aruba has released upgrades for Aruba InnstantOS that address these security vulnerabilities.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-37886]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37886') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-014.txt')[/TD] [/TR] [TR] [TD][LEFT]aruba -- multiple_products [/LEFT][/TD] [TD][LEFT]There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user on the underlying operating system of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS 8.6.x: 8.6.0.18 and below; Aruba InstantOS 8.7.x: 8.7.1.9 and below; Aruba InstantOS 8.10.x: 8.10.0.1 and below; ArubaOS 10.3.x: 10.3.1.0 and below; Aruba has released upgrades for Aruba InnstantOS that address these security vulnerabilities.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-37887]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37887') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-014.txt')[/TD] [/TR] [TR] [TD][LEFT]aruba -- multiple_products [/LEFT][/TD] [TD][LEFT]There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user on the underlying operating system of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS 8.6.x: 8.6.0.18 and below; Aruba InstantOS 8.7.x: 8.7.1.9 and below; Aruba InstantOS 8.10.x: 8.10.0.1 and below; ArubaOS 10.3.x: 10.3.1.0 and below; Aruba has released upgrades for Aruba InnstantOS that address these security vulnerabilities.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-37889]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37889') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-014.txt')[/TD] [/TR] [TR] [TD][LEFT]aruba -- multiple_products [/LEFT][/TD] [TD][LEFT]Unauthenticated buffer overflow vulnerabilities exist within the Aruba InstantOS and ArubaOS 10 web management interface. Successful exploitation results in the execution of arbitrary commands on the underlying operating system of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS 8.6.x: 8.6.0.18 and below; Aruba InstantOS 8.7.x: 8.7.1.9 and below; Aruba InstantOS 8.10.x: 8.10.0.1 and below; ArubaOS 10.3.x: 10.3.1.0 and below; Aruba has released upgrades for Aruba InnstantOS that address these security vulnerabilities.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-37890]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37890') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-014.txt')[/TD] [/TR] [TR] [TD][LEFT]aruba -- multiple_products [/LEFT][/TD] [TD][LEFT]Unauthenticated buffer overflow vulnerabilities exist within the Aruba InstantOS and ArubaOS 10 web management interface. Successful exploitation results in the execution of arbitrary commands on the underlying operating system of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS 8.6.x: 8.6.0.18 and below; Aruba InstantOS 8.7.x: 8.7.1.9 and below; Aruba InstantOS 8.10.x: 8.10.0.1 and below; ArubaOS 10.3.x: 10.3.1.0 and below; Aruba has released upgrades for Aruba InnstantOS that address these security vulnerabilities.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-37891]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37891') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-014.txt')[/TD] [/TR] [TR] [TD][LEFT]aruba -- multiple_products [/LEFT][/TD] [TD][LEFT]A vulnerability in the Aruba InstantOS and ArubaOS 10 web management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim’s browser in the context of the affected interface of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS 8.6.x: 8.6.0.18 and below; Aruba InstantOS 8.7.x: 8.7.1.9 and below; Aruba InstantOS 8.10.x: 8.10.0.1 and below; ArubaOS 10.3.x: 10.3.1.0 and below; Aruba has released upgrades for Aruba InnstantOS that address this security vulnerability.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-37892]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37892') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-014.txt')[/TD] [/TR] [TR] [TD][LEFT]aruba -- multiple_products [/LEFT][/TD] [TD][LEFT]An authenticated command injection vulnerability exists in the Aruba InstantOS and ArubaOS 10 command line interface. Successful exploitation of this vulnerability results in the ability to execute arbitrary commands as a privileged user on the underlying operating system of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS 8.6.x: 8.6.0.18 and below; Aruba InstantOS 8.7.x: 8.7.1.9 and below; Aruba InstantOS 8.10.x: 8.10.0.1 and below; ArubaOS 10.3.x: 10.3.1.0 and below; Aruba has released upgrades for Aruba InstantOS that address this security vulnerability.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-37893]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37893') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-014.txt')[/TD] [/TR] [TR] [TD][LEFT]autodesk -- image_processing[/LEFT][/TD] [TD][LEFT]A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-40162]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-40162') [MISC]('https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011')[/TD] [/TR] [TR] [TD][LEFT]autodesk -- image_processing[/LEFT][/TD] [TD][LEFT]A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-40163]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-40163') [MISC]('https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011')[/TD] [/TR] [TR] [TD][LEFT]autodesk -- image_processing[/LEFT][/TD] [TD][LEFT]A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-40164]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-40164') [MISC]('https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011')[/TD] [/TR] [TR] [TD][LEFT]autodesk -- image_processing[/LEFT][/TD] [TD][LEFT]A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-40165]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-40165') [MISC]('https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011')[/TD] [/TR] [TR] [TD][LEFT]autodesk -- image_processing[/LEFT][/TD] [TD][LEFT]A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code.[/LEFT][/TD] [TD][CENTER]2022-10-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-40166]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-40166') [MISC]('https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011')[/TD] [/TR] [TR] [TD][LEFT]beckman_coulter -- remisol_advance[/LEFT][/TD] [TD][LEFT]A vulnerability was discovered in the Remisol Advance v2.0.12.1 and below for the Normand Message Server. On installation, the permissions set by Remisol Advance allow non-privileged users to overwrite and/or manipulate executables and libraries that run as the elevated SYSTEM user on Windows.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-26235]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-26235') [MISC]('https://www.beckmancoulter.com/products/clinical-information-management-tools/remisol-advance') [MISC]('https://pastebin.com/amgw9pE7')[/TD] [/TR] [TR] [TD][LEFT]beckman_coulter -- remisol_advance[/LEFT][/TD] [TD][LEFT]The default privileges for the running service Normand Remisol Advance Launcher in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows non-privileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-26236]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-26236') [MISC]('https://pastebin.com/hwrvFix5') [MISC]('https://www.beckmancoulter.com/products/clinical-information-management-tools/remisol-advance')[/TD] [/TR] [TR] [TD][LEFT]beckman_coulter -- remisol_advance[/LEFT][/TD] [TD][LEFT]The default privileges for the running service Normand Service Manager in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows non-privileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-26238]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-26238') [MISC]('https://www.beckmancoulter.com/products/clinical-information-management-tools/remisol-advance') [MISC]('https://pastebin.com/23N5wcC7')[/TD] [/TR] [TR] [TD][LEFT]beckman_coulter -- remisol_advance[/LEFT][/TD] [TD][LEFT]The default privileges for the running service Normand Message Buffer in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows non-privileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-26240]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-26240') [MISC]('https://pastebin.com/Bsy6KTxJ') [MISC]('https://www.beckmancoulter.com/products/clinical-information-management-tools/remisol-advance')[/TD] [/TR] [TR] [TD][LEFT]codeigniter -- codeigniter [/LEFT][/TD] [TD][LEFT]CodeIgniter is a PHP full-stack web framework. In versions prior to 4.2.7 setting `$secure` or `$httponly` value to `true` in `Config\Cookie` is not reflected in `set_cookie()` or `Response::setCookie()`. As a result cookie values are erroneously exposed to scripts. It should be noted that this vulnerability does not affect session cookies. Users are advised to upgrade to v4.2.7 or later. Users unable to upgrade are advised to manually construct their cookies either by setting the options in code or by constructing Cookie objects. Examples of each workaround are available in the linked GHSA.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-39284]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39284') [MISC]('https://codeigniter4.github.io/userguide/helpers/cookie_helper.html#set_cookie') [MISC]('https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#restrict_access_to_cookies') [CONFIRM]('https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-745p-r637-7vvp') [MISC]('https://github.com/codeigniter4/CodeIgniter4/issues/6540') [MISC]('https://codeigniter4.github.io/userguide/outgoing/response.html#CodeIgniter%5CHTTP%5CResponse::setCookie') [MISC]('https://github.com/codeigniter4/CodeIgniter4/pull/6544')[/TD] [/TR] [TR] [TD][LEFT]discourse -- discourse-chat [/LEFT][/TD] [TD][LEFT]discourse-chat is a plugin for the Discourse message board which adds chat functionality. In versions prior to 0.9 some places render a chat channel's name and description in an unsafe way, allowing staff members to cause an cross site scripting (XSS) attack by inserting unsafe HTML into them. Version 0.9 has addressed this issue. Users are advised to upgrade. There are no known workarounds for this issue.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-39279]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39279') [CONFIRM]('https://github.com/discourse/discourse-chat/security/advisories/GHSA-qp62-8m3c-9jgj') [MISC]('https://github.com/discourse/discourse-chat/commit/25737733af48e5b9fa60b0561d7fde14bea13cce')[/TD] [/TR] [TR] [TD][LEFT]facebook -- hermes[/LEFT][/TD] [TD][LEFT]It was possible to trigger an infinite recursion condition in the error handler when Hermes executed specific maliciously formed JavaScript. This condition was only possible to trigger in dev-mode (when asserts were enabled). This issue affects Hermes versions prior to v0.12.0.[/LEFT][/TD] [TD][CENTER]2022-10-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-27810]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-27810') [CONFIRM]('https://www.facebook.com/security/advisories/cve-2022-27810')[/TD] [/TR] [TR] [TD][LEFT]fat_free_crm -- fat_free_crm [/LEFT][/TD] [TD][LEFT]fat_free_crm is a an open source, Ruby on Rails customer relationship management platform (CRM). In versions prior to 0.20.1 an authenticated user can perform a remote Denial of Service attack against Fat Free CRM via bucket access. The vulnerability has been patched in commit `c85a254` and will be available in release `0.20.1`. Users are advised to upgrade or to manually apply patch `c85a254`. There are no known workarounds for this issue.[/LEFT][/TD] [TD][CENTER]2022-10-08[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-39281]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-39281') [MISC]('https://github.com/fatfreecrm/fat_free_crm/releases/tag/v0.20.1') [MISC]('https://github.com/fatfreecrm/fat_free_crm/commit/c85a2546348c2692d32f952c753f7f0b43d1ca71') [CONFIRM]('https://github.com/fatfreecrm/fat_free_crm/security/advisories/GHSA-p75c-5x3h-cxcg')[/TD] [/TR] [TR] [TD][LEFT] gradle_enterprise -- gradle_enterprise [/LEFT][/TD]

[TD][LEFT]An access-control vulnerability in Gradle Enterprise 2022.4 through 2022.3.1 allows remote attackers to prevent backups from occurring, and send emails with arbitrary text content to the configured installation-administrator contact address, via HTTP access to an accidentally exposed internal endpoint. This is fixed in 2022.3.2.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41574
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]hancom – office_2020
[/LEFT][/TD]
[TD][LEFT]A buffer underflow vulnerability exists in the way Hword of Hancom Office 2020 version 11.0.0.5357 parses XML-based office files. A specially-crafted malformed file can cause memory corruption by using memory before buffer start, which can lead to code execution. A victim would need to access a malicious file to trigger this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-33896
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
hsqldb – hsqldb
[/LEFT][/TD]

[TD][LEFT]Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb (HyperSQL DataBase) to process untrusted input may be vulnerable to a remote code execution attack. By default it is allowed to call any static method of any Java class in the classpath resulting in code execution. The issue can be prevented by updating to 2.7.1 or by setting the system property “hsqldb.method_class_names” to classes which are allowed to be called. For example, System.setProperty(“hsqldb.method_class_names”, “abc”) or Java argument -Dhsqldb.method_class_names=“abc” can be used. From version 2.7.1 all classes by default are not accessible except those in java.lang.Math and need to be manually enabled.[/LEFT][/TD]
[TD][CENTER]2022-10-06[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41853
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]ikus060 – rdiffweb
[/LEFT][/TD]
[TD][LEFT]Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.5.0a4.[/LEFT][/TD]
[TD][CENTER]2022-10-06[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3376
MISC
CONFIRM[/TD]
[/TR]
[TR]
[TD][LEFT]internet_systems_consortium – dhcp
[/LEFT][/TD]
[TD][LEFT]In ISC DHCP 4.4.0 → 4.4.3, ISC DHCP 4.1-ESV-R1 → 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option(), it increases the option’s refcount field. However, there is not a corresponding call to option_dereference() to decrement the refcount field. The function add_option() is only used in server responses to lease query packets. Each lease query response calls this function for several options, so eventually, the reference counters could overflow and cause the server to abort.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-2928
CONFIRM[/TD]
[/TR]
[TR]
[TD][LEFT]internet_systems_consortium – dhcp
[/LEFT][/TD]
[TD][LEFT]In ISC DHCP 1.0 → 4.4.3, ISC DHCP 4.1-ESV-R1 → 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-2929
CONFIRM[/TD]
[/TR]
[TR]
[TD][LEFT]johnson_controls – metasys_adx_server
[/LEFT][/TD]
[TD][LEFT]On Metasys ADX Server version 12.0 running MVE, an Active Directory user could execute validated actions without providing a valid password when using MVE SMP UI.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-21936
CERT
CONFIRM[/TD]
[/TR]
[TR]
[TD][LEFT]
liferay – liferay_portal
[/LEFT][/TD]

[TD][LEFT]An insecure default in the component auth.login.prompt.enabled of Liferay Portal v7.0.0 through v7.4.2 allows attackers to enumerate usernames, site names, and pages.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41414
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]linux – kernel[/LEFT][/TD]
[TD][LEFT]A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fib_nh_match of the file net/ipv4/fib_semantics.c of the component IPv4 Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-210357 was assigned to this vulnerability.[/LEFT][/TD]
[TD][CENTER]2022-10-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3435
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]mediatek – cpu_dvfs[/LEFT][/TD]
[TD][LEFT]In cpu dvfs, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07139405; Issue ID: ALPS07139405.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-32592
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]mediatek – ims[/LEFT][/TD]
[TD][LEFT]In ims, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319095; Issue ID: ALPS07319095.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-26472
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]mediatek – isp[/LEFT][/TD]
[TD][LEFT]In isp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262305; Issue ID: ALPS07262305.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-26452
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]mediatek – ril
[/LEFT][/TD]
[TD][LEFT]In ril, there is a possible system crash due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07257259; Issue ID: ALPS07257259.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-32591
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]mediatek – sensorhub[/LEFT][/TD]
[TD][LEFT]In sensorhub, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07129717; Issue ID: ALPS07129717.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-26474
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]mediatek – telephony[/LEFT][/TD]
[TD][LEFT]In telephony, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319121; Issue ID: ALPS07319121.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-26471
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]mediatek – vdec_fmt[/LEFT][/TD]
[TD][LEFT]In vdec fmt, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07342197; Issue ID: ALPS07342197.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-26473
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]mediatek – vowe
[/LEFT][/TD]
[TD][LEFT]In vowe, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138493; Issue ID: ALPS07138493.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-32593
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]mediatek – wi-fi_driver
[/LEFT][/TD]
[TD][LEFT]In Wi-Fi driver, there is a possible way to disconnect Wi-Fi due to an improper resource release. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07030600; Issue ID: ALPS07030600.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-32589
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]mediatek – wlan[/LEFT][/TD]
[TD][LEFT]In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310743; Issue ID: ALPS07310743.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-26475
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]mediatek – wlan
[/LEFT][/TD]
[TD][LEFT]In wlan, there is a possible use after free due to an incorrect status check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07299425; Issue ID: ALPS07299425.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-32590
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]nps – nps[/LEFT][/TD]
[TD][LEFT]NPS before v0.26.10 was discovered to contain an authentication bypass vulnerability via constantly generating and sending the Auth key and Timestamp parameters.[/LEFT][/TD]
[TD][CENTER]2022-10-06[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-40494
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
online_leave_management_system – online_leave_management_system
[/LEFT][/TD]

[TD][LEFT]An arbitrary file upload vulnerability in the component /leave_system/classes/Users.php?f=save of Online Leave Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41379
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
panini – panini_everest_engine
[/LEFT][/TD]

[TD][LEFT]Panini Everest Engine 2.0.4 allows unprivileged users to create a file named Everest.exe in the %PROGRAMDATA%\Panini folder. This leads to privilege escalation because a service, running as SYSTEM, uses the unquoted path of %PROGRAMDATA%\Panini\Everest Engine\EverestEngine.exe and therefore a Trojan horse %PROGRAMDATA%\Panini\Everest.exe may be executed instead of the intended vendor-supplied EverestEngine.exe file.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39959
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]perforce – puppet[/LEFT][/TD]
[TD][LEFT]Command injection is possible in the puppetlabs-mysql module prior to version 13.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3276
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]perforce – puppet
[/LEFT][/TD]
[TD][LEFT]Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3275
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]picuploader – picuploader[/LEFT][/TD]
[TD][LEFT]PicUploader v2.6.3 was discovered to contain cross-site scripting (XSS) vulnerability via the setStorageParams function in SettingController.php.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41442
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]samsung – cocktailbarservice[/LEFT][/TD]
[TD][LEFT]Improper access control vulnerability in CocktailBarService prior to SMR Oct-2022 Release 1 allows local attacker to bind service that require BIND_REMOTEVIEWS permission.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39851
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
samsung – dynamic_lockscreen
[/LEFT][/TD]

[TD][LEFT]Improper authorization in Dynamic Lockscreen prior to SMR Sep-2022 Release 1 in Android R(11) and 3.3.03.66 in Android S(12) allows unauthorized use of javascript interface api.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39862
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]samsung – facm[/LEFT][/TD]
[TD][LEFT]Improper access control vulnerability in FACM application prior to SMR Oct-2022 Release 1 allows a local attacker to connect arbitrary AP and Bluetooth devices.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39855
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
samsung – factorycamera
[/LEFT][/TD]

[TD][LEFT]Unprotected Receiver in AtBroadcastReceiver in FactoryCamera prior to version 3.5.51 allows attackers to record video without camera privilege.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39861
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]samsung – libagifencoder.quram.so_library[/LEFT][/TD]
[TD][LEFT]A heap-based overflow vulnerability in makeContactAGIF in libagifencoder.quram.so library prior to SMR Oct-2022 Release 1 allows attacker to perform code execution.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39852
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]samsung – mobile[/LEFT][/TD]
[TD][LEFT]Use after free vulnerability in set_nft_pid and signal_handler function of NFC driver prior to SMR Oct-2022 Release 1 allows attackers to perform malicious actions.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39847
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]samsung – mousenkeyhiddevice[/LEFT][/TD]
[TD][LEFT]Improper restriction of broadcasting Intent in MouseNKeyHidDevice prior to SMR Oct-2022 Release 1 leaks MAC address of the connected Bluetooth device.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-36868
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]samsung – perf-mgr_driver[/LEFT][/TD]
[TD][LEFT]A use after free vulnerability in perf-mgr driver prior to SMR Oct-2022 Release 1 allows attacker to cause memory access fault.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39853
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]samsung – quickshare[/LEFT][/TD]
[TD][LEFT]Improper access control vulnerability in QuickShare prior to version 13.2.3.5 allows attackers to access sensitive information via implicit broadcast.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39860
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]samsung – samsung_account[/LEFT][/TD]
[TD][LEFT]Intent redirection vulnerability in Samsung Account prior to version 13.5.01.3 allows attackers to access content providers without permission.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39863
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
samsung – samsung_account
[/LEFT][/TD]

[TD][LEFT]Sensitive log information leakage vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39874
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
samsung – samsung_account
[/LEFT][/TD]

[TD][LEFT]Improper component protection vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39875
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]samsung – samsung_checkout[/LEFT][/TD]
[TD][LEFT]Improper access control vulnerability in Samsung Checkout prior to version 5.0.55.3 allows attackers to access sensitive information via implicit intent broadcast.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39878
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
samsung – sharelive
[/LEFT][/TD]

[TD][LEFT]Improper restriction of broadcasting Intent in ShareLive prior to version 13.2.03.5 leaks MAC address of the connected Bluetooth device.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39872
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
samsung – smartthings
[/LEFT][/TD]

[TD][LEFT]Improper access control vulnerability in WifiSetupLaunchHelper in SmartThings prior to version 1.7.89.25 allows attackers to access sensitive information via implicit intent.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39864
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
samsung – smartthings
[/LEFT][/TD]

[TD][LEFT]Improper access control vulnerability in ContentsSharingActivity.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39865
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
samsung – smartthings
[/LEFT][/TD]

[TD][LEFT]Improper access control vulnerability in RegisteredEventMediator.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39866
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
samsung – smartthings
[/LEFT][/TD]

[TD][LEFT]Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via SHOW_PERSISTENT_BANNER broadcast.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39867
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
samsung – smartthings
[/LEFT][/TD]

[TD][LEFT]Improper access control vulnerability in GedSamsungAccount.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39868
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
samsung – smartthings
[/LEFT][/TD]

[TD][LEFT]Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via REMOVE_PERSISTENT_BANNER broadcast.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39869
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
samsung – smartthings
[/LEFT][/TD]

[TD][LEFT]Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via PUSH_MESSAGE_RECEIVED broadcast.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39870
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
samsung – smartthings
[/LEFT][/TD]

[TD][LEFT]Improper access control vulnerability cloudNotificationManager.java in SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcasts.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39871
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]samsung – sreminder[/LEFT][/TD]
[TD][LEFT]Insertion of Sensitive Information into Log in PushRegIdUpdateClient of SReminder prior to 8.2.01.13 allows attacker to access device IMEI.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39876
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]sourcecodester – student_clearance_system
[/LEFT][/TD]
[TD][LEFT]A vulnerability was found in SourceCodester Web-Based Student Clearance System. It has been rated as problematic. Affected by this issue is the function prepare of the file /Admin/add-student.php. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-210356.[/LEFT][/TD]
[TD][CENTER]2022-10-08[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-3434
N/A
N/A[/TD]
[/TR]
[TR]
[TD][LEFT]tiny-csrf – tiny-csrf
[/LEFT][/TD]
[TD][LEFT]tiny-csrf is a Node.js cross site request forgery (CSRF) protection middleware. In versions prior to 1.1.0 cookies were not encrypted and thus CSRF tokens were transmitted in the clear. This issue has been addressed in commit 8eead6d and the patch with be included in version 1.1.0. Users are advised to upgrade. There are no known workarounds for this issue.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39287
CONFIRM
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]totaljs – totaljs[/LEFT][/TD]
[TD][LEFT]A cross-site scripting (XSS) vulnerability in TotalJS commit 8c2c8909 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website name text field under Main Settings.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41392
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
totolink – totolink
[/LEFT][/TD]

[TD][LEFT]TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain a stack overflow in the lang parameter in the setLanguageCfg function[/LEFT][/TD]
[TD][CENTER]2022-10-06[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41517
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
totolink – totolink
[/LEFT][/TD]

[TD][LEFT]TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain a command injection vulnerability via the UploadFirmwareFile function at /cgi-bin/cstecgi.cgi.[/LEFT][/TD]
[TD][CENTER]2022-10-06[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41518
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
totolink – totolink
[/LEFT][/TD]

[TD][LEFT]TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the File parameter in the UploadCustomModule function.[/LEFT][/TD]
[TD][CENTER]2022-10-06[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41520
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
totolink – totolink
[/LEFT][/TD]

[TD][LEFT]TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the sPort/ePort parameter in the setIpPortFilterRules function.[/LEFT][/TD]
[TD][CENTER]2022-10-06[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41521
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
totolink – totolink
[/LEFT][/TD]

[TD][LEFT]TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an unauthenticated stack overflow via the “main” function.[/LEFT][/TD]
[TD][CENTER]2022-10-06[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41522
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
totolink – totolink
[/LEFT][/TD]

[TD][LEFT]TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the command parameter in the setTracerouteCfg function.[/LEFT][/TD]
[TD][CENTER]2022-10-06[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41523
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
totolink – totolink
[/LEFT][/TD]

[TD][LEFT]TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the week, sTime, and eTime parameters in the setParentalRules function.[/LEFT][/TD]
[TD][CENTER]2022-10-06[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41524
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
totolink – totolink
[/LEFT][/TD]

[TD][LEFT]TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain a command injection vulnerability via the OpModeCfg function at /cgi-bin/cstecgi.cgi.[/LEFT][/TD]
[TD][CENTER]2022-10-06[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41525
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
totolink – totolink
[/LEFT][/TD]

[TD][LEFT]TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the ip parameter in the setDiagnosisCfg function.[/LEFT][/TD]
[TD][CENTER]2022-10-06[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41526
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
totolink – totolink
[/LEFT][/TD]

[TD][LEFT]TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the pppoeUser parameter in the setOpModeCfg function.[/LEFT][/TD]
[TD][CENTER]2022-10-06[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41527
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]
totolink – totolink
[/LEFT][/TD]

[TD][LEFT]TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the text parameter in the setSmsCfg function.[/LEFT][/TD]
[TD][CENTER]2022-10-06[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-41528
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]vmware – multiple_products
[/LEFT][/TD]
[TD][LEFT]The vCenter Server contains an unsafe deserialisation vulnerability in the PSC (Platform services controller). A malicious actor with admin access on vCenter server may exploit this issue to execute arbitrary code on the underlying operating system that hosts the vCenter Server.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-31680
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]vmware – multiple_products
[/LEFT][/TD]
[TD][LEFT]VMware ESXi contains a null-pointer deference vulnerability. A malicious actor with privileges within the VMX process only, may create a denial of service condition on the host.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-31681
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]wedding_planner – wedding_planner[/LEFT][/TD]
[TD][LEFT]Wedding Planner v1.0 is vulnerable to has arbitrary code execution.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-42075
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]zkteco – zkbiosecurity[/LEFT][/TD]
[TD][LEFT]An access control issue in ZKTeco ZKBioSecurity V5000 3.0.5_r allows attackers to arbitrarily create admin users via a crafted HTTP request.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-36634
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]zkteco – zkbiosecurity[/LEFT][/TD]
[TD][LEFT]ZKteco ZKBioSecurity V5000 4.1.3 was discovered to contain a SQL injection vulnerability via the component /baseOpLog.do.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-36635
MISC
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]zoneminder – zoneminder[/LEFT][/TD]
[TD][LEFT]ZoneMinder is a free, open source Closed-circuit television software application. In affected versions authenticated users can bypass CSRF keys by modifying the request supplied to the Zoneminder web application. These modifications include replacing HTTP POST with an HTTP GET and removing the CSRF key from the request. An attacker can take advantage of this by using an HTTP GET request to perform actions with no CSRF protection. This could allow an attacker to cause an authenticated user to perform unexpected actions on the web application. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39290
CONFIRM
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]zoneminder – zoneminder
[/LEFT][/TD]
[TD][LEFT]ZoneMinder is a free, open source Closed-circuit television software application The file parameter is vulnerable to a cross site scripting vulnerability (XSS) by backing out of the current “tr” “td” brackets. This then allows a malicious user to provide code that will execute when a user views the specific log on the “view=log” page. This vulnerability allows an attacker to store code within the logs that will be executed when loaded by a legitimate user. These actions will be performed with the permission of the victim. This could lead to data loss and/or further exploitation including account takeover. This issue has been addressed in versions 1.36.27 and 1.37.24. Users are advised to upgrade. Users unable to upgrade should disable database logging.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39285
MISC
MISC
CONFIRM[/TD]
[/TR]
[TR]
[TD][LEFT]zoneminder – zoneminder
[/LEFT][/TD]
[TD][LEFT]ZoneMinder is a free, open source Closed-circuit television software application. In affected versions the ZoneMinder API Exposes Database Log contents to user without privileges, allows insertion, modification, deletion of logs without System Privileges. Users are advised yo upgrade as soon as possible. Users unable to upgrade should disable database logging.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39289
MISC
CONFIRM[/TD]
[/TR]
[TR]
[TD][LEFT]zoneminder – zoneminder
[/LEFT][/TD]
[TD][LEFT]ZoneMinder is a free, open source Closed-circuit television software application. Affected versions of zoneminder are subject to a vulnerability which allows users with “View” system permissions to inject new data into the logs stored by Zoneminder. This was observed through an HTTP POST request containing log information to the “/zm/index.php” endpoint. Submission is not rate controlled and could affect database performance and/or consume all storage resources. Users are advised to upgrade. There are no known workarounds for this issue.[/LEFT][/TD]
[TD][CENTER]2022-10-07[/CENTER][/TD]
[TD][CENTER]not yet calculated[/CENTER][/TD]
[TD]CVE-2022-39291
MISC
MISC
MISC
CONFIRM
MISC[/TD]
[/TR]
[/TABLE][/CENTER]
Back to top

This product is provided subject to this Notification and this Privacy & Use policy.

Continue reading…