Weekly Vulnerabilities Reports > August 15 to 21, 2022

Overview

59 new vulnerabilities reported during this period, including 4 critical vulnerabilities and 29 high severity vulnerabilities. This weekly summary report vulnerabilities in 691 products from 39 vendors including Fedoraproject, Intel, VIM, Flir, and Debian. Vulnerabilities are notably categorized as "Cross-site Scripting", "Out-of-bounds Write", "Insufficiently Protected Credentials", "Use After Free", and "Out-of-bounds Read".

  • 31 reported vulnerabilities are remotely exploitables.
  • 19 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 35 reported vulnerabilities are exploitable by an anonymous user.
  • Fedoraproject has the most reported vulnerabilities, with 14 reported vulnerabilities.
  • Apache has the most reported critical vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

4 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2022-08-21 CVE-2022-34916 Apache Improper Input Validation vulnerability in Apache Flume 1.10.0/1.4.0/1.9.0

Apache Flume versions 1.4.0 through 1.10.0 are vulnerable to a remote code execution (RCE) attack when a configuration uses a JMS Source with a JNDI LDAP data source URI when an attacker has control of the target LDAP server.

9.8
2022-08-18 CVE-2022-30601 Intel Insufficiently Protected Credentials vulnerability in Intel products

Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may allow an unauthenticated user to potentially enable information disclosure and escalation of privilege via network access.

9.8
2022-08-18 CVE-2022-37061 Flir OS Command Injection vulnerability in Flir AX8 Firmware

All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are vulnerable to Remote Command Injection.

9.8
2022-08-15 CVE-2022-2314 VR Calendar Project Unspecified vulnerability in VR Calendar Project VR Calendar

The VR Calendar WordPress plugin through 2.3.2 lets any user execute arbitrary PHP functions on the site.

9.8

29 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2022-08-19 CVE-2022-35167 Prinitix Improper Authentication vulnerability in Prinitix Cloud Print Management 1.3.1149.0

Printix Cloud Print Management v1.3.1149.0 for Windows was discovered to contain insecure permissions.

8.8
2022-08-16 CVE-2020-14321 Moodle Incorrect Authorization vulnerability in Moodle

In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, teachers of a course were able to assign themselves the manager role within that course.

8.8
2022-08-15 CVE-2022-2818 Agentejo Improper Authentication vulnerability in Agentejo Cockpit

Authentication Bypass by Primary Weakness in GitHub repository cockpit-hq/cockpit prior to 2.2.2.

8.8
2022-08-15 CVE-2022-37401 Apache Inadequate Encryption Strength vulnerability in Apache Openoffice

Apache OpenOffice supports the storage of passwords for web connections in the user's configuration database.

8.8
2022-08-18 CVE-2022-21225 Intel Unspecified vulnerability in Intel Data Center Manager 3.6.2

Improper neutralization in the Intel(R) Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.

8.0
2022-08-18 CVE-2022-2625 Postgresql
Fedoraproject
Redhat
A vulnerability was found in PostgreSQL.
8.0
2022-08-18 CVE-2021-33060 Intel
Netapp
Out-of-bounds Write vulnerability in multiple products

Out-of-bounds write in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8
2022-08-18 CVE-2022-37047 Broadcom
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_ipv6_next at common/get.c:713.

7.8
2022-08-18 CVE-2022-37048 Broadcom
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_l2len_protocol at common/get.c:344.

7.8
2022-08-18 CVE-2022-37049 Broadcom
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

The component tcpprep in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in parse_mpls at common/get.c:150.

7.8
2022-08-17 CVE-2022-2862 VIM
Fedoraproject
Use After Free vulnerability in multiple products

Use After Free in GitHub repository vim/vim prior to 9.0.0221.

7.8
2022-08-17 CVE-2022-2849 VIM
Fedoraproject
Heap-based Buffer Overflow vulnerability in multiple products

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0220.

7.8
2022-08-17 CVE-2022-2845 Fedoraproject
VIM
Buffer Over-read vulnerability in multiple products

Buffer Over-read in GitHub repository vim/vim prior to 9.0.0218.

7.8
2022-08-17 CVE-2022-31262 GOG Improper Preservation of Permissions vulnerability in GOG Galaxy 2.0.46

An exploitable local privilege escalation vulnerability exists in GOG Galaxy 2.0.46.

7.8
2022-08-15 CVE-2022-2817 VIM
Fedoraproject
Use After Free vulnerability in multiple products

Use After Free in GitHub repository vim/vim prior to 9.0.0213.

7.8
2022-08-15 CVE-2022-2816 VIM
Fedoraproject
Out-of-bounds Read vulnerability in multiple products

Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0212.

7.8
2022-08-15 CVE-2022-34711 Microsoft Unspecified vulnerability in Microsoft products

Windows Defender Credential Guard Elevation of Privilege Vulnerability.

7.8
2022-08-15 CVE-2022-2819 VIM
Fedoraproject
Heap-based Buffer Overflow vulnerability in multiple products

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0211.

7.8
2022-08-15 CVE-2022-38223 W3M Project Out-of-bounds Write vulnerability in W3M Project W3M 0.5.3

There is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3.

7.8
2022-08-18 CVE-2022-36728 Library Management System Project SQL Injection vulnerability in Library Management System Project Library Management System 1.0

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the RollNo parameter at /staff/delstu.php.

7.5
2022-08-18 CVE-2022-37062 Flir Missing Authentication for Critical Function vulnerability in Flir AX8 Firmware 1.46.16

All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are affected by an insecure design vulnerability due to an improper directory access restriction.

7.5
2022-08-18 CVE-2022-37060 Flir Path Traversal vulnerability in Flir AX8 Firmware

FLIR AX8 thermal sensor cameras version up to and including 1.46.16 is vulnerable to Directory Traversal due to an improper access restriction.

7.5
2022-08-17 CVE-2021-45454 Amperecomputing Exposure of Resource to Wrong Sphere vulnerability in Amperecomputing Ampere Altra Firmware and Ampere Altra MAX Firmware

Ampere Altra before SRP 1.08b and Altra Max? before SRP 2.05 allow information disclosure of power telemetry via HWmon.

7.5
2022-08-17 CVE-2022-1401 Device42 Incorrect Authorization vulnerability in Device42 Cmdb

Improper Access Control vulnerability in the /Exago/WrImageResource.adx route as used in Device42 Asset Management Appliance allows an unauthenticated attacker to read sensitive server files with root permissions.

7.5
2022-08-16 CVE-2020-14322 Moodle Allocation of Resources Without Limits or Throttling vulnerability in Moodle

In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to limit the amount of files it can load to help mitigate the risk of denial of service.

7.5
2022-08-16 CVE-2022-35734 Hjholdings Use of Hard-coded Credentials vulnerability in Hjholdings Hulu 3.0.47

'Hulu / ????' App for Android from version 3.0.47 to the version prior to 3.1.2 uses a hard-coded API key for an external service.

7.5
2022-08-15 CVE-2020-21365 Wkhtmltopdf
Debian
Path Traversal vulnerability in multiple products

Directory traversal vulnerability in wkhtmltopdf through 0.12.5 allows remote attackers to read local files and disclose sensitive information via a crafted html file running with the default configurations.

7.5
2022-08-19 CVE-2020-27792 Artifex
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

A heap-based buffer over write vulnerability was found in GhostScript's lp8000_print_page() function in gdevlp8k.c file.

7.1
2022-08-15 CVE-2022-35822 Microsoft Unspecified vulnerability in Microsoft products

Windows Defender Credential Guard Security Feature Bypass Vulnerability.

7.1

25 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2022-08-18 CVE-2022-28697 Intel Unspecified vulnerability in Intel products

Improper access control in firmware for Intel(R) AMT and Intel(R) Standard Manageability may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

6.8
2022-08-18 CVE-2022-36024 Pycord Development Missing Authorization vulnerability in Pycord Development Pycord 2.0.0

py-cord is a an API wrapper for Discord written in Python.

6.5
2022-08-15 CVE-2022-35961 Openzeppelin Improper Validation of Integrity Check Value vulnerability in Openzeppelin Contracts and Contracts Upgradeable

OpenZeppelin Contracts is a library for secure smart contract development.

6.5
2022-08-18 CVE-2021-30071 Hestiacp Cross-site Scripting vulnerability in Hestiacp Control Panel

A cross-site scripting (XSS) vulnerability in /admin/list_key.html of HestiaCP before v1.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.

6.1
2022-08-16 CVE-2022-25799 Cert Open Redirect vulnerability in Cert Vince 1.48.0/1.49.0

An open redirect vulnerability exists in CERT/CC VINCE software prior to 1.50.0.

6.1
2022-08-16 CVE-2022-34257 Adobe
Magento
Cross-site Scripting vulnerability in multiple products

Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.

6.1
2022-08-18 CVE-2022-30944 Intel Insufficiently Protected Credentials vulnerability in Intel products

Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may allow a privileged user to potentially enable information disclosure via local access.

5.5
2022-08-18 CVE-2022-21233 Intel Unspecified vulnerability in Intel products

Improper isolation of shared resources in some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.

5.5
2022-08-18 CVE-2022-26373 Intel
Debian
Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
5.5
2022-08-18 CVE-2022-2874 VIM NULL Pointer Dereference vulnerability in VIM

NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0224.

5.5
2022-08-17 CVE-2022-2867 Libtiff
Fedoraproject
Integer Underflow (Wrap or Wraparound) vulnerability in multiple products

libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write.

5.5
2022-08-17 CVE-2022-2868 Libtiff
Fedoraproject
Out-of-bounds Read vulnerability in multiple products

libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop.

5.5
2022-08-17 CVE-2022-2869 Libtiff
Fedoraproject
Integer Underflow (Wrap or Wraparound) vulnerability in multiple products

libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the extractContigSamples8bits routine.

5.5
2022-08-16 CVE-2022-29959 Emerson Use of a Broken or Risky Cryptographic Algorithm vulnerability in Emerson Openbsi 5.9

Emerson OpenBSI through 2022-04-29 mishandles credential storage.

5.5
2022-08-18 CVE-2022-37063 Flir Cross-site Scripting vulnerability in Flir AX8 Firmware 1.46.16

All FLIR AX8 thermal sensor cameras versions up to and including 1.46.16 are vulnerable to Cross Site Scripting (XSS) due to improper input sanitization.

5.4
2022-08-16 CVE-2022-38189 Esri Cross-site Scripting vulnerability in Esri Portal for Arcgis

A stored Cross Site Scripting (XSS) vulnerability in Esri Portal for ArcGIS may allow a remote, authenticated attacker to pass and store malicious strings via crafted queries which when accessed could potentially execute arbitrary JavaScript code in the user’s browser.

5.4
2022-08-15 CVE-2022-24654 Intelbras Cross-site Scripting vulnerability in Intelbras ATA 200 Firmware 74.19.10.21

Authenticated stored cross-site scripting (XSS) vulnerability in "Field Server Address" field in INTELBRAS ATA 200 Firmware 74.19.10.21 allows attackers to inject JavaScript code through a crafted payload.

5.4
2022-08-18 CVE-2022-36023 Hyperledger Improper Input Validation vulnerability in Hyperledger Fabric

Hyperledger Fabric is an enterprise-grade permissioned distributed ledger framework for developing solutions and applications.

5.3
2022-08-15 CVE-2022-35948 Nodejs CRLF Injection vulnerability in Nodejs Undici

undici is an HTTP/1.1 client, written from scratch for Node.js.`=< undici@5.8.0` users are vulnerable to _CRLF Injection_ on headers when using unsanitized input as request headers, more specifically, inside the `content-type` header.

5.3
2022-08-16 CVE-2022-34258 Adobe
Magento
Cross-site Scripting vulnerability in multiple products

Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker with admin privileges to inject malicious scripts into vulnerable form fields.

4.8
2022-08-16 CVE-2022-34156 Hjholdings Improper Certificate Validation vulnerability in Hjholdings Hulu

'Hulu / ????' App for iOS versions prior to 3.0.81 improperly verifies server certificates, which may allow an attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack.

4.8
2022-08-15 CVE-2022-2152 Duplicate Page AND Post Project Cross-site Scripting vulnerability in Duplicate Page and Post Project Duplicate Page and Post

The Duplicate Page and Post WordPress plugin before 2.8 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

4.8
2022-08-18 CVE-2022-26074 Intel Incomplete Cleanup vulnerability in Intel Server Platform Services Firmware

Incomplete cleanup in a firmware subsystem for Intel(R) SPS before versions SPS_E3_04.08.04.330.0 and SPS_E3_04.01.04.530.0 may allow a privileged user to potentially enable denial of service via local access.

4.4
2022-08-16 CVE-2020-10710 Theforeman Insufficiently Protected Credentials vulnerability in Theforeman Foreman

A flaw was found where the Plaintext Candlepin password is disclosed while updating Red Hat Satellite through the satellite-installer.

4.4
2022-08-16 CVE-2022-2846 Dwbooster Missing Authorization vulnerability in Dwbooster Calendar Event Multi View

The Calendar Event Multi View WordPress plugin before 1.4.07 does not have any authorisation and CSRF checks in place when creating an event, and is also lacking sanitisation as well as escaping in some of the event fields.

4.3

1 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2022-08-17 CVE-2020-14394 Qemu
Fedoraproject
Redhat
Infinite Loop vulnerability in multiple products

An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring.

3.2