Weekly Vulnerabilities Reports > August 29 to September 4, 2022

Overview

157 new vulnerabilities reported during this period, including 20 critical vulnerabilities and 75 high severity vulnerabilities. This weekly summary report vulnerabilities in 538 products from 81 vendors including Debian, Redhat, Fedoraproject, Linux, and Netapp. Vulnerabilities are notably categorized as "Use After Free", "Out-of-bounds Write", "OS Command Injection", "SQL Injection", and "NULL Pointer Dereference".

  • 95 reported vulnerabilities are remotely exploitables.
  • 36 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 88 reported vulnerabilities are exploitable by an anonymous user.
  • Debian has the most reported vulnerabilities, with 30 reported vulnerabilities.
  • Doctor S Appointment System Project has the most reported critical vulnerabilities, with 2 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

20 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2022-09-02 CVE-2022-36640 Influxdata Incorrect Default Permissions vulnerability in Influxdata Influxdb

influxData influxDB before v1.8.10 contains no authentication mechanism or controls, allowing unauthenticated attackers to execute arbitrary commands.

9.8
2022-09-02 CVE-2020-22669 Owasp
Debian
SQL Injection vulnerability in multiple products

Modsecurity owasp-modsecurity-crs 3.2.0 (Paranoia level at PL1) has a SQL injection bypass vulnerability.

9.8
2022-09-02 CVE-2022-34371 Dell Insufficiently Protected Credentials vulnerability in Dell EMC Powerscale Onefs

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.3, contain an unprotected transport of credentials vulnerability.

9.8
2022-09-02 CVE-2022-25371 Apache Path Traversal vulnerability in Apache Ofbiz

Apache OFBiz uses the Birt project plugin (https://eclipse.github.io/birt-website/) to create data visualizations and reports.

9.8
2022-09-02 CVE-2022-36759 Online Food Ordering System Project SQL Injection vulnerability in Online Food Ordering System Project Online Food Ordering System 1.0

Online Food Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the component /dishes.php?res_id=.

9.8
2022-09-01 CVE-2020-35527 Sqlite
Netapp
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

In SQLite 3.31.1, there is an out of bounds access problem through ALTER TABLE for views that have a nested FROM clause.

9.8
2022-09-01 CVE-2022-36672 Xxyopen Use of Hard-coded Credentials vulnerability in Xxyopen Novel-Plus 3.6.2

Novel-Plus v3.6.2 was discovered to contain a hard-coded JWT key located in the project config file.

9.8
2022-08-31 CVE-2022-37130 Dlink OS Command Injection vulnerability in Dlink Dir-816 Firmware 1.10Cnb04

In D-Link DIR-816 A2_v1.10CNB04, DIR-878 DIR_878_FW1.30B08.img a command injection vulnerability occurs in /goform/Diagnosis, after the condition is met, setnum will be spliced into v10 by snprintf, and the system will be executed, resulting in a command injection vulnerability

9.8
2022-08-31 CVE-2022-36201 Doctor S Appointment System Project SQL Injection vulnerability in Doctor'S Appointment System Project Doctor'S Appointment System 1.0

Doctor’s Appointment System v1.0 is vulnerable to Blind SQLi via settings.php.

9.8
2022-08-31 CVE-2022-36202 Doctor S Appointment System Project Authorization Bypass Through User-Controlled Key vulnerability in Doctor'S Appointment System Project Doctor'S Appointment System 1.0

Doctor's Appointment System1.0 is vulnerable to Incorrect Access Control via edoc/patient/settings.php.

9.8
2022-08-31 CVE-2022-36566 Yogeshojha OS Command Injection vulnerability in Yogeshojha Rengine 1.3.0

Rengine v1.3.0 was discovered to contain a command injection vulnerability via the scan engine function.

9.8
2022-08-31 CVE-2022-21941 Johnsoncontrols Command Injection vulnerability in Johnsoncontrols Istar Ultra Firmware

All versions of iSTAR Ultra prior to version 6.8.9.CU01 are vulnerable to a command injection that could allow an unauthenticated user root access to the system.

9.8
2022-08-30 CVE-2022-36749 Sourcefabric OS Command Injection vulnerability in Sourcefabric Rpi-Jukebox-Rfid 2.3.0

RPi-Jukebox-RFID v2.3.0 was discovered to contain a command injection vulnerability via the component /htdocs/utils/Files.php.

9.8
2022-08-30 CVE-2022-37176 Tendacn Unspecified vulnerability in Tendacn AC6 Firmware

Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains a vulnerability which allows attackers to remove the Wi-Fi password and force the device into open security mode via a crafted packet sent to goform/setWizard.

9.8
2022-08-30 CVE-2022-37149 Wavlink OS Command Injection vulnerability in Wavlink Wl-Wn575A3 Firmware Rpt75A3.V4300.201217

WAVLINK WL-WN575A3 RPT75A3.V4300.201217 was discovered to contain a command injection vulnerability when operating the file adm.cgi.

9.8
2022-08-29 CVE-2022-22897 Apollotheme SQL Injection vulnerability in Apollotheme AP Pagebuilder 2.4.4

A SQL injection vulnerability in the product_all_one_img and image_product parameters of the ApolloTheme AP PageBuilder component through 2.4.4 for PrestaShop allows unauthenticated attackers to exfiltrate database data.

9.8
2022-08-29 CVE-2022-21165 Font Converter Project Unspecified vulnerability in Font Converter Project Font Converter 1.0.0/1.1.0/1.1.1

All versions of package font-converter are vulnerable to Arbitrary Command Injection due to missing sanitization of input that potentially flows into the child_process.exec() function.

9.8
2022-08-29 CVE-2022-25644 GET Process BY Name Project Unspecified vulnerability in Get-Process-By-Name Project Get-Process-By-Name

All versions of package @pendo324/get-process-by-name are vulnerable to Arbitrary Code Execution due to improper sanitization of getProcessByName function.

9.8
2022-08-29 CVE-2022-25921 Morgan Json Project Unspecified vulnerability in Morgan-Json Project Morgan-Json

All versions of package morgan-json are vulnerable to Arbitrary Code Execution due to missing sanitization of input passed to the Function constructor.

9.8
2022-08-31 CVE-2022-30317 Honeywell Missing Authentication for Critical Function vulnerability in Honeywell Experion LX Firmware

Honeywell Experion LX through 2022-05-06 has Missing Authentication for a Critical Function.

9.1

75 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2022-09-02 CVE-2022-39176 Bluez
Canonical
Debian
BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate params_len.
8.8
2022-09-02 CVE-2022-39177 Bluez
Canonical
Debian
BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c.
8.8
2022-09-02 CVE-2022-39170 Libdwarf Project
Fedoraproject
Double Free vulnerability in multiple products

libdwarf 0.4.1 has a double free in _dwarf_exec_frame_instr in dwarf_frame.c.

8.8
2022-09-01 CVE-2022-1902 Redhat Exposure of System Data to an Unauthorized Control Sphere vulnerability in Redhat Advanced Cluster Security 3.68/3.69/3.70

A flaw was found in the Red Hat Advanced Cluster Security for Kubernetes.

8.8
2022-09-01 CVE-2022-37435 Apache Incorrect Permission Assignment for Critical Resource vulnerability in Apache Shenyu 2.4.2/2.4.3

Apache ShenYu Admin has insecure permissions, which may allow low-privilege administrators to modify high-privilege administrator's passwords.

8.8
2022-08-31 CVE-2022-37123 Dlink OS Command Injection vulnerability in Dlink Dir-816 Firmware 1.10Cnb04

D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Command injection via /goform/form2userconfig.cgi.

8.8
2022-08-31 CVE-2022-37129 Dlink OS Command Injection vulnerability in Dlink Dir-816 Firmware 1.10Cnb04

D-Link DIR-816 A2_v1.10CNB04.img is vulnerable to Command Injection via /goform/SystemCommand.

8.8
2022-08-31 CVE-2022-1271 GNU
Redhat
Debian
Improper Input Validation vulnerability in multiple products

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility.

8.8
2022-08-31 CVE-2022-1552 Postgresql Incomplete Cleanup vulnerability in Postgresql

A flaw was found in PostgreSQL.

8.8
2022-08-30 CVE-2022-36562 Rubyinstaller Unspecified vulnerability in Rubyinstaller Rubyinstaller2

Incorrect access control in the install directory (C:\Ruby31-x64) of Rubyinstaller2 v3.1.2 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory.

8.8
2022-08-30 CVE-2022-36563 Rubyinstaller Unspecified vulnerability in Rubyinstaller Rubyinstaller2

Incorrect access control in the install directory (C:\RailsInstaller) of Rubyinstaller2 v3.1.2 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory.

8.8
2022-08-30 CVE-2022-36564 Strawberryperl Unspecified vulnerability in Strawberryperl 5.32.1.1

Incorrect access control in the install directory (C:\Strawberry) of StrawberryPerl v5.32.1.1 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory.

8.8
2022-08-30 CVE-2022-36565 Wampserver Unspecified vulnerability in Wampserver

Incorrect access control in the install directory (C:\Wamp64) of Wamp v3.2.6 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory.

8.8
2022-08-30 CVE-2022-38118 Hgiga SQL Injection vulnerability in Hgiga Oaklouds Portal

OAKlouds Portal website’s Meeting Room has insufficient validation for user input.

8.8
2022-08-29 CVE-2022-38625 Patlite Insufficient Verification of Data Authenticity vulnerability in Patlite products

Patlite NH-FB v1.46 and below was discovered to contain insufficient firmware validation during the upgrade firmware file upload process.

8.8
2022-08-29 CVE-2022-0336 Samba
Fedoraproject
Incorrect Default Permissions vulnerability in multiple products

The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the database.

8.8
2022-08-29 CVE-2022-1043 Linux Use After Free vulnerability in Linux Kernel

A flaw was found in the Linux kernel’s io_uring implementation.

8.8
2022-08-31 CVE-2022-2132 Dpdk
Fedoraproject
Debian
Redhat
A permissive list of allowed inputs flaw was found in DPDK.
8.6
2022-08-29 CVE-2022-1117 Fapolicyd Project Files or Directories Accessible to External Parties vulnerability in Fapolicyd Project Fapolicyd

A vulnerability was found in fapolicyd.

8.4
2022-09-02 CVE-2022-31176 Grafana Missing Authentication for Critical Function vulnerability in Grafana Grafana-Image-Renderer

Grafana Image Renderer is a Grafana backend plugin that handles rendering of panels & dashboards to PNGs using a headless browser (Chromium/Chrome).

8.1
2022-09-01 CVE-2022-36773 IBM
Netapp
XXE vulnerability in multiple products

IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data.

8.1
2022-09-03 CVE-2022-3099 VIM
Fedoraproject
Debian
Use After Free vulnerability in multiple products

Use After Free in GitHub repository vim/vim prior to 9.0.0360.

7.8
2022-09-02 CVE-2022-34382 Dell Unspecified vulnerability in Dell Alienware Update, Command Update and Update

Dell Command Update, Dell Update and Alienware Update versions prior to 4.6.0 contains a Local Privilege Escalation Vulnerability in the custom catalog configuration.

7.8
2022-09-02 CVE-2021-35132 Qualcomm Improper Validation of Specified Quantity in Input vulnerability in Qualcomm products

Out of bound write in DSP service due to improper bound check for response buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

7.8
2022-09-02 CVE-2022-22069 Qualcomm Cleartext Storage of Sensitive Information vulnerability in Qualcomm products

Devices with keyprotect off may store unencrypted keybox in RPMB and cause cryptographic issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

7.8
2022-09-02 CVE-2022-22070 Qualcomm Out-of-bounds Write vulnerability in Qualcomm products

Memory corruption in audio due to lack of check of invalid routing address into APR Routing table in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8
2022-09-02 CVE-2022-22080 Qualcomm Out-of-bounds Write vulnerability in Qualcomm products

Improper validation of backend id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

7.8
2022-09-02 CVE-2022-22098 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm Apq8096Au Firmware

Memory corruption in multimedia driver due to untrusted pointer dereference while reading data from socket in Snapdragon Auto

7.8
2022-09-02 CVE-2022-22100 Qualcomm Out-of-bounds Write vulnerability in Qualcomm products

Memory corruption in multimedia due to improper check on received export descriptors in Snapdragon Auto

7.8
2022-09-02 CVE-2022-22104 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

Memory corruption in multimedia due to improper check on the messages received.

7.8
2022-09-02 CVE-2022-39189 Linux
Netapp
An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17.
7.8
2022-09-01 CVE-2022-2319 X ORG Unspecified vulnerability in X.Org Xorg-Server 21.1.0

A flaw was found in the Xorg-x11-server.

7.8
2022-09-01 CVE-2022-2320 X ORG Out-of-bounds Write vulnerability in X.Org Xorg-Server 21.1.0

A flaw was found in the Xorg-x11-server.

7.8
2022-09-01 CVE-2022-2639 Linux
Redhat
Incorrect Conversion between Numeric Types vulnerability in multiple products

An integer coercion error was found in the openvswitch kernel module.

7.8
2022-08-31 CVE-2022-2896 Measuresoft Use After Free vulnerability in Measuresoft Scadapro Server

Measuresoft ScadaPro Server (All Versions) allows use after free while processing a specific project file.

7.8
2022-08-31 CVE-2022-1976 Linux Use After Free vulnerability in Linux Kernel

A flaw was found in the Linux kernel’s implementation of IO-URING.

7.8
2022-08-30 CVE-2022-37172 Msys2 Unspecified vulnerability in Msys2 20220603

Incorrect access control in the install directory (C:\msys64) of Msys2 v20220603 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory.

7.8
2022-08-30 CVE-2022-3037 VIM
Fedoraproject
Use After Free vulnerability in multiple products

Use After Free in GitHub repository vim/vim prior to 9.0.0322.

7.8
2022-08-30 CVE-2022-24106 Glyphandcog Integer Overflow or Wraparound vulnerability in Glyphandcog Xpdfreader

In Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc.

7.8
2022-08-30 CVE-2022-24107 Glyphandcog Integer Overflow or Wraparound vulnerability in Glyphandcog Xpdfreader

Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc.

7.8
2022-08-30 CVE-2022-38784 Freedesktop
Debian
Fedoraproject
Integer Overflow or Wraparound vulnerability in multiple products

Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc).

7.8
2022-08-29 CVE-2022-0358 Qemu
Redhat
Improper Check for Dropped Privileges vulnerability in multiple products

A flaw was found in the QEMU virtio-fs shared file system daemon (virtiofsd) implementation.

7.8
2022-08-29 CVE-2022-0367 Libmodbus
Fedoraproject
Debian
Out-of-bounds Write vulnerability in multiple products

A heap-based buffer overflow flaw was found in libmodbus in function modbus_reply() in src/modbus.c.

7.8
2022-08-29 CVE-2022-38511 Totolink OS Command Injection vulnerability in Totolink A810R Firmware 5.9C.4050B20190424

TOTOLINK A810R V5.9c.4050_B20190424 was discovered to contain a command injection vulnerability via the component downloadFile.cgi.

7.8
2022-09-02 CVE-2020-29260 Libvncserver Project
Debian
Resource Exhaustion vulnerability in multiple products

libvncclient v0.9.13 was discovered to contain a memory leak via the function rfbClientCleanup().

7.5
2022-09-02 CVE-2022-36078 Binary Project Improper Validation of Specified Quantity in Input vulnerability in Binary Project Binary

Binary provides encoding/decoding in Borsh and other formats.

7.5
2022-09-02 CVE-2022-29158 Apache Unspecified vulnerability in Apache Ofbiz

Apache OFBiz up to version 18.12.05 is vulnerable to Regular Expression Denial of Service (ReDoS) in the way it handles URLs provided by external, unauthenticated users.

7.5
2022-09-01 CVE-2022-2738 Redhat
Podman Project
Use After Free vulnerability in multiple products

The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-8945, which was previously fixed via RHSA-2020:2117.

7.5
2022-09-01 CVE-2022-32743 Samba
Fedoraproject
Incorrect Default Permissions vulnerability in multiple products

Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it.

7.5
2022-09-01 CVE-2022-30614 IBM
Netapp
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to a denial of service via email flooding caused by sending a specially-crafted request.
7.5
2022-09-01 CVE-2020-35525 Sqlite NULL Pointer Dereference vulnerability in Sqlite 3.31.1

In SQlite 3.31.1, a potential null pointer derreference was found in the INTERSEC query processing.

7.5
2022-09-01 CVE-2022-36671 Xxyopen Download of Code Without Integrity Check vulnerability in Xxyopen Novel-Plus 3.6.2

Novel-Plus v3.6.2 was discovered to contain an arbitrary file download vulnerability via the background file download API.

7.5
2022-08-31 CVE-2022-36620 Dlink Improper Validation of Specified Quantity in Input vulnerability in Dlink Dir-816 Firmware 1.10Cnb04

D-link DIR-816 A2_v1.10CNB04, DIR-878 DIR_878_FW1.30B08.img is vulnerable to Buffer Overflow via /goform/addRouting.

7.5
2022-08-31 CVE-2022-38152 Wolfssl Improper Check for Unusual or Exceptional Conditions vulnerability in Wolfssl

An issue was discovered in wolfSSL before 5.5.0.

7.5
2022-08-31 CVE-2022-1259 Redhat
Netapp
Resource Exhaustion vulnerability in multiple products

A flaw was found in Undertow.

7.5
2022-08-31 CVE-2022-1319 Redhat
Netapp
Unchecked Return Value vulnerability in multiple products

A flaw was found in Undertow.

7.5
2022-08-31 CVE-2022-26330 Microfocus Unspecified vulnerability in Microfocus Arcsight Logger

Potential vulnerabilities have been identified in Micro Focus ArcSight Logger.

7.5
2022-08-30 CVE-2022-36552 Tendacn Files or Directories Accessible to External Parties vulnerability in Tendacn AC6 Firmware

Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains an issue in the component /cgi-bin/DownloadFlash which allows attackers to steal all data such as source code and system files via a crafted GET request.

7.5
2022-08-30 CVE-2022-37237 Zlmediakit Unspecified vulnerability in Zlmediakit 5.0

An attacker can send malicious RTMP requests to make the ZLMediaKit server crash remotely.

7.5
2022-08-30 CVE-2022-25857 Snakeyaml Project
Debian
XML Entity Expansion vulnerability in multiple products

The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.

7.5
2022-08-30 CVE-2022-25887 Apostrophecms Unspecified vulnerability in Apostrophecms Sanitize-Html

The package sanitize-html before 2.7.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure global regular expression replacement logic of HTML comment removal.

7.5
2022-08-30 CVE-2022-39028 GNU
MIT
Debian
Netkit Telnet Project
NULL Pointer Dereference vulnerability in multiple products

telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8.

7.5
2022-08-29 CVE-2022-37680 Hitachi Missing Authentication for Critical Function vulnerability in Hitachi Hc-Ip9100Hd Firmware 1.07

An improper authentication for critical function issue in Hitachi Kokusai Electric Network products for monitoring system (Camera, Decoder and Encoder) and bellow allows attckers to remotely reboot the device via a crafted POST request to the endpoint /ptipupgrade.cgi.

7.5
2022-08-29 CVE-2022-37681 Hitachi Path Traversal vulnerability in Hitachi Hc-Ip9100Hd Firmware 1.07

Hitachi Kokusai Electric Newtork products for monitoring system (Camera, Decoder and Encoder) and below allows attckers to perform a directory traversal via a crafted GET request to the endpoint /ptippage.cgi.

7.5
2022-08-29 CVE-2022-37177 Hirevue Use of a Broken or Risky Cryptographic Algorithm vulnerability in Hirevue Hiring Platform

HireVue Hiring Platform V1.0 suffers from Use of a Broken or Risky Cryptographic Algorithm.

7.5
2022-08-29 CVE-2022-36034 Nitrado JS Project Unspecified vulnerability in Nitrado.Js Project Nitrado.Js

nitrado.js is a type safe wrapper for the Nitrado API.

7.5
2022-08-29 CVE-2022-0934 Thekelleys
Redhat
Use After Free vulnerability in multiple products

A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq.

7.5
2022-08-29 CVE-2022-1199 Linux
Redhat
Netapp
Use After Free vulnerability in multiple products

A flaw was found in the Linux kernel.

7.5
2022-09-01 CVE-2022-2996 Python Scciclient Project
Debian
Improper Certificate Validation vulnerability in multiple products

A flaw was found in the python-scciclient when making an HTTPS connection to a server where the server's certificate would not be verified.

7.4
2022-09-02 CVE-2022-37458 Discourse Unspecified vulnerability in Discourse

Discourse through 2.8.7 allows admins to send invitations to arbitrary email addresses at an unlimited rate.

7.2
2022-08-29 CVE-2022-0850 Linux Unspecified vulnerability in Linux Kernel

A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to userspace.

7.1
2022-09-01 CVE-2022-1729 Linux
Netapp
Race Condition vulnerability in multiple products

A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges.

7.0
2022-08-31 CVE-2022-2590 Linux Race Condition vulnerability in Linux Kernel

A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only shared memory mappings.

7.0
2022-08-31 CVE-2022-3028 Linux
Fedoraproject
Debian
Out-of-bounds Write vulnerability in multiple products

A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously.

7.0
2022-08-29 CVE-2022-2961 Linux
Fedoraproject
Netapp
Race Condition vulnerability in multiple products

A use-after-free flaw was found in the Linux kernel’s PLP Rose functionality in the way a user triggers a race condition by calling bind while simultaneously triggering the rose_bind() function.

7.0

61 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2022-09-01 CVE-2022-2447 Openstack
Redhat
Operation on a Resource after Expiration or Release vulnerability in multiple products

A flaw was found in Keystone.

6.6
2022-09-01 CVE-2021-3826 GNU
Fedoraproject
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

Heap/stack buffer overflow in the dlang_lname function in d-demangle.c in libiberty allows attackers to potentially cause a denial of service (segmentation fault and crash) via a crafted mangled symbol.

6.5
2022-09-01 CVE-2022-1632 Redhat
Fedoraproject
Improper Certificate Validation vulnerability in multiple products

An Improper Certificate Validation attack was found in Openshift.

6.5
2022-09-01 CVE-2022-2238 Redhat SQL Injection vulnerability in Redhat Advanced Cluster Management for Kubernetes 2.0

A vulnerability was found in the search-api container in Red Hat Advanced Cluster Management for Kubernetes when a query in the search filter gets parsed by the backend.

6.5
2022-09-01 CVE-2022-2403 Redhat Exposure of System Data to an Unauthorized Control Sphere vulnerability in Redhat Openshift 4.9

A credentials leak was found in the OpenShift Container Platform.

6.5
2022-09-01 CVE-2020-4301 IBM
Netapp
Cross-Site Request Forgery (CSRF) vulnerability in multiple products

IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

6.5
2022-09-01 CVE-2021-20468 IBM
Netapp
Cross-Site Request Forgery (CSRF) vulnerability in multiple products

IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

6.5
2022-09-01 CVE-2021-29823 IBM
Netapp
Cross-Site Request Forgery (CSRF) vulnerability in multiple products

IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

6.5
2022-09-01 CVE-2022-36055 Helm Allocation of Resources Without Limits or Throttling vulnerability in Helm

Helm is a tool for managing Charts.

6.5
2022-09-01 CVE-2022-36449 ARM Use After Free vulnerability in ARM Bifrost, Midgard and Valhall

An issue was discovered in the Arm Mali GPU Kernel Driver.

6.5
2022-08-31 CVE-2022-2519 Libtiff
Debian
Double Free vulnerability in multiple products

There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1

6.5
2022-08-31 CVE-2022-2520 Libtiff
Debian
Incorrect Calculation of Buffer Size vulnerability in multiple products

A flaw was found in libtiff 4.4.0rc1.

6.5
2022-08-31 CVE-2022-2521 Libtiff
Debian
Release of Invalid Pointer or Reference vulnerability in multiple products

It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input.

6.5
2022-08-30 CVE-2022-2330 Mcafee XXE vulnerability in Mcafee Data Loss Prevention Endpoint

Improper Restriction of XML External Entity Reference vulnerability in DLP Endpoint for Windows prior to 11.9.100 allows a remote attacker to cause the DLP Agent to access a local service that the attacker wouldn't usually have access to via a carefully constructed XML file, which the DLP Agent doesn't parse correctly.

6.5
2022-08-30 CVE-2021-46837 Asterisk
Digium
Debian
NULL Pointer Dereference vulnerability in multiple products

res_pjsip_t38 in Sangoma Asterisk 16.x before 16.16.2, 17.x before 17.9.3, and 18.x before 18.2.2, and Certified Asterisk before 16.8-cert7, allows an attacker to trigger a crash by sending an m=image line and zero port in a response to a T.38 re-invite initiated by Asterisk.

6.5
2022-08-29 CVE-2022-36687 Ingredient Stock Management System Project Path Traversal vulnerability in Ingredient Stock Management System Project Ingredient Stock Management System 1.0

Ingredients Stock Management System v1.0 was discovered to contain an arbitrary file deletion vulnerability via the component /classes/Master.php?f=delete_img.

6.5
2022-09-01 CVE-2022-1677 Redhat Resource Exhaustion vulnerability in Redhat Openshift Container Platform

In OpenShift Container Platform, a user with permissions to create or modify Routes can craft a payload that inserts a malformed entry into one of the cluster router's HAProxy configuration files.

6.3
2022-08-29 CVE-2022-21385 Oracle Unspecified vulnerability in Oracle Linux

A flaw in net_rds_alloc_sgs() in Oracle Linux kernels allows unprivileged local users to crash the machine.

6.2
2022-08-31 CVE-2022-1355 Libtiff
Fedoraproject
Redhat
Netapp
Debian
Stack-based Buffer Overflow vulnerability in multiple products

A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function.

6.1
2022-08-31 CVE-2022-26331 Microfocus Cross-site Scripting vulnerability in Microfocus Arcsight Logger

Potential vulnerabilities have been identified in Micro Focus ArcSight Logger.

6.1
2022-08-30 CVE-2022-36747 Cobub Cross-site Scripting vulnerability in Cobub Razor 0.8.0

Razor v0.8.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the function uploadchannel().

6.1
2022-08-29 CVE-2022-36033 Jsoup
Netapp
Cross-site Scripting vulnerability in multiple products

jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting (XSS) safety.

6.1
2022-08-31 CVE-2022-38153 Wolfssl Allocation of Resources Without Limits or Throttling vulnerability in Wolfssl 5.3.0

An issue was discovered in wolfSSL before 5.5.0 (when --enable-session-ticket is used); however, only version 5.3.0 is exploitable.

5.9
2022-08-31 CVE-2022-2758 LS Electric Inadequate Encryption Strength vulnerability in Ls-Electric products

Passwords are not adequately encrypted during the communication process between all versions of LS Industrial Systems (LSIS) Co.

5.9
2022-09-02 CVE-2022-39190 Linux
Debian
An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6.
5.5
2022-09-01 CVE-2022-1615 Samba
Fedoraproject
Use of Insufficiently Random Values vulnerability in multiple products

In Samba, GnuTLS gnutls_rnd() can fail and give predictable random values.

5.5
2022-09-01 CVE-2021-39009 IBM
Netapp
Cleartext Storage of Sensitive Information vulnerability in multiple products

IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 stores user credentials in plain clear text which can be read by a local privileged user.

5.5
2022-09-01 CVE-2021-39045 IBM
Netapp
Insufficiently Protected Credentials vulnerability in multiple products

IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could allow a local attacker to obtain information due to the autocomplete feature on password input fields.

5.5
2022-09-01 CVE-2020-27784 Linux Use After Free vulnerability in Linux Kernel

A vulnerability was found in the Linux kernel, where accessing a deallocated instance in printer_ioctl() printer_ioctl() tries to access of a printer_dev instance.

5.5
2022-09-01 CVE-2020-35530 Libraw
Debian
Out-of-bounds Write vulnerability in multiple products

In LibRaw, there is an out-of-bounds write vulnerability within the "new_node()" function (libraw\src\x3f\x3f_utils_patched.cpp) that can be triggered via a crafted X3F file.

5.5
2022-09-01 CVE-2020-35531 Libraw
Debian
Out-of-bounds Read vulnerability in multiple products

In LibRaw, an out-of-bounds read vulnerability exists within the get_huffman_diff() function (libraw\src\x3f\x3f_utils_patched.cpp) when reading data from an image file.

5.5
2022-09-01 CVE-2020-35532 Libraw
Debian
Out-of-bounds Read vulnerability in multiple products

In LibRaw, an out-of-bounds read vulnerability exists within the "simple_decode_row()" function (libraw\src\x3f\x3f_utils_patched.cpp) which can be triggered via an image with a large row_stride field.

5.5
2022-09-01 CVE-2022-3061 Linux
Debian
Divide By Zero vulnerability in multiple products

Found Linux Kernel flaw in the i740 driver.

5.5
2022-08-31 CVE-2022-1354 Libtiff
Fedoraproject
Redhat
Netapp
Debian
Out-of-bounds Read vulnerability in multiple products

A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function.

5.5
2022-08-31 CVE-2022-2153 Linux
Fedoraproject
Redhat
Debian
NULL Pointer Dereference vulnerability in multiple products

A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ.

5.5
2022-08-29 CVE-2022-0480 Linux
Redhat
Allocation of Resources Without Limits or Throttling vulnerability in multiple products

A flaw was found in the filelock_init in fs/locks.c function in the Linux kernel.

5.5
2022-08-29 CVE-2022-0851 Convert2Rhel Project
Redhat
Information Exposure vulnerability in multiple products

There is a flaw in convert2rhel.

5.5
2022-08-29 CVE-2022-0852 Convert2Rhel Project
Redhat
Privacy Violation vulnerability in multiple products

There is a flaw in convert2rhel.

5.5
2022-08-29 CVE-2022-1016 Linux
Redhat
Missing Initialization of Resource vulnerability in multiple products

A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free.

5.5
2022-08-29 CVE-2022-1184 Linux
Redhat
Debian
Canonical
Use After Free vulnerability in multiple products

A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component.

5.5
2022-08-29 CVE-2022-2953 Libtiff
Netapp
Debian
Out-of-bounds Read vulnerability in multiple products

LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file.

5.5
2022-08-29 CVE-2022-35014 Advancemame
Fedoraproject
Advancecomp v2.3 contains a segmentation fault.
5.5
2022-08-29 CVE-2022-35015 Advancemame
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

Advancecomp v2.3 was discovered to contain a heap buffer overflow via le_uint32_read at /lib/endianrw.h.

5.5
2022-08-29 CVE-2022-35016 Advancemame
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

Advancecomp v2.3 was discovered to contain a heap buffer overflow.

5.5
2022-08-29 CVE-2022-35017 Advancemame
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

Advancecomp v2.3 was discovered to contain a heap buffer overflow.

5.5
2022-08-29 CVE-2022-35018 Advancemame
Fedoraproject
Advancecomp v2.3 was discovered to contain a segmentation fault.
5.5
2022-08-29 CVE-2022-35019 Advancemame
Fedoraproject
Advancecomp v2.3 was discovered to contain a segmentation fault.
5.5
2022-08-29 CVE-2022-35020 Advancemame
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

Advancecomp v2.3 was discovered to contain a heap buffer overflow via the component __interceptor_memcpy at /sanitizer_common/sanitizer_common_interceptors.inc.

5.5
2022-09-01 CVE-2022-2663 Linux
Debian
Improper Restriction of Communication Channel to Intended Endpoints vulnerability in multiple products

An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message.

5.3
2022-09-01 CVE-2022-2739 Redhat
Podman Project
Cleartext Storage of Sensitive Information vulnerability in multiple products

The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-14370, which was previously fixed via RHSA-2020:5056.

5.3
2022-08-31 CVE-2022-39046 GNU
Netapp
Information Exposure Through Log Files vulnerability in multiple products

An issue was discovered in the GNU C Library (glibc) 2.36.

5.3
2022-08-29 CVE-2022-2034 Automattic Authorization Bypass Through User-Controlled Key vulnerability in Automattic Sensei LMS

The Sensei LMS WordPress plugin before 4.5.0 does not have proper permissions set in one of its REST endpoint, allowing unauthenticated users to access private messages sent to teachers

5.3
2022-09-01 CVE-2022-23452 Openstack
Redhat
Incorrect Authorization vulnerability in multiple products

An authorization flaw was found in openstack-barbican, where anyone with an admin role could add secrets to a different project container.

4.9
2022-09-01 CVE-2022-2764 Redhat
Netapp
A flaw was found in Undertow.
4.9
2022-08-29 CVE-2022-0718 Openstack
Redhat
Debian
Information Exposure Through Log Files vulnerability in multiple products

A flaw was found in python-oslo-utils.

4.9
2022-08-29 CVE-2022-0485 Redhat Unchecked Return Value vulnerability in Redhat Enterprise Linux and Libnbd

A flaw was found in the copying tool `nbdcopy` of libnbd.

4.8
2022-09-02 CVE-2022-38170 Apache Incorrect Permission Assignment for Critical Resource vulnerability in Apache Airflow

In Apache Airflow prior to 2.3.4, an insecure umask was configured for numerous Airflow components when running with the `--daemon` flag which could result in a race condition giving world-writable files in the Airflow home directory and allowing local users to expose arbitrary file contents via the webserver.

4.7
2022-09-02 CVE-2022-39188 Linux
Debian
Race Condition vulnerability in multiple products

An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19.

4.7
2022-08-31 CVE-2022-1205 Linux NULL Pointer Dereference vulnerability in Linux Kernel

A NULL pointer dereference flaw was found in the Linux kernel’s Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol.

4.7
2022-08-29 CVE-2022-0812 Linux Unspecified vulnerability in Linux Kernel

An information leak flaw was found in NFS over RDMA in the net/sunrpc/xprtrdma/rpc_rdma.c in the Linux Kernel.

4.3
2022-08-31 CVE-2022-1974 Linux Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Linux Kernel 5.18

A use-after-free flaw was found in the Linux kernel's NFC core functionality due to a race condition between kobject creation and delete.

4.1

1 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2022-09-01 CVE-2022-2256 Redhat Cross-site Scripting vulnerability in Redhat Single Sign-On 7.0

A Stored Cross-site scripting (XSS) vulnerability was found in keycloak as shipped in Red Hat Single Sign-On 7.

3.8