Weekly Vulnerabilities Reports > September 12 to 18, 2022
Overview
166 new vulnerabilities reported during this period, including 26 critical vulnerabilities and 75 high severity vulnerabilities. This weekly summary report vulnerabilities in 336 products from 78 vendors including Microsoft, Debian, Fedoraproject, Mplayerhq, and Adobe. Vulnerabilities are notably categorized as "Cross-site Scripting", "Out-of-bounds Write", "OS Command Injection", "SQL Injection", and "Out-of-bounds Read".
- 113 reported vulnerabilities are remotely exploitables.
- 42 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 103 reported vulnerabilities are exploitable by an anonymous user.
- Microsoft has the most reported vulnerabilities, with 22 reported vulnerabilities.
- Archerydms has the most reported critical vulnerabilities, with 6 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
26 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2022-09-13 | CVE-2022-39206 | Onedev Project | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Onedev Project Onedev Onedev is an open source, self-hosted Git Server with CI/CD and Kanban. | 9.9 |
2022-09-16 | CVE-2022-3214 | Deltaww | Use of Hard-coded Credentials vulnerability in Deltaww Diaenergie Delta Industrial Automation's DIAEnergy, an industrial energy management system, is vulnerable to CWE-798, Use of Hard-coded Credentials. | 9.8 |
2022-09-16 | CVE-2021-40017 | Huawei | Improper Input Validation vulnerability in Huawei Emui and Harmonyos The HW_KEYMASTER module lacks the validity check of the key format. | 9.8 |
2022-09-16 | CVE-2022-39002 | Huawei | Double Free vulnerability in Huawei Emui, Harmonyos and Magic UI Double free vulnerability in the storage module. | 9.8 |
2022-09-16 | CVE-2022-39007 | Huawei | Unspecified vulnerability in Huawei Emui and Harmonyos The location module has a vulnerability of bypassing permission verification.Successful exploitation of this vulnerability may cause privilege escalation. | 9.8 |
2022-09-16 | CVE-2021-42949 | Digitaldruid | Improper Authentication vulnerability in Digitaldruid Hoteldruid 3.0.3 The component controlla_login function in HotelDruid Hotel Management Software v3.0.3 generates a predictable session token, allowing attackers to bypass authentication via bruteforce attacks. | 9.8 |
2022-09-16 | CVE-2022-38826 | Totolink | OS Command Injection vulnerability in Totolink T6 Firmware 4.1.5Cu.709B20210518 In TOTOLINK T6 V4.1.5cu.709_B20210518, there is an execute arbitrary command in cstecgi.cgi. | 9.8 |
2022-09-16 | CVE-2022-38828 | Totolink | OS Command Injection vulnerability in Totolink T6 Firmware 4.1.5Cu.709B20210518 TOTOLINK T6 V4.1.5cu.709_B20210518 is vulnerable to command injection via cstecgi.cgi | 9.8 |
2022-09-16 | CVE-2022-36536 | Syncovery | Use of Insufficiently Random Values vulnerability in Syncovery An issue in the component post_applogin.php of Super Flexible Software GmbH & Co. | 9.8 |
2022-09-14 | CVE-2022-38308 | Totolink | OS Command Injection vulnerability in Totolink A7000Ru Firmware 7.4Cu.2313B20191024 TOTOLink A700RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the lang parameter in the function cstesystem. | 9.8 |
2022-09-14 | CVE-2022-37661 | Adtran | Unspecified vulnerability in Adtran Sr506N Firmware and Sr510N Firmware SmartRG SR506n 2.5.15 and SR510n 2.6.13 routers are vulnerable to Remote Code Execution (RCE) via the ping host feature. | 9.8 |
2022-09-14 | CVE-2022-36436 | Osuosl | Improper Authentication vulnerability in Osuosl Twisted VNC Authentication Proxy OSU Open Source Lab VNCAuthProxy through 1.1.1 is affected by an vncap/vnc/protocol.py VNCServerAuthenticator authentication-bypass vulnerability that could allow a malicious actor to gain unauthorized access to a VNC session or to disconnect a legitimate user from a VNC session. | 9.8 |
2022-09-13 | CVE-2022-38768 | Transtek | Unspecified vulnerability in Transtek Mojodat Fixed Asset Management 2.4.6 The mobile application in Transtek Mojodat FAM (Fixed Asset Management) 2.4.6 allows remote attackers to bypass authorization. | 9.8 |
2022-09-13 | CVE-2022-35413 | Pentasecurity | Use of Hard-coded Credentials vulnerability in Pentasecurity Wapples WAPPLES through 6.0 has a hardcoded systemi account. | 9.8 |
2022-09-13 | CVE-2022-39815 | Nokia | OS Command Injection vulnerability in Nokia 1350 Optical Management System 14.2 In NOKIA 1350 OMS R14.2, multiple OS Command Injection vulnerabilities occurs. | 9.8 |
2022-09-13 | CVE-2022-20385 | Improper Validation of Specified Quantity in Input vulnerability in Google Android a function called 'nla_parse', do not check the len of para, it will check nla_type (which can be controlled by userspace) with 'maxtype' (in this case, it is GSCAN_MAX), then it access polciy array 'policy[type]', which OOB access happens.Product: AndroidVersions: Android SoCAndroid ID: A-238379819 | 9.8 | |
2022-09-13 | CVE-2022-39205 | Onedev Project | Improper Authentication vulnerability in Onedev Project Onedev Onedev is an open source, self-hosted Git Server with CI/CD and Kanban. | 9.8 |
2022-09-13 | CVE-2022-38537 | Archerydms | SQL Injection vulnerability in Archerydms Archery Archery v1.4.5 to v1.8.5 was discovered to contain multiple SQL injection vulnerabilities via the start_file, end_file, start_time, and stop_time parameters in the binlog2sql interface. | 9.8 |
2022-09-13 | CVE-2022-38538 | Archerydms | SQL Injection vulnerability in Archerydms Archery Archery v1.7.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the checksum parameter in the report module. | 9.8 |
2022-09-13 | CVE-2022-38539 | Archerydms | SQL Injection vulnerability in Archerydms Archery Archery v1.7.5 to v1.8.5 was discovered to contain a SQL injection vulnerability via the where parameter at /archive/apply. | 9.8 |
2022-09-13 | CVE-2022-38540 | Archerydms | SQL Injection vulnerability in Archerydms Archery Archery v1.4.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the ThreadIDs parameter in the create_kill_session interface. | 9.8 |
2022-09-13 | CVE-2022-38541 | Archerydms | SQL Injection vulnerability in Archerydms Archery 1.8.3/1.8.4/1.8.5 Archery v1.8.3 to v1.8.5 was discovered to contain multiple SQL injection vulnerabilities via the start_time and stop_time parameters in the my2sql interface. | 9.8 |
2022-09-13 | CVE-2022-38542 | Archerydms | SQL Injection vulnerability in Archerydms Archery Archery v1.4.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the ThreadIDs parameter in the kill_session interface. | 9.8 |
2022-09-13 | CVE-2022-37011 | Mendix | Authentication Bypass by Capture-replay vulnerability in Mendix Saml A vulnerability has been identified in Mendix SAML (Mendix 7 compatible) (All versions < V1.17.0), Mendix SAML (Mendix 8 compatible) (All versions < V2.3.0), Mendix SAML (Mendix 9 compatible, New Track) (All versions < V3.3.1), Mendix SAML (Mendix 9 compatible, Upgrade Track) (All versions < V3.3.0). | 9.8 |
2022-09-12 | CVE-2022-37860 | TP Link | OS Command Injection vulnerability in Tp-Link M7350 Firmware 190531 The web configuration interface of the TP-Link M7350 V3 with firmware version 190531 is affected by a pre-authentication command injection vulnerability. | 9.8 |
2022-09-12 | CVE-2022-37767 | Pebbletemplates | Incorrect Authorization vulnerability in Pebbletemplates Pebble Templates 3.1.5 Pebble Templates 3.1.5 allows attackers to bypass a protection mechanism and implement arbitrary code execution with springbok. | 9.8 |
75 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2022-09-16 | CVE-2022-36534 | Syncovery | Unspecified vulnerability in Syncovery Super Flexible Software GmbH & Co. | 8.8 |
2022-09-14 | CVE-2022-3216 | Nintendo | Uncontrolled Recursion vulnerability in Nintendo Game BOY Color Firmware A vulnerability has been found in Nintendo Game Boy Color and classified as problematic. | 8.8 |
2022-09-13 | CVE-2022-37190 | Cuppacms | Unspecified vulnerability in Cuppacms 1.0 CuppaCMS 1.0 is vulnerable to Remote Code Execution (RCE). | 8.8 |
2022-09-13 | CVE-2022-35582 | Pentasecurity | Use of Hard-coded Credentials vulnerability in Pentasecurity Wapples 4.0.0/5.0.0.0/5.0.12.0 Penta Security Systems Inc WAPPLES 4.0.*, 5.0.0.*, 5.0.12.* are vulnerable to Incorrect Access Control. | 8.8 |
2022-09-13 | CVE-2022-39817 | Nokia | SQL Injection vulnerability in Nokia 1350 Optical Management System 14.2 In NOKIA 1350 OMS R14.2, multiple SQL Injection vulnerabilities occurs. | 8.8 |
2022-09-13 | CVE-2022-39819 | Nokia | OS Command Injection vulnerability in Nokia 1350 Optical Management System 14.2 In NOKIA 1350 OMS R14.2, multiple OS Command Injection vulnerabilities occurs. | 8.8 |
2022-09-13 | CVE-2022-34730 | Microsoft | Unspecified vulnerability in Microsoft products Microsoft ODBC Driver Remote Code Execution Vulnerability. | 8.8 |
2022-09-13 | CVE-2022-34732 | Microsoft | Unspecified vulnerability in Microsoft products Microsoft ODBC Driver Remote Code Execution Vulnerability. | 8.8 |
2022-09-13 | CVE-2022-34734 | Microsoft | Unspecified vulnerability in Microsoft products Microsoft ODBC Driver Remote Code Execution Vulnerability. | 8.8 |
2022-09-13 | CVE-2022-35823 | Microsoft | Unspecified vulnerability in Microsoft products Microsoft SharePoint Remote Code Execution Vulnerability. | 8.8 |
2022-09-13 | CVE-2022-35835 | Microsoft | Unspecified vulnerability in Microsoft products Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
2022-09-13 | CVE-2022-35836 | Microsoft | Unspecified vulnerability in Microsoft products Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
2022-09-13 | CVE-2022-35841 | Microsoft | Unspecified vulnerability in Microsoft products Windows Enterprise App Management Service Remote Code Execution Vulnerability | 8.8 |
2022-09-13 | CVE-2022-36103 | Siderolabs | Incorrect Authorization vulnerability in Siderolabs Talos Linux Talos Linux is a Linux distribution built for Kubernetes deployments. | 8.8 |
2022-09-13 | CVE-2022-38139 | Rdstation | Cross-Site Request Forgery (CSRF) vulnerability in Rdstation RD Station Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in RD Station plugin <= 5.2.0 at WordPress. | 8.8 |
2022-09-12 | CVE-2022-29490 | Hitachienergy | Unspecified vulnerability in Hitachienergy Microscada X Sys600 Improper Authorization vulnerability exists in the Workplace X WebUI of the Hitachi Energy MicroSCADA X SYS600 allows an authenticated user to execute any MicroSCADA internal scripts irrespective of the authenticated user's role. | 8.8 |
2022-09-14 | CVE-2022-36113 | Rust Lang | Path Traversal vulnerability in Rust-Lang Cargo Cargo is a package manager for the rust programming language. | 8.1 |
2022-09-14 | CVE-2022-40674 | Libexpat Project Debian Fedoraproject | Use After Free vulnerability in multiple products libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. | 8.1 |
2022-09-13 | CVE-2022-37958 | Microsoft | Unspecified vulnerability in Microsoft products SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability | 8.1 |
2022-09-18 | CVE-2022-3235 | VIM Fedoraproject Debian | Use After Free vulnerability in multiple products Use After Free in GitHub repository vim/vim prior to 9.0.0490. | 7.8 |
2022-09-17 | CVE-2022-3234 | VIM Fedoraproject Debian | Heap-based Buffer Overflow vulnerability in multiple products Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483. | 7.8 |
2022-09-16 | CVE-2022-38434 | Adobe | Use After Free vulnerability in Adobe Photoshop Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
2022-09-16 | CVE-2022-3176 | Linux Debian | Use After Free vulnerability in multiple products There exists a use-after-free in io_uring in the Linux kernel. | 7.8 |
2022-09-16 | CVE-2022-22074 | Qualcomm | Integer Overflow or Wraparound vulnerability in Qualcomm products Memory Corruption during wma file playback due to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 7.8 |
2022-09-16 | CVE-2022-22081 | Qualcomm | Integer Overflow or Wraparound vulnerability in Qualcomm products Memory corruption in audio module due to integer overflow in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wearables | 7.8 |
2022-09-14 | CVE-2022-2977 | Linux | Use After Free vulnerability in Linux Kernel A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. | 7.8 |
2022-09-14 | CVE-2022-20364 | Out-of-bounds Write vulnerability in Google Android In sysmmu_unmap of TBD, there is a possible out of bounds write due to a missing bounds check. | 7.8 | |
2022-09-14 | CVE-2022-40673 | Kdiskmark Project Fedoraproject | Missing Authorization vulnerability in multiple products KDiskMark before 3.1.0 lacks authorization checking for D-Bus methods such as Helper::flushPageCache. | 7.8 |
2022-09-13 | CVE-2022-31322 | Pentasecurity | Use of Hard-coded Credentials vulnerability in Pentasecurity Wapples 5.0.12.0/6.0.0/V6.0.R3.4.10 Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to escalate privileges via overwriting files using SUID flagged executables. | 7.8 |
2022-09-13 | CVE-2022-36768 | IBM | Unspecified vulnerability in IBM AIX and Vios IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the invscout command to obtain root privileges. | 7.8 |
2022-09-13 | CVE-2022-2962 | Qemu | Improper Synchronization vulnerability in Qemu A DMA reentrancy issue was found in the Tulip device emulation in QEMU. | 7.8 |
2022-09-13 | CVE-2022-26929 | Microsoft | Unspecified vulnerability in Microsoft .Net Framework .NET Framework Remote Code Execution Vulnerability | 7.8 |
2022-09-13 | CVE-2022-35828 | Microsoft | Unspecified vulnerability in Microsoft Defender for Endpoint Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability | 7.8 |
2022-09-13 | CVE-2022-37954 | Microsoft | Unspecified vulnerability in Microsoft products DirectX Graphics Kernel Elevation of Privilege Vulnerability | 7.8 |
2022-09-13 | CVE-2022-37956 | Microsoft | Unspecified vulnerability in Microsoft products Windows Kernel Elevation of Privilege Vulnerability. | 7.8 |
2022-09-13 | CVE-2022-37969 | Microsoft | Out-of-bounds Write vulnerability in Microsoft products Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
2022-09-13 | CVE-2022-38007 | Microsoft | Unspecified vulnerability in Microsoft Azure ARC and Azure Guest Configuration Azure Guest Configuration and Azure Arc-enabled servers Elevation of Privilege Vulnerability | 7.8 |
2022-09-13 | CVE-2022-38019 | Microsoft | Unspecified vulnerability in Microsoft AV1 Video Extension 1.1.32442.0 AV1 Video Extension Remote Code Execution Vulnerability | 7.8 |
2022-09-13 | CVE-2022-35292 | SAP | Unquoted Search Path or Element vulnerability in SAP Business ONE 10.0 In SAP Business One application when a service is created, the executable path contains spaces and isn’t enclosed within quotes, leading to a vulnerability known as Unquoted Service Path which allows a user to gain SYSTEM privileges. | 7.8 |
2022-09-13 | CVE-2022-3170 | Linux | Out-of-bounds Read vulnerability in Linux Kernel 6.0 An out-of-bounds access issue was found in the Linux kernel sound subsystem. | 7.8 |
2022-09-12 | CVE-2022-3178 | Gpac | Out-of-bounds Read vulnerability in Gpac Buffer Over-read in GitHub repository gpac/gpac prior to 2.1.0-DEV. | 7.8 |
2022-09-13 | CVE-2022-38012 | Microsoft | Unspecified vulnerability in Microsoft Edge Chromium 105.0.1343.25 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. | 7.7 |
2022-09-16 | CVE-2022-40761 | Samsung | Improper Validation of Specified Quantity in Input vulnerability in Samsung Mtower 0.1.0/0.2.0/0.3.0 The function tee_obj_free in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_AllocateOperation with a disturbed heap layout, related to utee_cryp_obj_alloc. | 7.5 |
2022-09-16 | CVE-2022-40149 | Jettison Project Debian | Out-of-bounds Write vulnerability in multiple products Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). | 7.5 |
2022-09-16 | CVE-2022-40150 | Jettison Project Debian | Uncontrolled Recursion vulnerability in multiple products Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). | 7.5 |
2022-09-16 | CVE-2022-40152 | Xstream Project Fasterxml | Out-of-bounds Write vulnerability in multiple products Those using Woodstox to parse XML data may be vulnerable to Denial of Service attacks (DOS) if DTD support is enabled. | 7.5 |
2022-09-16 | CVE-2022-22091 | Qualcomm | Unspecified vulnerability in Qualcomm products Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | 7.5 |
2022-09-15 | CVE-2022-36074 | Nextcloud | Incorrect Authorization vulnerability in Nextcloud Enterprise Server and Nextcloud Server Nextcloud server is an open source personal cloud product. | 7.5 |
2022-09-15 | CVE-2022-39213 | Pandatix | Out-of-bounds Read vulnerability in Pandatix Go-Cvss 0.2.0/0.3.0 go-cvss is a Go module to manipulate Common Vulnerability Scoring System (CVSS). | 7.5 |
2022-09-15 | CVE-2022-37260 | Stealjs | Unspecified vulnerability in Stealjs Steal 2.2.4 A Regular Expression Denial of Service (ReDoS) flaw was found in stealjs steal 2.2.4 via the input variable in main.js. | 7.5 |
2022-09-15 | CVE-2022-37262 | Stealjs | Unspecified vulnerability in Stealjs Steal 2.2.4 A Regular Expression Denial of Service (ReDoS) flaw was found in stealjs steal 2.2.4 via the source and sourceWithComments variable in main.js. | 7.5 |
2022-09-14 | CVE-2022-29492 | Hitachienergy | Improper Input Validation vulnerability in Hitachienergy Microscada X Sys600 Improper Input Validation vulnerability in the handling of a malformed IEC 104 TCP packet in the Hitachi Energy MicroSCADA X SYS600, MicroSCADA Pro SYS600. | 7.5 |
2022-09-14 | CVE-2022-29922 | Hitachienergy | Improper Input Validation vulnerability in Hitachienergy Microscada X Sys600 Improper Input Validation vulnerability in the handling of a specially crafted IEC 61850 packet with a valid data item but with incorrect data type in the IEC 61850 OPC Server in the Hitachi Energy MicroSCADA X SYS600, MicroSCADA Pro SYS600. | 7.5 |
2022-09-14 | CVE-2022-2277 | Hitachienergy | Improper Validation of Specified Quantity in Input vulnerability in Hitachienergy Microscada X Sys600 Improper Input Validation vulnerability exists in the Hitachi Energy MicroSCADA X SYS600's ICCP stack during the ICCP communication establishment causes a denial-of-service when ICCP of SYS600 is request to forward any data item updates with timestamps too distant in the future to any remote ICCP system. | 7.5 |
2022-09-14 | CVE-2021-38924 | IBM | Information Exposure Through an Error Message vulnerability in IBM Maximo Application Suite and Maximo Asset Management IBM Maximo Asset Management 7.6.1.1 and 7.6.1.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 7.5 |
2022-09-13 | CVE-2022-38769 | Transtek | Unspecified vulnerability in Transtek Mojodat Fixed Asset Management 2.4.6 The mobile application in Transtek Mojodat FAM (Fixed Asset Management) 2.4.6 allows remote attackers to fetch cleartext passwords upon a successful login request. | 7.5 |
2022-09-13 | CVE-2022-39821 | Nokia | Information Exposure Through Log Files vulnerability in Nokia 1350 Optical Management System 14.2 In NOKIA 1350 OMS R14.2, an Insertion of Sensitive Information into an Application Log File vulnerability occurs. | 7.5 |
2022-09-13 | CVE-2022-35833 | Microsoft | Unspecified vulnerability in Microsoft products Windows Secure Channel Denial of Service Vulnerability | 7.5 |
2022-09-13 | CVE-2022-35838 | Microsoft | Unspecified vulnerability in Microsoft Windows 11 and Windows Server 2022 HTTP V3 Denial of Service Vulnerability | 7.5 |
2022-09-13 | CVE-2022-38013 | Microsoft Fedoraproject | .NET Core and Visual Studio Denial of Service Vulnerability | 7.5 |
2022-09-13 | CVE-2022-39208 | Onedev Project | Files or Directories Accessible to External Parties vulnerability in Onedev Project Onedev Onedev is an open source, self-hosted Git Server with CI/CD and Kanban. | 7.5 |
2022-09-13 | CVE-2022-32190 | Golang | Path Traversal vulnerability in Golang GO 1.19.0 JoinPath and URL.JoinPath do not remove ../ path elements appended to a relative path. | 7.5 |
2022-09-13 | CVE-2022-39801 | SAP | Improper Authentication vulnerability in SAP Access Control 12 SAP GRC Access control Emergency Access Management allows an authenticated attacker to access a Firefighter session even after it is closed in Firefighter Logon Pad. | 7.5 |
2022-09-13 | CVE-2022-3029 | Nlnetlabs | Unspecified vulnerability in Nlnetlabs Routinator In NLnet Labs Routinator 0.9.0 up to and including 0.11.2, due to a mistake in error handling, data in RRDP snapshot and delta files that isn’t correctly base 64 encoded is treated as a fatal error and causes Routinator to exit. | 7.5 |
2022-09-13 | CVE-2022-38100 | Contechealth | Unspecified vulnerability in Contechealth Cms8000 Firmware The CMS800 device fails while attempting to parse malformed network data sent by a threat actor. | 7.5 |
2022-09-13 | CVE-2022-1278 | Redhat | Insecure Default Initialization of Resource vulnerability in Redhat products A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain. | 7.5 |
2022-09-12 | CVE-2022-35572 | Linksys | Missing Authentication for Critical Function vulnerability in Linksys E5350 Firmware 1.0.00.037 On Linksys E5350 WiFi Router with firmware version 1.0.00.037 and lower, (and potentially other vendors/devices due to code reuse), the /SysInfo.htm URI does not require a session ID. | 7.5 |
2022-09-12 | CVE-2022-37797 | Lighttpd Debian | NULL Pointer Dereference vulnerability in multiple products In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. | 7.5 |
2022-09-12 | CVE-2022-37734 | Graphql Java Project | Unspecified vulnerability in Graphql-Java Project Graphql-Java graphql-java before19.0 is vulnerable to Denial of Service. | 7.5 |
2022-09-13 | CVE-2022-38011 | Microsoft | Unspecified vulnerability in Microsoft RAW Image Extension Raw Image Extension Remote Code Execution Vulnerability | 7.3 |
2022-09-15 | CVE-2022-38534 | Totolink | OS Command Injection vulnerability in Totolink A720R Firmware 4.1.5Cu.374 TOTOLINK-720R v4.1.5cu.374 was discovered to contain a remote code execution (RCE) vulnerability via the setdiagnosicfg function. | 7.2 |
2022-09-15 | CVE-2022-38535 | Totolink | OS Command Injection vulnerability in Totolink A720R Firmware 4.1.5Cu.374 TOTOLINK-720R v4.1.5cu.374 was discovered to contain a remote code execution (RCE) vulnerability via the setTracerouteCfg function. | 7.2 |
2022-09-14 | CVE-2022-3202 | Linux Netapp | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw in diFree in fs/jfs/inode.c in Journaled File System (JFS)in the Linux kernel. | 7.1 |
2022-09-13 | CVE-2022-2989 | Podman Project Redhat | Placement of User into Incorrect Group vulnerability in multiple products An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container. | 7.1 |
2022-09-13 | CVE-2022-2990 | Buildah Project Redhat | Placement of User into Incorrect Group vulnerability in multiple products An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container. | 7.1 |
64 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2022-09-16 | CVE-2022-25654 | Qualcomm | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in kernel due to improper input validation while processing ION commands in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables | 6.7 |
2022-09-14 | CVE-2022-20231 | Out-of-bounds Write vulnerability in Google Android In smc_intc_request_fiq of arm_gic.c, there is a possible out of bounds write due to improper input validation. | 6.7 | |
2022-09-15 | CVE-2022-39209 | Github Fedoraproject | Algorithmic Complexity vulnerability in multiple products cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. | 6.5 |
2022-09-15 | CVE-2022-40736 | Axiosys | Unspecified vulnerability in Axiosys Bento4 1.6.0639 An issue was discovered in Bento4 1.6.0-639. | 6.5 |
2022-09-14 | CVE-2022-40734 | Unisharp | Path Traversal vulnerability in Unisharp Laravel Filemanager UniSharp laravel-filemanager (aka Laravel Filemanager) before 2.6.4 allows download?working_dir=%2F.. | 6.5 |
2022-09-14 | CVE-2022-36114 | Rust Lang | Resource Exhaustion vulnerability in Rust-Lang Cargo Cargo is a package manager for the rust programming language. | 6.5 |
2022-09-13 | CVE-2022-31324 | Pentasecurity | Download of Code Without Integrity Check vulnerability in Pentasecurity Wapples An arbitrary file download vulnerability in the downloadAction() function of Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to download arbitrary files via a crafted POST request. | 6.5 |
2022-09-13 | CVE-2022-22483 | IBM | Improper Privilege Management vulnerability in IBM DB2 IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to an information disclosure in some scenarios due to unauthorized access caused by improper privilege management when CREATE OR REPLACE command is used. | 6.5 |
2022-09-13 | CVE-2022-35637 | IBM | Unspecified vulnerability in IBM DB2 10.5/11.1/11.5 IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service after entering a malformed SQL statement into the Db2expln tool. | 6.5 |
2022-09-13 | CVE-2022-39816 | Nokia | Insufficiently Protected Credentials vulnerability in Nokia 1350 Optical Management System 14.2 In NOKIA 1350 OMS R14.2, Insufficiently Protected Credentials (cleartext administrator password) occur in the edit configuration page. | 6.5 |
2022-09-13 | CVE-2022-38342 | Safe | XXE vulnerability in Safe FME Server Safe Software FME Server v2021.2.5, v2022.0.0.2 and below was discovered to contain a XML External Entity (XXE) vulnerability which allows authenticated attackers to perform data exfiltration or Server-Side Request Forgery (SSRF) attacks. | 6.5 |
2022-09-13 | CVE-2022-35837 | Microsoft | Unspecified vulnerability in Microsoft products Windows Graphics Component Information Disclosure Vulnerability | 6.5 |
2022-09-13 | CVE-2022-38006 | Microsoft | Unspecified vulnerability in Microsoft products Windows Graphics Component Information Disclosure Vulnerability | 6.5 |
2022-09-16 | CVE-2022-38845 | Espocrm | Cross-site Scripting vulnerability in Espocrm 7.1.8 Cross Site Scripting in Import feature in EspoCRM 7.1.8 allows remote users to run malicious JavaScript in victim s browser via sending crafted csv file containing malicious JavaScript to authenticated user. | 6.1 |
2022-09-14 | CVE-2022-40626 | Zabbix Fedoraproject | Cross-site Scripting vulnerability in multiple products An unauthenticated user can create a link with reflected Javascript code inside the backurl parameter and send it to other authenticated users in order to create a fake account with predefined login, password and role in Zabbix Frontend. | 6.1 |
2022-09-13 | CVE-2022-3205 | Redhat | Cross-site Scripting vulnerability in Redhat Ansible Automation Platform 1.2/2.0 Cross site scripting in automation controller UI in Red Hat Ansible Automation Platform 1.2 and 2.0 where the project name is susceptible to XSS injection | 6.1 |
2022-09-13 | CVE-2022-35298 | SAP | Cross-site Scripting vulnerability in SAP Netweaver Enterprise Portal 7.50 SAP NetWeaver Enterprise Portal (KMC) - version 7.50, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability. | 6.1 |
2022-09-13 | CVE-2022-39799 | SAP | Cross-site Scripting vulnerability in SAP Netweaver Application Server Abap An attacker with no prior authentication could craft and send malicious script to SAP GUI for HTML within Fiori Launchpad, resulting in reflected cross-site scripting attack. | 6.1 |
2022-09-15 | CVE-2022-40306 | Ecisolutions | Unspecified vulnerability in Ecisolutions Printanista Managed Print Service 20220627 The login form /Login in ECi Printanista Hub (formerly FMAudit Printscout) through 2022-06-27 performs expensive RSA key-generation operations, which allows attackers to cause a denial of service (DoS) by requesting that form repeatedly. | 5.9 |
2022-09-16 | CVE-2022-3225 | Budibase | Improper Control of Dynamically-Managed Code Resources vulnerability in Budibase Improper Control of Dynamically-Managed Code Resources in GitHub repository budibase/budibase prior to 1.3.20. | 5.7 |
2022-09-18 | CVE-2022-40768 | Linux Fedoraproject Debian | Use of Uninitialized Resource vulnerability in multiple products drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case. | 5.5 |
2022-09-16 | CVE-2022-30674 | Adobe Fedoraproject | Out-of-bounds Read vulnerability in multiple products Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 5.5 |
2022-09-15 | CVE-2022-38334 | Xpdfreader | Uncontrolled Recursion vulnerability in Xpdfreader Xpdf XPDF v4.04 and earlier was discovered to contain a stack overflow via the function Catalog::countPageTree() at Catalog.cc. | 5.5 |
2022-09-15 | CVE-2022-38850 | Mplayerhq Debian | Divide By Zero vulnerability in multiple products The MPlayer Project mencoder SVN-r38374-13.0.1 is vulnerable to Divide By Zero via the function config () of llibmpcodecs/vf_scale.c. | 5.5 |
2022-09-15 | CVE-2022-38851 | Mplayerhq Debian | Out-of-bounds Read vulnerability in multiple products Certain The MPlayer Project products are vulnerable to Out-of-bounds Read via function read_meta_record() of mplayer/libmpdemux/asfheader.c. | 5.5 |
2022-09-15 | CVE-2022-38890 | F5 | Out-of-bounds Read vulnerability in F5 NJS 0.7.7 Nginx NJS v0.7.7 was discovered to contain a segmentation violation via njs_utf8_next at src/njs_utf8.h | 5.5 |
2022-09-15 | CVE-2022-38855 | Mplayerhq Debian | Out-of-bounds Write vulnerability in multiple products Certain The MPlayer Project products are vulnerable to Buffer Overflow via function gen_sh_video () of mplayer/libmpdemux/demux_mov.c. | 5.5 |
2022-09-15 | CVE-2022-38858 | Mplayerhq Debian | Out-of-bounds Write vulnerability in multiple products Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mov_build_index() of libmpdemux/demux_mov.c. | 5.5 |
2022-09-15 | CVE-2022-38860 | Mplayerhq Debian | Divide By Zero vulnerability in multiple products Certain The MPlayer Project products are vulnerable to Divide By Zero via function demux_open_avi() of libmpdemux/demux_avi.c which affects mencoder. | 5.5 |
2022-09-15 | CVE-2022-38861 | Mplayerhq Debian | Out-of-bounds Write vulnerability in multiple products The MPlayer Project mplayer SVN-r38374-13.0.1 is vulnerable to memory corruption via function free_mp_image() of libmpcodecs/mp_image.c. | 5.5 |
2022-09-15 | CVE-2022-38863 | Mplayerhq Debian | Out-of-bounds Write vulnerability in multiple products Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mp_getbits() of libmpdemux/mpeg_hdr.c which affects mencoder and mplayer. | 5.5 |
2022-09-15 | CVE-2022-38864 | Mplayerhq Debian | Out-of-bounds Write vulnerability in multiple products Certain The MPlayer Project products are vulnerable to Buffer Overflow via the function mp_unescape03() of libmpdemux/mpeg_hdr.c. | 5.5 |
2022-09-15 | CVE-2022-38865 | Mplayerhq Debian | Divide By Zero vulnerability in multiple products Certain The MPlayer Project products are vulnerable to Divide By Zero via the function demux_avi_read_packet of libmpdemux/demux_avi.c. | 5.5 |
2022-09-15 | CVE-2022-38866 | Mplayerhq Debian | Out-of-bounds Write vulnerability in multiple products Certain The MPlayer Project products are vulnerable to Buffer Overflow via read_avi_header() of libmpdemux/aviheader.c . | 5.5 |
2022-09-15 | CVE-2022-3222 | Gpac | Uncontrolled Recursion vulnerability in Gpac Uncontrolled Recursion in GitHub repository gpac/gpac prior to 2.1.0-DEV. | 5.5 |
2022-09-14 | CVE-2022-40476 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel A null pointer dereference issue was discovered in fs/io_uring.c in the Linux kernel before 5.15.62. | 5.5 |
2022-09-13 | CVE-2022-38307 | Lief Project | NULL Pointer Dereference vulnerability in Lief-Project Lief LIEF commit 5d1d643 was discovered to contain a segmentation violation via the function LIEF::MachO::SegmentCommand::file_offset() at /MachO/SegmentCommand.cpp. | 5.5 |
2022-09-13 | CVE-2022-38497 | Lief Project | NULL Pointer Dereference vulnerability in Lief-Project Lief LIEF commit 365a16a was discovered to contain a segmentation violation via the component CoreFile.tcc:69. | 5.5 |
2022-09-13 | CVE-2022-20393 | Integer Underflow (Wrap or Wraparound) vulnerability in Google Android 11.0/12.0/12.1 In extract3GPPGlobalDescriptions of TextDescriptions.cpp, there is a possible out of bounds read due to an integer overflow. | 5.5 | |
2022-09-13 | CVE-2022-20396 | Insufficient Verification of Data Authenticity vulnerability in Google Android 12.1/13.0 In SettingsActivity.java, there is a possible way to make a device discoverable over Bluetooth, without permission or user interaction, due to a permissions bypass. | 5.5 | |
2022-09-13 | CVE-2022-3190 | Wireshark Fedoraproject | Infinite Loop vulnerability in multiple products Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3.6.0 to 3.6.7 and 3.4.0 to 3.4.15 allows denial of service via packet injection or crafted capture file | 5.5 |
2022-09-16 | CVE-2022-30677 | Adobe | Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. | 5.4 |
2022-09-16 | CVE-2022-30678 | Adobe | Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. | 5.4 |
2022-09-16 | CVE-2022-30680 | Adobe | Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. | 5.4 |
2022-09-16 | CVE-2022-30681 | Adobe | Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. | 5.4 |
2022-09-15 | CVE-2018-25047 | Smarty Debian | Cross-site Scripting vulnerability in multiple products In Smarty before 3.1.47 and 4.x before 4.2.1, libs/plugins/function.mailto.php allows XSS. | 5.4 |
2022-09-13 | CVE-2021-36568 | Moodle Fedoraproject | Cross-site Scripting vulnerability in multiple products In certain Moodle products after creating a course, it is possible to add in a arbitrary "Topic" a resource, in this case a "Database" with the type "Text" where its values "Field name" and "Field description" are vulnerable to Cross Site Scripting Stored(XSS). | 5.4 |
2022-09-13 | CVE-2022-39207 | Onedev Project | Incorrect Permission Assignment for Critical Resource vulnerability in Onedev Project Onedev Onedev is an open source, self-hosted Git Server with CI/CD and Kanban. | 5.4 |
2022-09-13 | CVE-2022-35294 | SAP | Cross-site Scripting vulnerability in SAP Netweaver Application Server Abap An attacker with basic business user privileges could craft and upload a malicious file to SAP NetWeaver Application Server ABAP, which is then downloaded and viewed by other users resulting in a stored Cross-Site-Scripting attack. | 5.4 |
2022-09-12 | CVE-2022-37796 | Oretnom23 | Cross-site Scripting vulnerability in Oretnom23 Simple Online Book Store System 1.0 In Simple Online Book Store System 1.0 in /admin_book.php the Title, Author, and Description parameters are vulnerable to Cross Site Scripting(XSS). | 5.4 |
2022-09-16 | CVE-2022-30683 | Adobe | Unspecified vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a Violation of Secure Design Principles vulnerability that could lead to bypass the security feature of the encryption mechanism in the backend . | 5.3 |
2022-09-14 | CVE-2022-22520 | Mbconnectline Helmholz | Response Discrepancy Information Exposure vulnerability in multiple products A remote, unauthenticated attacker can enumerate valid users by sending specific requests to the webservice of MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2. | 5.3 |
2022-09-13 | CVE-2022-38770 | Transtek | Unspecified vulnerability in Transtek Mojodat Fixed Asset Management 2.4.6 The mobile application in Transtek Mojodat FAM (Fixed Asset Management) 2.4.6 allows remote attackers to fetch other users' data upon a successful login request. | 5.3 |
2022-09-13 | CVE-2022-22330 | IBM | Incorrect Permission Assignment for Critical Resource vulnerability in IBM Control Desk IBM Control Desk 7.6.1 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. | 5.3 |
2022-09-13 | CVE-2022-39014 | SAP | Missing Encryption of Sensitive Data vulnerability in SAP Businessobjects Business Intelligence Platform 430 Under certain conditions SAP BusinessObjects Business Intelligence Platform Central Management Console (CMC) - version 430, allows an attacker to access certain unencrypted sensitive parameters which would otherwise be restricted. | 5.3 |
2022-09-13 | CVE-2022-36780 | Avdorcis | Missing Authentication for Critical Function vulnerability in Avdorcis Crystal Quality Avdor CIS - crystal quality Credentials Management Errors. | 5.3 |
2022-09-13 | CVE-2022-39158 | Siemens | Resource Exhaustion vulnerability in Siemens Ruggedcom ROS Affected devices improperly handle partial HTTP requests which makes them vulnerable to slowloris attacks. | 5.3 |
2022-09-12 | CVE-2022-36101 | Shopware | Unspecified vulnerability in Shopware Shopware is an open source e-commerce software. | 5.3 |
2022-09-16 | CVE-2022-2863 | Wpvivid | Path Traversal vulnerability in Wpvivid Migration, Backup, Staging The Migration, Backup, Staging WordPress plugin before 0.9.76 does not sanitise and validate a parameter before using it to read the content of a file, allowing high privilege users to read any file from the web server via a Traversal attack | 4.9 |
2022-09-13 | CVE-2022-35295 | SAP | Improper Handling of Exceptional Conditions vulnerability in SAP Host Agent 7.22 In SAP Host Agent (SAPOSCOL) - version 7.22, an attacker may use files created by saposcol to escalate privileges for themselves. | 4.9 |
2022-09-16 | CVE-2022-2351 | Wpexperts | Cross-site Scripting vulnerability in Wpexperts Post Smtp The Post SMTP Mailer/Email Log WordPress plugin before 2.1.4 does not escape some of its settings before outputting them in the admins dashboard, allowing high privilege users to perform Cross-Site Scripting attacks against other users even when the unfiltered_html capability is disallowed. | 4.8 |
2022-09-14 | CVE-2022-1778 | Hitachienergy | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Hitachienergy Microscada X Sys600 Improper Input Validation vulnerability in Hitachi Energy MicroSCADA X SYS600 while reading a specific configuration file causes a buffer-overflow that causes a failure to start the SYS600. | 4.4 |
2022-09-12 | CVE-2022-31222 | Dell | Missing Release of Resource after Effective Lifetime vulnerability in Dell products Dell BIOS versions contain a Missing Release of Resource after Effective Lifetime vulnerability. | 4.4 |
2022-09-12 | CVE-2022-38135 | Photospace Gallery Project | Unspecified vulnerability in Photospace Gallery Project Photospace Gallery 2.3.5 Broken Access Control vulnerability in Dean Oakley's Photospace Gallery plugin <= 2.3.5 at WordPress allows users with subscriber or higher role to change plugin settings. | 4.3 |
1 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2022-09-13 | CVE-2022-37703 | Amanda | Path Traversal vulnerability in Amanda 3.5.1 In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. | 3.3 |