Weekly Vulnerabilities Reports > September 19 to 25, 2022
Overview
234 new vulnerabilities reported during this period, including 38 critical vulnerabilities and 112 high severity vulnerabilities. This weekly summary report vulnerabilities in 175 products from 85 vendors including Apple, Jenkins, Debian, Fedoraproject, and Arubanetworks. Vulnerabilities are notably categorized as "Out-of-bounds Write", "Missing Authorization", "Out-of-bounds Read", "SQL Injection", and "Cross-site Scripting".
- 166 reported vulnerabilities are remotely exploitables.
- 2 reported vulnerabilities have public exploit available.
- 48 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 150 reported vulnerabilities are exploitable by an anonymous user.
- Apple has the most reported vulnerabilities, with 57 reported vulnerabilities.
- Tenda has the most reported critical vulnerabilities, with 5 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
38 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2022-09-23 | CVE-2022-32845 | Apple | Unspecified vulnerability in Apple products This issue was addressed with improved checks. | 10.0 |
2022-09-24 | CVE-2022-23463 | Nepxion | Expression Language Injection vulnerability in Nepxion Discovery Nepxion Discovery is a solution for Spring Cloud. | 9.8 |
2022-09-23 | CVE-2022-40630 | Tacitine | Session Fixation vulnerability in Tacitine products This vulnerability exists in Tacitine Firewall, all versions of EN6200-PRIME QUAD-35 and EN6200-PRIME QUAD-100 between 19.1.1 to 22.20.1 (inclusive), due to improper session management in the Tacitine Firewall web-based management interface. | 9.8 |
2022-09-23 | CVE-2022-36944 | Scala Lang Fedoraproject | Deserialization of Untrusted Data vulnerability in multiple products Scala 2.13.x before 2.13.9 has a Java deserialization chain in its JAR file. | 9.8 |
2022-09-23 | CVE-2022-40854 | Tenda | Out-of-bounds Write vulnerability in Tenda Ac18 Firmware 15.03.05.19(6318) Tenda AC18 router contained a stack overflow vulnerability in /goform/fast_setting_wifi_set | 9.8 |
2022-09-23 | CVE-2022-40855 | Tenda | Out-of-bounds Write vulnerability in Tenda W20E Firmware 15.11.0.6 Tenda W20E router V15.11.0.6 contains a stack overflow in the function formSetPortMapping with post request 'goform/setPortMapping/'. | 9.8 |
2022-09-23 | CVE-2022-40866 | Tenda | Out-of-bounds Write vulnerability in Tenda W20E Firmware 15.11.0.6 Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formSetDebugCfg with request /goform/setDebugCfg/ | 9.8 |
2022-09-23 | CVE-2022-40867 | Tenda | Out-of-bounds Write vulnerability in Tenda W20E Firmware 15.11.0.6 Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formIPMacBindDel with the request /goform/delIpMacBind/ | 9.8 |
2022-09-23 | CVE-2022-40868 | Tenda | Out-of-bounds Write vulnerability in Tenda W20E Firmware 15.11.0.6 Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formDelDhcpRule with the request /goform/delDhcpRules/ | 9.8 |
2022-09-23 | CVE-2022-3236 | Sophos | Code Injection vulnerability in Sophos Firewall 19.0.1 A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older. | 9.8 |
2022-09-23 | CVE-2022-35951 | Redis Fedoraproject | Integer Overflow or Wraparound vulnerability in multiple products Redis is an in-memory database that persists on disk. | 9.8 |
2022-09-21 | CVE-2021-43310 | Keylime | Authentication Bypass by Spoofing vulnerability in Keylime A vulnerability in Keylime before 6.3.0 allows an attacker to craft a request to the agent that resets the U and V keys as if the agent were being re-added to a verifier. | 9.8 |
2022-09-21 | CVE-2022-41226 | Jenkins | XXE vulnerability in Jenkins Compuware Common Configuration Jenkins Compuware Common Configuration Plugin 1.0.14 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | 9.8 |
2022-09-21 | CVE-2022-41237 | Jenkins | Unspecified vulnerability in Jenkins Dotci Jenkins DotCi Plugin 2.40.00 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability. | 9.8 |
2022-09-21 | CVE-2022-41238 | Jenkins | Missing Authorization vulnerability in Jenkins Dotci A missing permission check in Jenkins DotCi Plugin 2.40.00 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to the attacker-specified repository for attacker-specified commits. | 9.8 |
2022-09-21 | CVE-2022-37026 | Erlang | Unspecified vulnerability in Erlang Erlang/Otp In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS. | 9.8 |
2022-09-21 | CVE-2022-41220 | Md2Roff Project | Out-of-bounds Write vulnerability in Md2Roff Project Md2Roff 1.9 md2roff 1.9 has a stack-based buffer overflow via a Markdown file, a different vulnerability than CVE-2022-34913. | 9.8 |
2022-09-20 | CVE-2022-32863 | Apple | Out-of-bounds Write vulnerability in Apple Safari A memory corruption issue was addressed with improved state management. | 9.8 |
2022-09-20 | CVE-2017-20148 | Debian | Unspecified vulnerability in Debian Logcheck In the ebuild package through logcheck-1.3.23.ebuild for Logcheck on Gentoo, it is possible to achieve root privilege escalation from the logcheck user because of insecure recursive chown calls. | 9.8 |
2022-09-20 | CVE-2022-41138 | Zutty Project | Unspecified vulnerability in Zutty Project Zutty In Zutty before 0.13, DECRQSS in text written to the terminal can achieve arbitrary code execution. | 9.8 |
2022-09-20 | CVE-2022-39955 | Owasp Fedoraproject Debian | The OWASP ModSecurity Core Rule Set (CRS) is affected by a partial rule set bypass by submitting a specially crafted HTTP Content-Type header field that indicates multiple character encoding schemes. | 9.8 |
2022-09-20 | CVE-2022-39956 | Owasp Fedoraproject Debian | Improper Encoding or Escaping of Output vulnerability in multiple products The OWASP ModSecurity Core Rule Set (CRS) is affected by a partial rule set bypass for HTTP multipart requests by submitting a payload that uses a character encoding scheme via the Content-Type or the deprecated Content-Transfer-Encoding multipart MIME header fields that will not be decoded and inspected by the web application firewall engine and the rule set. | 9.8 |
2022-09-19 | CVE-2022-28321 | Linux PAM | Improper Authentication vulnerability in Linux-Pam The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. | 9.8 |
2022-09-19 | CVE-2022-40144 | Trendmicro | Improper Authentication vulnerability in Trendmicro Apex ONE 2019 A vulnerability in Trend Micro Apex One and Trend Micro Apex One as a Service could allow an attacker to bypass the product's login authentication by falsifying request parameters on affected installations. | 9.8 |
2022-09-19 | CVE-2022-3218 | Necta | Improper Authentication vulnerability in Necta Wifi Mouse Server 1.7.8.5 Due to a reliance on client-side authentication, the WiFi Mouse (Mouse Server) from Necta LLC's authentication mechanism is trivially bypassed, which can result in remote code execution. | 9.8 |
2022-09-19 | CVE-2022-35914 | Glpi Project | Injection vulnerability in Glpi-Project Glpi /vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allows PHP code injection. | 9.8 |
2022-09-19 | CVE-2022-2840 | Zephyr ONE | SQL Injection vulnerability in Zephyr-One Zephyr Project Manager The Zephyr Project Manager WordPress plugin before 3.2.5 does not sanitise and escape various parameters before using them in SQL statements via various AJAX actions available to both unauthenticated and authenticated users, leading to SQL injections | 9.8 |
2022-09-21 | CVE-2022-0495 | Parantezteknoloji | SQL Injection vulnerability in Parantezteknoloji Koha Library Automation 19.05.03 The library automation system product KOHA developed by Parantez Teknoloji before version 19.05.03 has an unauthenticated SQL Injection vulnerability. | 9.4 |
2022-09-21 | CVE-2022-2315 | Databank | SQL Injection vulnerability in Databank Accreditation Tracking/Presentation Module Database Software Accreditation Tracking/Presentation Module product before version 2 has an unauthenticated SQL Injection vulnerability. | 9.4 |
2022-09-20 | CVE-2022-2177 | Kayrasoft | SQL Injection vulnerability in Kayrasoft 1 Kayrasoft product before version 2 has an unauthenticated SQL Injection vulnerability. | 9.4 |
2022-09-24 | CVE-2022-36025 | Linuxfoundation | Incorrect Conversion between Numeric Types vulnerability in Linuxfoundation Besu Besu is a Java-based Ethereum client. | 9.1 |
2022-09-23 | CVE-2022-32847 | Apple | Unspecified vulnerability in Apple products This issue was addressed with improved checks. | 9.1 |
2022-09-23 | CVE-2022-23144 | ZTE | Unspecified vulnerability in ZTE products There is a broken access control vulnerability in ZTE ZXvSTB product. | 9.1 |
2022-09-23 | CVE-2022-39227 | Python JWT Project | Authentication Bypass by Spoofing vulnerability in Python-Jwt Project Python-Jwt python-jwt is a module for generating and verifying JSON Web Tokens. | 9.1 |
2022-09-22 | CVE-2022-40186 | Hashicorp | Unspecified vulnerability in Hashicorp Vault An issue was discovered in HashiCorp Vault and Vault Enterprise before 1.11.3. | 9.1 |
2022-09-21 | CVE-2022-41241 | Jenkins | XXE vulnerability in Jenkins RQM Jenkins RQM Plugin 2.8 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | 9.1 |
2022-09-19 | CVE-2022-37032 | Frrouting Debian | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. | 9.1 |
2022-09-21 | CVE-2022-30578 | Tibco | Cross-site Scripting vulnerability in Tibco EBX Add-Ons The Web Server component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute Stored Cross Site Scripting (XSS) on the affected system. | 9.0 |
112 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2022-09-23 | CVE-2022-22610 | Apple | Out-of-bounds Write vulnerability in Apple products A memory corruption issue was addressed with improved state management. | 8.8 |
2022-09-23 | CVE-2022-22624 | Apple | Use After Free vulnerability in Apple products A use after free issue was addressed with improved memory management. | 8.8 |
2022-09-23 | CVE-2022-22628 | Apple | Use After Free vulnerability in Apple products A use after free issue was addressed with improved memory management. | 8.8 |
2022-09-23 | CVE-2022-22637 | Apple | Unspecified vulnerability in Apple products A logic issue was addressed with improved state management. | 8.8 |
2022-09-23 | CVE-2022-26700 | Apple | Out-of-bounds Write vulnerability in Apple products A memory corruption issue was addressed with improved state management. | 8.8 |
2022-09-23 | CVE-2022-32211 | Rocket Chat | SQL Injection vulnerability in Rocket.Chat A SQL injection vulnerability exists in Rocket.Chat <v3.18.6, <v4.4.4 and <v4.7.3 which can allow an attacker to retrieve a reset password token through or a 2fa secret. | 8.8 |
2022-09-23 | CVE-2022-32787 | Apple | Out-of-bounds Write vulnerability in Apple products An out-of-bounds write issue was addressed with improved bounds checking. | 8.8 |
2022-09-23 | CVE-2022-32792 | Apple | Out-of-bounds Write vulnerability in Apple products An out-of-bounds write issue was addressed with improved input validation. | 8.8 |
2022-09-23 | CVE-2022-35248 | Rocket Chat | Improper Authentication vulnerability in Rocket.Chat A improper authentication vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 that allowed two factor authentication can be bypassed when telling the server to use CAS during login. | 8.8 |
2022-09-23 | CVE-2022-38134 | Cusrev | Unspecified vulnerability in Cusrev Customer Reviews for Woocommerce Authenticated (subscriber+) Broken Access Control vulnerability in Customer Reviews for WooCommerce plugin <= 5.3.5 at WordPress. | 8.8 |
2022-09-23 | CVE-2022-40298 | Crestron | Incorrect Permission Assignment for Critical Resource vulnerability in Crestron Airmedia 4.3.1.39 Crestron AirMedia for Windows before 5.5.1.84 has insecure inherited permissions, which leads to a privilege escalation vulnerability found in the AirMedia Windows Application, version 4.3.1.39. | 8.8 |
2022-09-21 | CVE-2022-41227 | Jenkins | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Ns-Nd Integration Performance Publisher 4.8.0.129/4.8.0.77 A cross-site request forgery (CSRF) vulnerability in Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.129 and earlier allows attackers to connect to an attacker-specified webserver using attacker-specified credentials. | 8.8 |
2022-09-21 | CVE-2022-41228 | Jenkins | Missing Authorization vulnerability in Jenkins Ns-Nd Integration Performance Publisher 4.8.0.129/4.8.0.77 A missing permission check in Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.129 and earlier allows attackers with Overall/Read permissions to connect to an attacker-specified webserver using attacker-specified credentials. | 8.8 |
2022-09-21 | CVE-2022-41234 | Jenkins | Missing Authorization vulnerability in Jenkins Rundeck Jenkins Rundeck Plugin 3.6.11 and earlier does not protect access to the /plugin/rundeck/webhook/ endpoint, allowing users with Overall/Read permission to trigger jobs that are configured to be triggerable via Rundeck. | 8.8 |
2022-09-21 | CVE-2022-41236 | Jenkins | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Security Inspector A cross-site request forgery (CSRF) vulnerability in Jenkins Security Inspector Plugin 117.v6eecc36919c2 and earlier allows attackers to replace the generated report stored in a per-session cache and displayed to authorized users at the .../report URL with a report based on attacker-specified report generation options. | 8.8 |
2022-09-21 | CVE-2022-41245 | Jenkins | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Worksoft Execution Manager A cross-site request forgery (CSRF) vulnerability in Jenkins Worksoft Execution Manager Plugin 10.0.3.503 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 8.8 |
2022-09-21 | CVE-2022-41249 | Jenkins | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins SCM Httpclient A cross-site request forgery (CSRF) vulnerability in Jenkins SCM HttpClient Plugin 1.5 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 8.8 |
2022-09-21 | CVE-2022-41253 | Jenkins | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Cons3Rt 1.0.0 A cross-site request forgery (CSRF) vulnerability in Jenkins CONS3RT Plugin 1.0.0 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 8.8 |
2022-09-20 | CVE-2022-23685 | Arubanetworks | Cross-Site Request Forgery (CSRF) vulnerability in Arubanetworks Clearpass Policy Manager A vulnerability in the ClearPass Policy Manager web-based management interface exists which exposes some endpoints to a lack of Cross-Site Request Forgery (CSRF) protection. | 8.8 |
2022-09-20 | CVE-2022-23692 | Arubanetworks | SQL Injection vulnerability in Arubanetworks Clearpass Policy Manager Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. | 8.8 |
2022-09-20 | CVE-2022-23693 | Arubanetworks | SQL Injection vulnerability in Arubanetworks Clearpass Policy Manager Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. | 8.8 |
2022-09-20 | CVE-2022-23694 | Arubanetworks | SQL Injection vulnerability in Arubanetworks Clearpass Policy Manager Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. | 8.8 |
2022-09-20 | CVE-2022-23695 | Arubanetworks | SQL Injection vulnerability in Arubanetworks Clearpass Policy Manager Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. | 8.8 |
2022-09-20 | CVE-2022-23696 | Arubanetworks | SQL Injection vulnerability in Arubanetworks Clearpass Policy Manager Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. | 8.8 |
2022-09-20 | CVE-2022-32886 | Apple Fedoraproject Debian | Out-of-bounds Write vulnerability in multiple products A buffer overflow issue was addressed with improved memory handling. | 8.8 |
2022-09-20 | CVE-2022-32912 | Apple | Out-of-bounds Read vulnerability in Apple Ipados and Iphone OS An out-of-bounds read was addressed with improved bounds checking. | 8.8 |
2022-09-20 | CVE-2022-40955 | Apache | Deserialization of Untrusted Data vulnerability in Apache Inlong In versions of Apache InLong prior to 1.3.0, an attacker with sufficient privileges to specify MySQL JDBC connection URL parameters and to write arbitrary data to the MySQL database, could cause this data to be deserialized by Apache InLong, potentially leading to Remote Code Execution on the Apache InLong server. | 8.8 |
2022-09-19 | CVE-2022-23766 | Bigfile | Improper Input Validation vulnerability in Bigfile Bigfileagent An improper input validation vulnerability leading to arbitrary file execution was discovered in BigFileAgent. | 8.8 |
2022-09-19 | CVE-2022-38577 | Processmaker | Improper Preservation of Permissions vulnerability in Processmaker 3.0.1.7/3.4.11 ProcessMaker before v3.5.4 was discovered to contain insecure permissions in the user profile page. | 8.8 |
2022-09-19 | CVE-2022-3141 | Cozmoslabs | SQL Injection vulnerability in Cozmoslabs Translatepress The Translate Multilingual sites WordPress plugin before 2.3.3 is vulnerable to an authenticated SQL injection. | 8.8 |
2022-09-19 | CVE-2022-3142 | Basixonline | SQL Injection vulnerability in Basixonline Nex-Forms The NEX-Forms WordPress plugin before 7.9.7 does not properly sanitise and escape user input before using it in SQL statements, leading to SQL injections. | 8.8 |
2022-09-23 | CVE-2022-35893 | Insyde | Improper Input Validation vulnerability in Insyde Insydeh2O An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. | 8.2 |
2022-09-21 | CVE-2022-2881 | ISC | Out-of-bounds Read vulnerability in ISC Bind The underlying bug might cause read past end of the buffer and either read memory it should not read, or crash the process. | 8.2 |
2022-09-23 | CVE-2020-36604 | Hapijs | Unspecified vulnerability in Hapijs Hoek hoek before 8.5.1 and 9.x before 9.0.3 allows prototype poisoning in the clone function. | 8.1 |
2022-09-21 | CVE-2022-40616 | IBM | Unspecified vulnerability in IBM Maximo Asset Management 7.6.1.1/7.6.1.2/7.6.1.3 IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, and 7.6.1.3 could allow a user to bypass authentication and obtain sensitive information or perform tasks they should not have access to. | 8.1 |
2022-09-21 | CVE-2022-41243 | Jenkins | Improper Certificate Validation vulnerability in Jenkins Smalltest Jenkins SmallTest Plugin 1.0.4 and earlier does not perform hostname validation when connecting to the configured View26 server that could be abused using a man-in-the-middle attack to intercept these connections. | 8.1 |
2022-09-21 | CVE-2022-41244 | Jenkins | Improper Certificate Validation vulnerability in Jenkins View26 Test-Reporting Jenkins View26 Test-Reporting Plugin 1.0.7 and earlier does not perform hostname validation when connecting to the configured View26 server that could be abused using a man-in-the-middle attack to intercept these connections. | 8.1 |
2022-09-21 | CVE-2022-41232 | Jenkins | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Build-Publisher A cross-site request forgery (CSRF) vulnerability in Jenkins Build-Publisher Plugin 1.22 and earlier allows attackers to replace any config.xml file on the Jenkins controller file system with an empty file by providing a crafted file name to an API endpoint. | 8.0 |
2022-09-25 | CVE-2022-3297 | VIM Fedoraproject | Use After Free vulnerability in multiple products Use After Free in GitHub repository vim/vim prior to 9.0.0579. | 7.8 |
2022-09-25 | CVE-2022-3296 | VIM Fedoraproject | Stack-based Buffer Overflow vulnerability in multiple products Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0577. | 7.8 |
2022-09-23 | CVE-2022-32814 | Apple | Type Confusion vulnerability in Apple products A type confusion issue was addressed with improved state handling. | 7.8 |
2022-09-23 | CVE-2022-32796 | Apple | Out-of-bounds Write vulnerability in Apple Macos A memory corruption issue was addressed with improved state management. | 7.8 |
2022-09-23 | CVE-2022-32815 | Apple | Unspecified vulnerability in Apple products The issue was addressed with improved memory handling. | 7.8 |
2022-09-23 | CVE-2022-32819 | Apple | Unspecified vulnerability in Apple products A logic issue was addressed with improved state management. | 7.8 |
2022-09-23 | CVE-2022-32820 | Apple | Out-of-bounds Write vulnerability in Apple products An out-of-bounds write issue was addressed with improved input validation. | 7.8 |
2022-09-23 | CVE-2022-32821 | Apple | Out-of-bounds Write vulnerability in Apple products A memory corruption issue was addressed with improved validation. | 7.8 |
2022-09-23 | CVE-2022-32826 | Apple | Unspecified vulnerability in Apple products An authorization issue was addressed with improved state management. | 7.8 |
2022-09-23 | CVE-2022-32829 | Apple | Unspecified vulnerability in Apple Iphone OS and Macos This issue was addressed with improved checks. | 7.8 |
2022-09-23 | CVE-2022-32842 | Apple | Out-of-bounds Read vulnerability in Apple mac OS X and Macos An out-of-bounds read issue was addressed with improved input validation. | 7.8 |
2022-09-23 | CVE-2022-2566 | Ffmpeg | Integer Overflow or Wraparound vulnerability in Ffmpeg 5.1 A heap out-of-bounds memory write exists in FFMPEG since version 5.1. | 7.8 |
2022-09-23 | CVE-2022-41322 | Kitty Project Fedoraproject | Improper Encoding or Escaping of Output vulnerability in multiple products In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution. | 7.8 |
2022-09-22 | CVE-2022-3256 | VIM Fedoraproject Debian | Use After Free vulnerability in multiple products Use After Free in GitHub repository vim/vim prior to 9.0.0530. | 7.8 |
2022-09-20 | CVE-2022-32908 | Apple | Out-of-bounds Write vulnerability in Apple products A memory corruption issue was addressed with improved input validation. | 7.8 |
2022-09-20 | CVE-2022-32911 | Apple | Unspecified vulnerability in Apple products The issue was addressed with improved memory handling. | 7.8 |
2022-09-20 | CVE-2022-32917 | Apple | Out-of-bounds Write vulnerability in Apple Ipados and Iphone OS The issue was addressed with improved bounds checks. | 7.8 |
2022-09-19 | CVE-2022-3239 | Linux | Use After Free vulnerability in Linux Kernel A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xx_usb_probe() for the Empia 28xx based TV cards. | 7.8 |
2022-09-19 | CVE-2022-29908 | Fabasoft | Improper Certificate Validation vulnerability in Fabasoft Cloud Enterprise Client 22.4.0043 The folioupdate service in Fabasoft Cloud Enterprise Client 22.4.0043 allows Local Privilege Escalation. | 7.8 |
2022-09-19 | CVE-2022-35699 | Adobe | Out-of-bounds Write vulnerability in Adobe Bridge Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
2022-09-19 | CVE-2022-35700 | Adobe | Out-of-bounds Write vulnerability in Adobe Bridge Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
2022-09-19 | CVE-2022-35701 | Adobe | Out-of-bounds Write vulnerability in Adobe Bridge Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
2022-09-19 | CVE-2022-35702 | Adobe | Out-of-bounds Read vulnerability in Adobe Bridge Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. | 7.8 |
2022-09-19 | CVE-2022-35703 | Adobe | Out-of-bounds Read vulnerability in Adobe Bridge Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. | 7.8 |
2022-09-25 | CVE-2022-41343 | Dompdf Project | Files or Directories Accessible to External Parties vulnerability in Dompdf Project Dompdf registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule. | 7.5 |
2022-09-24 | CVE-2022-41340 | Secp256K1 JS Project | Improper Verification of Cryptographic Signature vulnerability in Secp256K1-Js Project Secp256K1-Js 1.0.0/1.0.1 The secp256k1-js package before 1.1.0 for Node.js implements ECDSA without required r and s validation, leading to signature forgery. | 7.5 |
2022-09-24 | CVE-2022-23464 | Nepxion | Server-Side Request Forgery (SSRF) vulnerability in Nepxion Discovery Nepxion Discovery is a solution for Spring Cloud. | 7.5 |
2022-09-23 | CVE-2022-32790 | Apple | Unspecified vulnerability in Apple products This issue was addressed with improved checks. | 7.5 |
2022-09-23 | CVE-2022-40188 | NIC Fedoraproject Debian | Algorithmic Complexity vulnerability in multiple products Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service (CPU consumption) because of algorithmic complexity. | 7.5 |
2022-09-22 | CVE-2022-1941 | Google Fedoraproject Debian | A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 3.21.5 for protobuf-cpp, and versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 4.21.5 for protobuf-python can lead to out of memory failures. | 7.5 |
2022-09-22 | CVE-2022-40146 | Apache Debian | Server-Side Request Forgery (SSRF) vulnerability in multiple products Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. | 7.5 |
2022-09-22 | CVE-2022-40705 | Apache | XXE vulnerability in Apache Soap 2.2/2.3 An Improper Restriction of XML External Entity Reference vulnerability in RPCRouterServlet of Apache SOAP allows an attacker to read arbitrary files over HTTP. | 7.5 |
2022-09-21 | CVE-2022-23948 | Keylime | Unspecified vulnerability in Keylime A flaw was found in Keylime before 6.3.0. | 7.5 |
2022-09-21 | CVE-2022-23949 | Keylime | Authentication Bypass by Spoofing vulnerability in Keylime In Keylime before 6.3.0, unsanitized UUIDs can be passed by a rogue agent and can lead to log spoofing on the verifier and registrar. | 7.5 |
2022-09-21 | CVE-2022-23950 | Keylime | Exposure of Resource to Wrong Sphere vulnerability in Keylime In Keylime before 6.3.0, Revocation Notifier uses a fixed /tmp path for UNIX domain socket which can allow unprivileged users a method to prohibit keylime operations. | 7.5 |
2022-09-21 | CVE-2022-23952 | Keylime | Unspecified vulnerability in Keylime In Keylime before 6.3.0, current keylime installer installs the keylime.conf file, which can contain sensitive data, as world-readable. | 7.5 |
2022-09-21 | CVE-2022-2265 | Identity AND Directory Management System Project | Path Traversal: '.../...//' vulnerability in Identity and Directory Management System Project Identity and Directory Management System The Identity and Directory Management System developed by Çekino Bilgi Teknolojileri before version 2.1.25 has an unauthenticated Path traversal vulnerability. | 7.5 |
2022-09-21 | CVE-2022-2906 | ISC | Memory Leak vulnerability in ISC Bind An attacker can leverage this flaw to gradually erode available memory to the point where named crashes for lack of resources. | 7.5 |
2022-09-21 | CVE-2022-38177 | ISC Debian Fedoraproject Netapp | Memory Leak vulnerability in multiple products By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. | 7.5 |
2022-09-21 | CVE-2022-38178 | ISC Debian Fedoraproject Netapp | Memory Leak vulnerability in multiple products By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. | 7.5 |
2022-09-21 | CVE-2022-3080 | ISC Fedoraproject | By sending specific queries to the resolver, an attacker can cause named to crash. | 7.5 |
2022-09-20 | CVE-2022-37884 | Arubanetworks | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager A vulnerability exists in the ClearPass Policy Manager Guest User Interface that can allow an unauthenticated attacker to send specific operations which result in a Denial-of-Service condition. | 7.5 |
2022-09-20 | CVE-2022-37972 | Microsoft | Unspecified vulnerability in Microsoft Endpoint Configuration Manager 2103/2207 Microsoft Endpoint Configuration Manager Spoofing Vulnerability | 7.5 |
2022-09-20 | CVE-2022-37259 | Stealjs | Unspecified vulnerability in Stealjs Steal 2.2.4 A Regular Expression Denial of Service (ReDoS) flaw was found in stealjs steal 2.2.4 via the string variable in babel.js. | 7.5 |
2022-09-20 | CVE-2022-38955 | Netgear | Improper Validation of Integrity Check Value vulnerability in Netgear Wpn824Ext Firmware 1.1.11.1.9 An exploitable firmware modification vulnerability was discovered on the Netgear WPN824EXT WiFi Range Extender. | 7.5 |
2022-09-20 | CVE-2022-39974 | Wasm3 Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Wasm3 Project Wasm3 0.5.0 WASM3 v0.5.0 was discovered to contain a segmentation fault via the component op_Select_i32_srs in wasm3/source/m3_exec.h. | 7.5 |
2022-09-20 | CVE-2022-39957 | Owasp Fedoraproject Debian | Improper Encoding or Escaping of Output vulnerability in multiple products The OWASP ModSecurity Core Rule Set (CRS) is affected by a response body bypass. | 7.5 |
2022-09-20 | CVE-2022-39958 | Owasp Fedoraproject Debian | Improper Encoding or Escaping of Output vulnerability in multiple products The OWASP ModSecurity Core Rule Set (CRS) is affected by a response body bypass to sequentially exfiltrate small and undetectable sections of data by repeatedly submitting an HTTP Range header field with a small byte range. | 7.5 |
2022-09-19 | CVE-2022-28203 | Mediawiki Debian | Release of Invalid Pointer or Reference vulnerability in multiple products A denial-of-service issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. | 7.5 |
2022-09-19 | CVE-2022-40141 | Trendmicro | Unspecified vulnerability in Trendmicro Apex ONE 2019 A vulnerability in Trend Micro Apex One and Apex One as a Service could allow an attacker to intercept and decode certain communication strings that may contain some identification attributes of a particular Apex One server. | 7.5 |
2022-09-19 | CVE-2022-38333 | Openwrt | Out-of-bounds Read vulnerability in Openwrt Openwrt before v21.02.3 and Openwrt v22.03.0-rc6 were discovered to contain two skip loops in the function header_value(). | 7.5 |
2022-09-19 | CVE-2022-40468 | Tinyproxy Project | Insecure Default Initialization of Resource vulnerability in Tinyproxy Project Tinyproxy Potential leak of left-over heap data if custom error page templates containing special non-standard variables are used. | 7.5 |
2022-09-19 | CVE-2022-37700 | Easycorp | Path Traversal vulnerability in Easycorp Zentao 15.0 Zentao Demo15 is vulnerable to Directory Traversal. | 7.5 |
2022-09-22 | CVE-2022-40932 | Phpgurukul | Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul ZOO Management System 1.0 In Zoo Management System v1.0, there is an arbitrary file upload vulnerability in the picture upload point of the "gallery" file of the "Gallery" module in the background management system. | 7.2 |
2022-09-21 | CVE-2022-37027 | Ahsay | Argument Injection or Modification vulnerability in Ahsay Cloud Backup Suite 9.1.4.0 Ahsay AhsayCBS 9.1.4.0 allows an authenticated system user to inject arbitrary Java JVM options. | 7.2 |
2022-09-20 | CVE-2022-37878 | Arubanetworks | OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. | 7.2 |
2022-09-20 | CVE-2022-37879 | Arubanetworks | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. | 7.2 |
2022-09-20 | CVE-2022-37880 | Arubanetworks | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. | 7.2 |
2022-09-20 | CVE-2022-37881 | Arubanetworks | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. | 7.2 |
2022-09-20 | CVE-2022-37882 | Arubanetworks | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. | 7.2 |
2022-09-20 | CVE-2022-37883 | Arubanetworks | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. | 7.2 |
2022-09-20 | CVE-2022-38340 | Safe | Path Traversal vulnerability in Safe FME Server Safe Software FME Server v2021.2.5, v2022.0.0.2 and below was discovered to contain a Path Traversal vulnerability via the component fmedataupload. | 7.2 |
2022-09-19 | CVE-2022-40139 | Trendmicro | Unspecified vulnerability in Trendmicro Apex ONE 2019 Improper validation of some components used by the rollback mechanism in Trend Micro Apex One and Trend Micro Apex One as a Service clients could allow a Apex One server administrator to instruct affected clients to download an unverified rollback package, which could lead to remote code execution. | 7.2 |
2022-09-23 | CVE-2020-36521 | Apple | Out-of-bounds Read vulnerability in Apple products An out-of-bounds read was addressed with improved input validation. | 7.1 |
2022-09-23 | CVE-2022-32797 | Apple | Unspecified vulnerability in Apple mac OS X and Macos This issue was addressed with improved checks. | 7.1 |
2022-09-23 | CVE-2022-32807 | Apple | Unspecified vulnerability in Apple mac OS X and Macos This issue was addressed with improved file handling. | 7.1 |
2022-09-23 | CVE-2022-32831 | Apple | Out-of-bounds Read vulnerability in Apple mac OS X and Macos An out-of-bounds read was addressed with improved bounds checking. | 7.1 |
2022-09-23 | CVE-2022-32843 | Apple | Out-of-bounds Write vulnerability in Apple mac OS X and Macos An out-of-bounds write issue was addressed with improved bounds checking. | 7.1 |
2022-09-23 | CVE-2022-32851 | Apple | Out-of-bounds Read vulnerability in Apple mac OS X and Macos An out-of-bounds read issue was addressed with improved input validation. | 7.1 |
2022-09-23 | CVE-2022-32853 | Apple | Out-of-bounds Read vulnerability in Apple mac OS X and Macos An out-of-bounds read issue was addressed with improved input validation. | 7.1 |
2022-09-23 | CVE-2022-2347 | Denx | Out-of-bounds Write vulnerability in Denx U-Boot There exists an unchecked length field in UBoot. | 7.1 |
2022-09-23 | CVE-2021-41803 | Hashicorp | Missing Authorization vulnerability in Hashicorp Consul HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 do not properly validate the node or segment names prior to interpolation and usage in JWT claim assertions with the auto config RPC. | 7.1 |
2022-09-19 | CVE-2022-38341 | Safe | Unspecified vulnerability in Safe FME Server 2021.2.3 Safe Software FME Server v2021.2.5 and below does not employ server-side validation. | 7.1 |
2022-09-21 | CVE-2022-41222 | Linux Debian Netapp Canonical | Use After Free vulnerability in multiple products mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move. | 7.0 |
80 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2022-09-23 | CVE-2022-32832 | Apple | Unspecified vulnerability in Apple products The issue was addressed with improved memory handling. | 6.7 |
2022-09-23 | CVE-2022-30121 | Ivanti | Unspecified vulnerability in Ivanti Endpoint Manager The “LANDesk(R) Management Agent” service exposes a socket and once connected, it is possible to launch commands only for signed executables. | 6.7 |
2022-09-23 | CVE-2021-3782 | Wayland | Integer Overflow or Wraparound vulnerability in Wayland An internal reference count is held on the buffer pool, incremented every time a new buffer is created from the pool. | 6.6 |
2022-09-20 | CVE-2022-35957 | Grafana Fedoraproject | Authentication Bypass by Spoofing vulnerability in multiple products Grafana is an open-source platform for monitoring and observability. | 6.6 |
2022-09-23 | CVE-2022-32220 | Rocket Chat | Missing Authorization vulnerability in Rocket.Chat An information disclosure vulnerability exists in Rocket.Chat <v5 due to the getUserMentionsByChannel meteor server method discloses messages from private channels and direct messages regardless of the users access permission to the room. | 6.5 |
2022-09-23 | CVE-2022-32227 | Rocket Chat | Cleartext Transmission of Sensitive Information vulnerability in Rocket.Chat A cleartext transmission of sensitive information exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 relating to Oauth tokens by having the permission "view-full-other-user-info", this could cause an oauth token leak in the product. | 6.5 |
2022-09-23 | CVE-2022-32816 | Apple | Unspecified vulnerability in Apple products The issue was addressed with improved UI handling. | 6.5 |
2022-09-23 | CVE-2022-40716 | Hashicorp | Unchecked Return Value vulnerability in Hashicorp Consul HashiCorp Consul and Consul Enterprise up to 1.11.8, 1.12.4, and 1.13.1 do not check for multiple SAN URI values in a CSR on the internal RPC endpoint, enabling leverage of privileged access to bypass service mesh intentions. | 6.5 |
2022-09-22 | CVE-2022-38512 | Liferay | Missing Authorization vulnerability in Liferay DXP and Liferay Portal The Translation module in Liferay Portal v7.4.3.12 through v7.4.3.36, and Liferay DXP 7.4 update 8 through 36 does not check permissions before allowing a user to export a web content for translation, allowing attackers to download a web content page's XLIFF translation file via crafted URL. | 6.5 |
2022-09-21 | CVE-2022-41246 | Jenkins | Missing Authorization vulnerability in Jenkins Worksoft Execution Manager A missing permission check in Jenkins Worksoft Execution Manager Plugin 10.0.3.503 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 6.5 |
2022-09-21 | CVE-2022-41250 | Jenkins | Missing Authorization vulnerability in Jenkins SCM Httpclient A missing permission check in Jenkins SCM HttpClient Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 6.5 |
2022-09-21 | CVE-2022-41254 | Jenkins | Missing Authorization vulnerability in Jenkins Cons3Rt 1.0.0 Missing permission checks in Jenkins CONS3RT Plugin 1.0.0 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 6.5 |
2022-09-21 | CVE-2022-41255 | Jenkins | Insufficiently Protected Credentials vulnerability in Jenkins Cons3Rt 1.0.0 Jenkins CONS3RT Plugin 1.0.0 and earlier stores Cons3rt API token unencrypted in job config.xml files on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. | 6.5 |
2022-09-20 | CVE-2017-20147 | Smokeping | Unspecified vulnerability in Smokeping In the ebuild package through smokeping-2.7.3-r1 for SmokePing on Gentoo, the initscript uses a PID file that is writable by the smokeping user. | 6.5 |
2022-09-23 | CVE-2022-41319 | Veritas | Cross-site Scripting vulnerability in Veritas Desktop and Laptop Option A Reflected Cross-Site Scripting (XSS) vulnerability affects the Veritas Desktop Laptop Option (DLO) application login page (aka the DLOServer/restore/login.jsp URI). | 6.1 |
2022-09-22 | CVE-2022-2266 | Yordam | Cross-site Scripting vulnerability in Yordam Library Automation System University Library Automation System developed by Yordam Bilgi Teknolojileri before version 19.2 has an unauthenticated Reflected XSS vulnerability. | 6.1 |
2022-09-22 | CVE-2022-28980 | Liferay | Cross-site Scripting vulnerability in Liferay Portal Multiple cross-site scripting (XSS) vulnerabilities in Liferay Portal v7.4.3.4 and Liferay DXP v7.4 GA allows attackers to execute arbitrary web scripts or HTML via parameters with the filter_ prefix. | 6.1 |
2022-09-19 | CVE-2022-38339 | Safe | Cross-site Scripting vulnerability in Safe FME Server Safe Software FME Server v2021.2.5, v2022.0.0.2 and below contains a cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the login page. | 6.1 |
2022-09-22 | CVE-2022-35896 | Insyde | Improper Input Validation vulnerability in Insyde Insydeh2O An issue SMM memory leak vulnerability in SMM driver (SMRAM was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. | 6.0 |
2022-09-23 | CVE-2022-32799 | Apple | Out-of-bounds Read vulnerability in Apple mac OS X and Macos An out-of-bounds read issue was addressed with improved bounds checking. | 5.9 |
2022-09-23 | CVE-2021-45035 | Velneo | Improper Certificate Validation vulnerability in Velneo Vclient 28.1.3 Velneo vClient on its 28.1.3 version, does not correctly check the certificate of authenticity by default. | 5.9 |
2022-09-21 | CVE-2022-41231 | Jenkins | Path Traversal vulnerability in Jenkins Build-Publisher Jenkins Build-Publisher Plugin 1.22 and earlier allows attackers with Item/Configure permission to create or replace any config.xml file on the Jenkins controller file system by providing a crafted file name to an API endpoint. | 5.7 |
2022-09-23 | CVE-2022-3278 | VIM Fedoraproject | NULL Pointer Dereference vulnerability in multiple products NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0552. | 5.5 |
2022-09-23 | CVE-2022-26707 | Apple | Improper Input Validation vulnerability in Apple Macos An issue in the handling of environment variables was addressed with improved validation. | 5.5 |
2022-09-23 | CVE-2022-32783 | Apple | Unspecified vulnerability in Apple Macos A logic issue was addressed with improved checks. | 5.5 |
2022-09-23 | CVE-2022-32785 | Apple | NULL Pointer Dereference vulnerability in Apple products A null pointer dereference was addressed with improved validation. | 5.5 |
2022-09-23 | CVE-2022-32786 | Apple | Unspecified vulnerability in Apple mac OS X and Macos An issue in the handling of environment variables was addressed with improved validation. | 5.5 |
2022-09-23 | CVE-2022-32789 | Apple | Unspecified vulnerability in Apple Macos A logic issue was addressed with improved checks. | 5.5 |
2022-09-23 | CVE-2022-32800 | Apple | Unspecified vulnerability in Apple mac OS X and Macos This issue was addressed with improved checks. | 5.5 |
2022-09-23 | CVE-2022-32805 | Apple | Unspecified vulnerability in Apple mac OS X and Macos The issue was addressed with improved handling of caches. | 5.5 |
2022-09-23 | CVE-2022-32817 | Apple | Out-of-bounds Read vulnerability in Apple products An out-of-bounds read issue was addressed with improved bounds checking. | 5.5 |
2022-09-23 | CVE-2022-32823 | Apple | Improper Initialization vulnerability in Apple products A memory initialization issue was addressed with improved memory handling. | 5.5 |
2022-09-23 | CVE-2022-32825 | Apple | Unspecified vulnerability in Apple products The issue was addressed with improved memory handling. | 5.5 |
2022-09-23 | CVE-2022-32828 | Apple | Unspecified vulnerability in Apple products The issue was addressed with improved memory handling. | 5.5 |
2022-09-23 | CVE-2022-32841 | Apple | Unspecified vulnerability in Apple products The issue was addressed with improved memory handling. | 5.5 |
2022-09-23 | CVE-2022-32849 | Apple | Unspecified vulnerability in Apple products An information disclosure issue was addressed by removing the vulnerable code. | 5.5 |
2022-09-23 | CVE-2022-2785 | Linux | Out-of-bounds Read vulnerability in Linux Kernel There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpf_sys_bpf are not verified and can point anywhere, including memory not owned by BPF. | 5.5 |
2022-09-21 | CVE-2022-23951 | Keylime | Unspecified vulnerability in Keylime In Keylime before 6.3.0, quote responses from the agent can contain possibly untrusted ZIP data which can lead to zip bombs. | 5.5 |
2022-09-21 | CVE-2022-29799 | Microsoft | Path Traversal vulnerability in Microsoft Windows Defender for Endpoint A vulnerability was found in networkd-dispatcher. | 5.5 |
2022-09-21 | CVE-2022-41218 | Linux Debian | Use After Free vulnerability in multiple products In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release. | 5.5 |
2022-09-21 | CVE-2022-35086 | Swftools | Out-of-bounds Write vulnerability in Swftools SWFTools commit 772e55a2 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S. | 5.5 |
2022-09-21 | CVE-2022-35087 | Swftools | NULL Pointer Dereference vulnerability in Swftools SWFTools commit 772e55a2 was discovered to contain a segmentation violation via MovieAddFrame at /src/gif2swf.c. | 5.5 |
2022-09-20 | CVE-2022-32854 | Apple | Unspecified vulnerability in Apple products This issue was addressed with improved checks. | 5.5 |
2022-09-20 | CVE-2022-32864 | Apple | Unspecified vulnerability in Apple products The issue was addressed with improved memory handling. | 5.5 |
2022-09-20 | CVE-2022-32883 | Apple | Unspecified vulnerability in Apple products A logic issue was addressed with improved restrictions. | 5.5 |
2022-09-21 | CVE-2022-41224 | Jenkins | Cross-site Scripting vulnerability in Jenkins 2.367/2.369 Jenkins 2.367 through 2.369 (both inclusive) does not escape tooltips of the l:helpIcon UI component used for some help icons on the Jenkins web UI, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control tooltips for this component. | 5.4 |
2022-09-21 | CVE-2022-41225 | Jenkins | Cross-site Scripting vulnerability in Jenkins Anchore Container Image Scanner Jenkins Anchore Container Image Scanner Plugin 1.0.24 and earlier does not escape content provided by the Anchore engine API, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control API responses by Anchore engine. | 5.4 |
2022-09-21 | CVE-2022-41229 | Jenkins | Cross-site Scripting vulnerability in Jenkins Ns-Nd Integration Performance Publisher Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.134 and earlier does not escape configuration options of the Execute NetStorm/NetCloud Test build step, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 5.4 |
2022-09-21 | CVE-2022-41239 | Jenkins | Cross-site Scripting vulnerability in Jenkins Dotci Jenkins DotCi Plugin 2.40.00 and earlier does not escape the GitHub user name parameter provided to commit notifications when displaying them in a build cause, resulting in a stored cross-site scripting (XSS) vulnerability. | 5.4 |
2022-09-21 | CVE-2022-41240 | Jenkins | Cross-site Scripting vulnerability in Jenkins Walti 1.0.1 Jenkins Walti Plugin 1.0.1 and earlier does not escape the information provided by the Walti API, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide malicious API responses from Walti. | 5.4 |
2022-09-21 | CVE-2022-41242 | Jenkins | Missing Authorization vulnerability in Jenkins Extreme-Feedback A missing permission check in Jenkins extreme-feedback Plugin 1.7 and earlier allows attackers with Overall/Read permission to discover information about job names attached to lamps, discover MAC and IP addresses of existing lamps, and rename lamps. | 5.4 |
2022-09-24 | CVE-2022-39242 | Parity | Incorrect Calculation vulnerability in Parity Frontier 20210903/20211013 Frontier is an Ethereum compatibility layer for Substrate. | 5.3 |
2022-09-23 | CVE-2022-35238 | Brinidesigner | Unspecified vulnerability in Brinidesigner Awesome Filterable Portfolio Unauthenticated Plugin Settings Change vulnerability in Awesome Filterable Portfolio plugin <= 1.9.7 at WordPress. | 5.3 |
2022-09-22 | CVE-2021-39190 | Teclib Edition | Missing Authorization vulnerability in Teclib-Edition System Center Configuration Manager The SCCM plugin for GLPI is a plugin to synchronize computers from SCCM (version 1802) to GLPI. | 5.3 |
2022-09-22 | CVE-2022-38398 | Apache Debian | Server-Side Request Forgery (SSRF) vulnerability in multiple products Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. | 5.3 |
2022-09-22 | CVE-2022-38648 | Apache Debian | Server-Side Request Forgery (SSRF) vulnerability in multiple products Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources. | 5.3 |
2022-09-21 | CVE-2022-41235 | Jenkins | Unspecified vulnerability in Jenkins Wildfly Deployer 1.0.2 Jenkins WildFly Deployer Plugin 1.0.2 and earlier implements functionality that allows agent processes to read arbitrary files on the Jenkins controller file system. | 5.3 |
2022-09-21 | CVE-2022-41248 | Jenkins | Cleartext Storage of Sensitive Information vulnerability in Jenkins Bigpanda Notifier Jenkins BigPanda Notifier Plugin 1.4.0 and earlier does not mask the BigPanda API key on the global configuration form, increasing the potential for attackers to observe and capture it. | 5.3 |
2022-09-21 | CVE-2022-2795 | ISC Debian Fedoraproject | By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service. | 5.3 |
2022-09-20 | CVE-2022-38956 | Netgear | Improper Validation of Integrity Check Value vulnerability in Netgear Wpn824Ext Firmware 1.1.11.1.9 An exploitable firmware downgrade vulnerability was discovered on the Netgear WPN824EXT WiFi Range Extender. | 5.3 |
2022-09-19 | CVE-2022-29835 | Westerndigital | Inadequate Encryption Strength vulnerability in Westerndigital WD Discovery 4.0.251.0 WD Discovery software executable files were signed with an unsafe SHA-1 hashing algorithm. | 5.3 |
2022-09-23 | CVE-2022-3144 | Wordfence | Unspecified vulnerability in Wordfence Security The Wordfence Security – Firewall & Malware Scan plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 7.6.0 via a setting on the options page due to insufficient escaping on the stored value. | 4.8 |
2022-09-21 | CVE-2022-29800 | Microsoft | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Microsoft Windows Defender for Endpoint A time-of-check-time-of-use (TOCTOU) race condition vulnerability was found in networkd-dispatcher. | 4.7 |
2022-09-23 | CVE-2022-32781 | Apple | Unspecified vulnerability in Apple products This issue was addressed by enabling hardened runtime. | 4.4 |
2022-09-23 | CVE-2022-32782 | Apple | Unspecified vulnerability in Apple Macos This issue was addressed by enabling hardened runtime. | 4.4 |
2022-09-20 | CVE-2021-33079 | Intel | Unspecified vulnerability in Intel products Protection mechanism failure in firmware for some Intel(R) SSD DC Products may allow a privileged user to potentially enable information disclosure via local access. | 4.4 |
2022-09-20 | CVE-2021-33081 | Intel | Unspecified vulnerability in Intel products Protection mechanism failure in firmware for some Intel(R) SSD DC Products may allow a privileged user to potentially enable information disclosure via local access. | 4.4 |
2022-09-19 | CVE-2022-28201 | Mediawiki Debian | Uncontrolled Recursion vulnerability in multiple products An issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. | 4.4 |
2022-09-23 | CVE-2022-32218 | Rocket Chat | Information Exposure Through Discrepancy vulnerability in Rocket.Chat An information disclosure vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 due to the actionLinkHandler method was found to allow Message ID Enumeration with Regex MongoDB queries. | 4.3 |
2022-09-23 | CVE-2022-32228 | Rocket Chat | Unspecified vulnerability in Rocket.Chat An information disclosure vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 since the getReadReceipts Meteor server method does not properly filter user inputs that are passed to MongoDB queries, allowing $regex queries to enumerate arbitrary Message IDs. | 4.3 |
2022-09-23 | CVE-2022-32229 | Rocket Chat | Unspecified vulnerability in Rocket.Chat A information disclosure vulnerability exists in Rockert.Chat <v5 due to /api/v1/chat.getThreadsList lack of sanitization of user inputs and can therefore leak private thread messages to unauthorized users via Mongo DB injection. | 4.3 |
2022-09-23 | CVE-2022-35246 | Rocket Chat | Unspecified vulnerability in Rocket.Chat A NoSQL-Injection information disclosure vulnerability vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 in the getS3FileUrl Meteor server method that can disclose arbitrary file upload URLs to users that should not be able to access. | 4.3 |
2022-09-23 | CVE-2022-35249 | Rocket Chat | Missing Authorization vulnerability in Rocket.Chat A information disclosure vulnerability exists in Rocket.Chat <v5 where the getUserMentionsByChannel meteor server method discloses messages from private channels and direct messages regardless of the users access permission to the room. | 4.3 |
2022-09-21 | CVE-2022-41230 | Jenkins | Missing Authorization vulnerability in Jenkins Build-Publisher Jenkins Build-Publisher Plugin 1.22 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to obtain names and URLs of Jenkins servers that the plugin is configured to publish builds to, as well as builds pending for publication to those Jenkins servers. | 4.3 |
2022-09-21 | CVE-2022-41233 | Jenkins | Missing Authorization vulnerability in Jenkins Rundeck Jenkins Rundeck Plugin 3.6.11 and earlier does not perform Run/Artifacts permission checks in multiple HTTP endpoints, allowing attackers with Item/Read permission to obtain information about build artifacts of a given job, if the optional Run/Artifacts permission is enabled. | 4.3 |
2022-09-21 | CVE-2022-41247 | Jenkins | Insufficiently Protected Credentials vulnerability in Jenkins Bigpanda Notifier Jenkins BigPanda Notifier Plugin 1.4.0 and earlier stores the BigPanda API key unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system. | 4.3 |
2022-09-21 | CVE-2022-41251 | Jenkins | Missing Authorization vulnerability in Jenkins Apprenda A missing permission check in Jenkins Apprenda Plugin 2.2.0 and earlier allows users with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | 4.3 |
2022-09-21 | CVE-2022-41252 | Jenkins | Missing Authorization vulnerability in Jenkins Cons3Rt 1.0.0 Missing permission checks in Jenkins CONS3RT Plugin 1.0.0 and earlier allows users with Overall/Read permission to enumerate credentials ID of credentials stored in Jenkins. | 4.3 |
2022-09-20 | CVE-2022-32795 | Apple | Unspecified vulnerability in Apple Ipados and Iphone OS This issue was addressed with improved checks. | 4.3 |
2022-09-20 | CVE-2022-32868 | Apple | Unspecified vulnerability in Apple Ipados and Iphone OS A logic issue was addressed with improved state management. | 4.3 |
4 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2022-09-22 | CVE-2022-36062 | Grafana | Improper Preservation of Permissions vulnerability in Grafana Grafana is an open-source platform for monitoring and observability. | 3.8 |
2022-09-23 | CVE-2022-35252 | Haxx Netapp Apple Debian Splunk | When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. | 3.7 |
2022-09-23 | CVE-2022-39225 | Parseplatform | Incorrect Resource Transfer Between Spheres vulnerability in Parseplatform Parse-Server Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. | 3.1 |
2022-09-20 | CVE-2022-32872 | Apple | Unspecified vulnerability in Apple Ipados and Iphone OS A logic issue was addressed with improved restrictions. | 2.4 |