Weekly Vulnerabilities Reports > September 19 to 25, 2022

Overview

234 new vulnerabilities reported during this period, including 38 critical vulnerabilities and 112 high severity vulnerabilities. This weekly summary report vulnerabilities in 175 products from 85 vendors including Apple, Jenkins, Debian, Fedoraproject, and Arubanetworks. Vulnerabilities are notably categorized as "Out-of-bounds Write", "Missing Authorization", "Out-of-bounds Read", "SQL Injection", and "Cross-site Scripting".

  • 166 reported vulnerabilities are remotely exploitables.
  • 2 reported vulnerabilities have public exploit available.
  • 48 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 150 reported vulnerabilities are exploitable by an anonymous user.
  • Apple has the most reported vulnerabilities, with 57 reported vulnerabilities.
  • Tenda has the most reported critical vulnerabilities, with 5 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

38 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2022-09-23 CVE-2022-32845 Apple Unspecified vulnerability in Apple products

This issue was addressed with improved checks.

10.0
2022-09-24 CVE-2022-23463 Nepxion Expression Language Injection vulnerability in Nepxion Discovery

Nepxion Discovery is a solution for Spring Cloud.

9.8
2022-09-23 CVE-2022-40630 Tacitine Session Fixation vulnerability in Tacitine products

This vulnerability exists in Tacitine Firewall, all versions of EN6200-PRIME QUAD-35 and EN6200-PRIME QUAD-100 between 19.1.1 to 22.20.1 (inclusive), due to improper session management in the Tacitine Firewall web-based management interface.

9.8
2022-09-23 CVE-2022-36944 Scala Lang
Fedoraproject
Deserialization of Untrusted Data vulnerability in multiple products

Scala 2.13.x before 2.13.9 has a Java deserialization chain in its JAR file.

9.8
2022-09-23 CVE-2022-40854 Tenda Out-of-bounds Write vulnerability in Tenda Ac18 Firmware 15.03.05.19(6318)

Tenda AC18 router contained a stack overflow vulnerability in /goform/fast_setting_wifi_set

9.8
2022-09-23 CVE-2022-40855 Tenda Out-of-bounds Write vulnerability in Tenda W20E Firmware 15.11.0.6

Tenda W20E router V15.11.0.6 contains a stack overflow in the function formSetPortMapping with post request 'goform/setPortMapping/'.

9.8
2022-09-23 CVE-2022-40866 Tenda Out-of-bounds Write vulnerability in Tenda W20E Firmware 15.11.0.6

Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formSetDebugCfg with request /goform/setDebugCfg/

9.8
2022-09-23 CVE-2022-40867 Tenda Out-of-bounds Write vulnerability in Tenda W20E Firmware 15.11.0.6

Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formIPMacBindDel with the request /goform/delIpMacBind/

9.8
2022-09-23 CVE-2022-40868 Tenda Out-of-bounds Write vulnerability in Tenda W20E Firmware 15.11.0.6

Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formDelDhcpRule with the request /goform/delDhcpRules/

9.8
2022-09-23 CVE-2022-3236 Sophos Code Injection vulnerability in Sophos Firewall 19.0.1

A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older.

9.8
2022-09-23 CVE-2022-35951 Redis
Fedoraproject
Integer Overflow or Wraparound vulnerability in multiple products

Redis is an in-memory database that persists on disk.

9.8
2022-09-21 CVE-2021-43310 Keylime Authentication Bypass by Spoofing vulnerability in Keylime

A vulnerability in Keylime before 6.3.0 allows an attacker to craft a request to the agent that resets the U and V keys as if the agent were being re-added to a verifier.

9.8
2022-09-21 CVE-2022-41226 Jenkins XXE vulnerability in Jenkins Compuware Common Configuration

Jenkins Compuware Common Configuration Plugin 1.0.14 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

9.8
2022-09-21 CVE-2022-41237 Jenkins Unspecified vulnerability in Jenkins Dotci

Jenkins DotCi Plugin 2.40.00 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability.

9.8
2022-09-21 CVE-2022-41238 Jenkins Missing Authorization vulnerability in Jenkins Dotci

A missing permission check in Jenkins DotCi Plugin 2.40.00 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to the attacker-specified repository for attacker-specified commits.

9.8
2022-09-21 CVE-2022-37026 Erlang Unspecified vulnerability in Erlang Erlang/Otp

In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS.

9.8
2022-09-21 CVE-2022-41220 Md2Roff Project Out-of-bounds Write vulnerability in Md2Roff Project Md2Roff 1.9

md2roff 1.9 has a stack-based buffer overflow via a Markdown file, a different vulnerability than CVE-2022-34913.

9.8
2022-09-20 CVE-2022-32863 Apple Out-of-bounds Write vulnerability in Apple Safari

A memory corruption issue was addressed with improved state management.

9.8
2022-09-20 CVE-2017-20148 Debian Unspecified vulnerability in Debian Logcheck

In the ebuild package through logcheck-1.3.23.ebuild for Logcheck on Gentoo, it is possible to achieve root privilege escalation from the logcheck user because of insecure recursive chown calls.

9.8
2022-09-20 CVE-2022-41138 Zutty Project Unspecified vulnerability in Zutty Project Zutty

In Zutty before 0.13, DECRQSS in text written to the terminal can achieve arbitrary code execution.

9.8
2022-09-20 CVE-2022-39955 Owasp
Fedoraproject
Debian
The OWASP ModSecurity Core Rule Set (CRS) is affected by a partial rule set bypass by submitting a specially crafted HTTP Content-Type header field that indicates multiple character encoding schemes.
9.8
2022-09-20 CVE-2022-39956 Owasp
Fedoraproject
Debian
Improper Encoding or Escaping of Output vulnerability in multiple products

The OWASP ModSecurity Core Rule Set (CRS) is affected by a partial rule set bypass for HTTP multipart requests by submitting a payload that uses a character encoding scheme via the Content-Type or the deprecated Content-Transfer-Encoding multipart MIME header fields that will not be decoded and inspected by the web application firewall engine and the rule set.

9.8
2022-09-19 CVE-2022-28321 Linux PAM Improper Authentication vulnerability in Linux-Pam

The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins.

9.8
2022-09-19 CVE-2022-40144 Trendmicro Improper Authentication vulnerability in Trendmicro Apex ONE 2019

A vulnerability in Trend Micro Apex One and Trend Micro Apex One as a Service could allow an attacker to bypass the product's login authentication by falsifying request parameters on affected installations.

9.8
2022-09-19 CVE-2022-3218 Necta Improper Authentication vulnerability in Necta Wifi Mouse Server 1.7.8.5

Due to a reliance on client-side authentication, the WiFi Mouse (Mouse Server) from Necta LLC's authentication mechanism is trivially bypassed, which can result in remote code execution.

9.8
2022-09-19 CVE-2022-35914 Glpi Project Injection vulnerability in Glpi-Project Glpi

/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allows PHP code injection.

9.8
2022-09-19 CVE-2022-2840 Zephyr Project Manager Project SQL Injection vulnerability in Zephyr Project Manager Project Zephyr Project Manager

The Zephyr Project Manager WordPress plugin before 3.2.5 does not sanitise and escape various parameters before using them in SQL statements via various AJAX actions available to both unauthenticated and authenticated users, leading to SQL injections

9.8
2022-09-21 CVE-2022-0495 Parantezteknoloji SQL Injection vulnerability in Parantezteknoloji Koha Library Automation 19.05.03

The library automation system product KOHA developed by Parantez Teknoloji before version 19.05.03 has an unauthenticated SQL Injection vulnerability.

9.4
2022-09-21 CVE-2022-2315 Databank SQL Injection vulnerability in Databank Accreditation Tracking/Presentation Module

Database Software Accreditation Tracking/Presentation Module product before version 2 has an unauthenticated SQL Injection vulnerability.

9.4
2022-09-20 CVE-2022-2177 Kayrasoft SQL Injection vulnerability in Kayrasoft 1

Kayrasoft product before version 2 has an unauthenticated SQL Injection vulnerability.

9.4
2022-09-24 CVE-2022-36025 Linuxfoundation Incorrect Conversion between Numeric Types vulnerability in Linuxfoundation Besu

Besu is a Java-based Ethereum client.

9.1
2022-09-23 CVE-2022-32847 Apple Unspecified vulnerability in Apple products

This issue was addressed with improved checks.

9.1
2022-09-23 CVE-2022-23144 ZTE Unspecified vulnerability in ZTE products

There is a broken access control vulnerability in ZTE ZXvSTB product.

9.1
2022-09-23 CVE-2022-39227 Python JWT Project Authentication Bypass by Spoofing vulnerability in Python-Jwt Project Python-Jwt

python-jwt is a module for generating and verifying JSON Web Tokens.

9.1
2022-09-22 CVE-2022-40186 Hashicorp Unspecified vulnerability in Hashicorp Vault

An issue was discovered in HashiCorp Vault and Vault Enterprise before 1.11.3.

9.1
2022-09-21 CVE-2022-41241 Jenkins XXE vulnerability in Jenkins RQM

Jenkins RQM Plugin 2.8 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

9.1
2022-09-19 CVE-2022-37032 Frrouting
Debian
Out-of-bounds Read vulnerability in multiple products

An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service.

9.1
2022-09-21 CVE-2022-30578 Tibco Cross-site Scripting vulnerability in Tibco EBX Add-Ons

The Web Server component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute Stored Cross Site Scripting (XSS) on the affected system.

9.0

112 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2022-09-23 CVE-2022-22610 Apple Out-of-bounds Write vulnerability in Apple products

A memory corruption issue was addressed with improved state management.

8.8
2022-09-23 CVE-2022-22624 Apple Use After Free vulnerability in Apple products

A use after free issue was addressed with improved memory management.

8.8
2022-09-23 CVE-2022-22628 Apple Use After Free vulnerability in Apple products

A use after free issue was addressed with improved memory management.

8.8
2022-09-23 CVE-2022-22637 Apple Unspecified vulnerability in Apple products

A logic issue was addressed with improved state management.

8.8
2022-09-23 CVE-2022-26700 Apple Out-of-bounds Write vulnerability in Apple products

A memory corruption issue was addressed with improved state management.

8.8
2022-09-23 CVE-2022-32211 Rocket Chat SQL Injection vulnerability in Rocket.Chat

A SQL injection vulnerability exists in Rocket.Chat <v3.18.6, <v4.4.4 and <v4.7.3 which can allow an attacker to retrieve a reset password token through or a 2fa secret.

8.8
2022-09-23 CVE-2022-32787 Apple Out-of-bounds Write vulnerability in Apple products

An out-of-bounds write issue was addressed with improved bounds checking.

8.8
2022-09-23 CVE-2022-32792 Apple Out-of-bounds Write vulnerability in Apple products

An out-of-bounds write issue was addressed with improved input validation.

8.8
2022-09-23 CVE-2022-35248 Rocket Chat Improper Authentication vulnerability in Rocket.Chat

A improper authentication vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 that allowed two factor authentication can be bypassed when telling the server to use CAS during login.

8.8
2022-09-23 CVE-2022-38134 Cusrev Unspecified vulnerability in Cusrev Customer Reviews for Woocommerce

Authenticated (subscriber+) Broken Access Control vulnerability in Customer Reviews for WooCommerce plugin <= 5.3.5 at WordPress.

8.8
2022-09-23 CVE-2022-40298 Crestron Incorrect Permission Assignment for Critical Resource vulnerability in Crestron Airmedia 4.3.1.39

Crestron AirMedia for Windows before 5.5.1.84 has insecure inherited permissions, which leads to a privilege escalation vulnerability found in the AirMedia Windows Application, version 4.3.1.39.

8.8
2022-09-21 CVE-2022-41227 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Ns-Nd Integration Performance Publisher 4.8.0.129/4.8.0.77

A cross-site request forgery (CSRF) vulnerability in Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.129 and earlier allows attackers to connect to an attacker-specified webserver using attacker-specified credentials.

8.8
2022-09-21 CVE-2022-41228 Jenkins Missing Authorization vulnerability in Jenkins Ns-Nd Integration Performance Publisher 4.8.0.129/4.8.0.77

A missing permission check in Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.129 and earlier allows attackers with Overall/Read permissions to connect to an attacker-specified webserver using attacker-specified credentials.

8.8
2022-09-21 CVE-2022-41234 Jenkins Missing Authorization vulnerability in Jenkins Rundeck

Jenkins Rundeck Plugin 3.6.11 and earlier does not protect access to the /plugin/rundeck/webhook/ endpoint, allowing users with Overall/Read permission to trigger jobs that are configured to be triggerable via Rundeck.

8.8
2022-09-21 CVE-2022-41236 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Security Inspector

A cross-site request forgery (CSRF) vulnerability in Jenkins Security Inspector Plugin 117.v6eecc36919c2 and earlier allows attackers to replace the generated report stored in a per-session cache and displayed to authorized users at the .../report URL with a report based on attacker-specified report generation options.

8.8
2022-09-21 CVE-2022-41245 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Worksoft Execution Manager

A cross-site request forgery (CSRF) vulnerability in Jenkins Worksoft Execution Manager Plugin 10.0.3.503 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

8.8
2022-09-21 CVE-2022-41249 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins SCM Httpclient

A cross-site request forgery (CSRF) vulnerability in Jenkins SCM HttpClient Plugin 1.5 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

8.8
2022-09-21 CVE-2022-41253 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Cons3Rt 1.0.0

A cross-site request forgery (CSRF) vulnerability in Jenkins CONS3RT Plugin 1.0.0 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

8.8
2022-09-20 CVE-2022-23685 Arubanetworks Cross-Site Request Forgery (CSRF) vulnerability in Arubanetworks Clearpass Policy Manager

A vulnerability in the ClearPass Policy Manager web-based management interface exists which exposes some endpoints to a lack of Cross-Site Request Forgery (CSRF) protection.

8.8
2022-09-20 CVE-2022-23692 Arubanetworks SQL Injection vulnerability in Arubanetworks Clearpass Policy Manager

Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance.

8.8
2022-09-20 CVE-2022-23693 Arubanetworks SQL Injection vulnerability in Arubanetworks Clearpass Policy Manager

Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance.

8.8
2022-09-20 CVE-2022-23694 Arubanetworks SQL Injection vulnerability in Arubanetworks Clearpass Policy Manager

Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance.

8.8
2022-09-20 CVE-2022-23695 Arubanetworks SQL Injection vulnerability in Arubanetworks Clearpass Policy Manager

Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance.

8.8
2022-09-20 CVE-2022-23696 Arubanetworks SQL Injection vulnerability in Arubanetworks Clearpass Policy Manager

Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance.

8.8
2022-09-20 CVE-2022-32886 Apple
Fedoraproject
Debian
Out-of-bounds Write vulnerability in multiple products

A buffer overflow issue was addressed with improved memory handling.

8.8
2022-09-20 CVE-2022-32912 Apple Out-of-bounds Read vulnerability in Apple Ipados and Iphone OS

An out-of-bounds read was addressed with improved bounds checking.

8.8
2022-09-20 CVE-2022-40955 Apache Deserialization of Untrusted Data vulnerability in Apache Inlong

In versions of Apache InLong prior to 1.3.0, an attacker with sufficient privileges to specify MySQL JDBC connection URL parameters and to write arbitrary data to the MySQL database, could cause this data to be deserialized by Apache InLong, potentially leading to Remote Code Execution on the Apache InLong server.

8.8
2022-09-19 CVE-2022-23766 Bigfile Improper Input Validation vulnerability in Bigfile Bigfileagent

An improper input validation vulnerability leading to arbitrary file execution was discovered in BigFileAgent.

8.8
2022-09-19 CVE-2022-38577 Processmaker Improper Preservation of Permissions vulnerability in Processmaker 3.0.1.7/3.4.11

ProcessMaker before v3.5.4 was discovered to contain insecure permissions in the user profile page.

8.8
2022-09-19 CVE-2022-3141 Cozmoslabs SQL Injection vulnerability in Cozmoslabs Translatepress

The Translate Multilingual sites WordPress plugin before 2.3.3 is vulnerable to an authenticated SQL injection.

8.8
2022-09-19 CVE-2022-3142 Basixonline SQL Injection vulnerability in Basixonline Nex-Forms

The NEX-Forms WordPress plugin before 7.9.7 does not properly sanitise and escape user input before using it in SQL statements, leading to SQL injections.

8.8
2022-09-23 CVE-2022-35893 Insyde Improper Input Validation vulnerability in Insyde Insydeh2O

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5.

8.2
2022-09-21 CVE-2022-2881 ISC Out-of-bounds Read vulnerability in ISC Bind

The underlying bug might cause read past end of the buffer and either read memory it should not read, or crash the process.

8.2
2022-09-23 CVE-2020-36604 Hapijs Unspecified vulnerability in Hapijs Hoek

hoek before 8.5.1 and 9.x before 9.0.3 allows prototype poisoning in the clone function.

8.1
2022-09-21 CVE-2022-40616 IBM Unspecified vulnerability in IBM Maximo Asset Management 7.6.1.1/7.6.1.2/7.6.1.3

IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, and 7.6.1.3 could allow a user to bypass authentication and obtain sensitive information or perform tasks they should not have access to.

8.1
2022-09-21 CVE-2022-41243 Jenkins Improper Certificate Validation vulnerability in Jenkins Smalltest

Jenkins SmallTest Plugin 1.0.4 and earlier does not perform hostname validation when connecting to the configured View26 server that could be abused using a man-in-the-middle attack to intercept these connections.

8.1
2022-09-21 CVE-2022-41244 Jenkins Improper Certificate Validation vulnerability in Jenkins View26 Test-Reporting

Jenkins View26 Test-Reporting Plugin 1.0.7 and earlier does not perform hostname validation when connecting to the configured View26 server that could be abused using a man-in-the-middle attack to intercept these connections.

8.1
2022-09-21 CVE-2022-41232 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Build-Publisher

A cross-site request forgery (CSRF) vulnerability in Jenkins Build-Publisher Plugin 1.22 and earlier allows attackers to replace any config.xml file on the Jenkins controller file system with an empty file by providing a crafted file name to an API endpoint.

8.0
2022-09-25 CVE-2022-3297 VIM
Fedoraproject
Use After Free vulnerability in multiple products

Use After Free in GitHub repository vim/vim prior to 9.0.0579.

7.8
2022-09-25 CVE-2022-3296 VIM
Fedoraproject
Stack-based Buffer Overflow vulnerability in multiple products

Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0577.

7.8
2022-09-23 CVE-2022-32814 Apple Type Confusion vulnerability in Apple products

A type confusion issue was addressed with improved state handling.

7.8
2022-09-23 CVE-2022-32796 Apple Out-of-bounds Write vulnerability in Apple Macos

A memory corruption issue was addressed with improved state management.

7.8
2022-09-23 CVE-2022-32815 Apple Unspecified vulnerability in Apple products

The issue was addressed with improved memory handling.

7.8
2022-09-23 CVE-2022-32819 Apple Unspecified vulnerability in Apple products

A logic issue was addressed with improved state management.

7.8
2022-09-23 CVE-2022-32820 Apple Out-of-bounds Write vulnerability in Apple products

An out-of-bounds write issue was addressed with improved input validation.

7.8
2022-09-23 CVE-2022-32821 Apple Out-of-bounds Write vulnerability in Apple products

A memory corruption issue was addressed with improved validation.

7.8
2022-09-23 CVE-2022-32826 Apple Unspecified vulnerability in Apple products

An authorization issue was addressed with improved state management.

7.8
2022-09-23 CVE-2022-32829 Apple Unspecified vulnerability in Apple Iphone OS and Macos

This issue was addressed with improved checks.

7.8
2022-09-23 CVE-2022-32842 Apple Out-of-bounds Read vulnerability in Apple mac OS X and Macos

An out-of-bounds read issue was addressed with improved input validation.

7.8
2022-09-23 CVE-2022-2566 Ffmpeg Integer Overflow or Wraparound vulnerability in Ffmpeg 5.1

A heap out-of-bounds memory write exists in FFMPEG since version 5.1.

7.8
2022-09-23 CVE-2022-41322 Kitty Project
Fedoraproject
Improper Encoding or Escaping of Output vulnerability in multiple products

In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution.

7.8
2022-09-22 CVE-2022-3256 VIM
Fedoraproject
Debian
Use After Free vulnerability in multiple products

Use After Free in GitHub repository vim/vim prior to 9.0.0530.

7.8
2022-09-20 CVE-2022-32908 Apple Out-of-bounds Write vulnerability in Apple products

A memory corruption issue was addressed with improved input validation.

7.8
2022-09-20 CVE-2022-32911 Apple Unspecified vulnerability in Apple products

The issue was addressed with improved memory handling.

7.8
2022-09-20 CVE-2022-32917 Apple Out-of-bounds Write vulnerability in Apple Ipados and Iphone OS

The issue was addressed with improved bounds checks.

7.8
2022-09-19 CVE-2022-3239 Linux Use After Free vulnerability in Linux Kernel

A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xx_usb_probe() for the Empia 28xx based TV cards.

7.8
2022-09-19 CVE-2022-29908 Fabasoft Improper Certificate Validation vulnerability in Fabasoft Cloud Enterprise Client 22.4.0043

The folioupdate service in Fabasoft Cloud Enterprise Client 22.4.0043 allows Local Privilege Escalation.

7.8
2022-09-19 CVE-2022-35699 Adobe Out-of-bounds Write vulnerability in Adobe Bridge

Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2022-09-19 CVE-2022-35700 Adobe Out-of-bounds Write vulnerability in Adobe Bridge

Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2022-09-19 CVE-2022-35701 Adobe Out-of-bounds Write vulnerability in Adobe Bridge

Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2022-09-19 CVE-2022-35702 Adobe Out-of-bounds Read vulnerability in Adobe Bridge

Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure.

7.8
2022-09-19 CVE-2022-35703 Adobe Out-of-bounds Read vulnerability in Adobe Bridge

Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure.

7.8
2022-09-25 CVE-2022-41343 Dompdf Project Files or Directories Accessible to External Parties vulnerability in Dompdf Project Dompdf

registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule.

7.5
2022-09-24 CVE-2022-41340 Secp256K1 JS Project Improper Verification of Cryptographic Signature vulnerability in Secp256K1-Js Project Secp256K1-Js 1.0.0/1.0.1

The secp256k1-js package before 1.1.0 for Node.js implements ECDSA without required r and s validation, leading to signature forgery.

7.5
2022-09-24 CVE-2022-23464 Nepxion Server-Side Request Forgery (SSRF) vulnerability in Nepxion Discovery

Nepxion Discovery is a solution for Spring Cloud.

7.5
2022-09-23 CVE-2022-32790 Apple Unspecified vulnerability in Apple products

This issue was addressed with improved checks.

7.5
2022-09-23 CVE-2022-40188 NIC
Fedoraproject
Debian
Algorithmic Complexity vulnerability in multiple products

Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service (CPU consumption) because of algorithmic complexity.

7.5
2022-09-22 CVE-2022-1941 Google
Fedoraproject
Debian
A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 3.21.5 for protobuf-cpp, and versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 4.21.5 for protobuf-python can lead to out of memory failures.
7.5
2022-09-22 CVE-2022-40146 Apache
Debian
Server-Side Request Forgery (SSRF) vulnerability in multiple products

Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url.

7.5
2022-09-22 CVE-2022-40705 Apache XXE vulnerability in Apache Soap 2.2/2.3

An Improper Restriction of XML External Entity Reference vulnerability in RPCRouterServlet of Apache SOAP allows an attacker to read arbitrary files over HTTP.

7.5
2022-09-21 CVE-2022-23948 Keylime Unspecified vulnerability in Keylime

A flaw was found in Keylime before 6.3.0.

7.5
2022-09-21 CVE-2022-23949 Keylime Authentication Bypass by Spoofing vulnerability in Keylime

In Keylime before 6.3.0, unsanitized UUIDs can be passed by a rogue agent and can lead to log spoofing on the verifier and registrar.

7.5
2022-09-21 CVE-2022-23950 Keylime Exposure of Resource to Wrong Sphere vulnerability in Keylime

In Keylime before 6.3.0, Revocation Notifier uses a fixed /tmp path for UNIX domain socket which can allow unprivileged users a method to prohibit keylime operations.

7.5
2022-09-21 CVE-2022-23952 Keylime Unspecified vulnerability in Keylime

In Keylime before 6.3.0, current keylime installer installs the keylime.conf file, which can contain sensitive data, as world-readable.

7.5
2022-09-21 CVE-2022-2265 Identity AND Directory Management System Project Path Traversal: '.../...//' vulnerability in Identity and Directory Management System Project Identity and Directory Management System

The Identity and Directory Management System developed by Çekino Bilgi Teknolojileri before version 2.1.25 has an unauthenticated Path traversal vulnerability.

7.5
2022-09-21 CVE-2022-2906 ISC Memory Leak vulnerability in ISC Bind

An attacker can leverage this flaw to gradually erode available memory to the point where named crashes for lack of resources.

7.5
2022-09-21 CVE-2022-38177 ISC
Debian
Fedoraproject
Netapp
Memory Leak vulnerability in multiple products

By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak.

7.5
2022-09-21 CVE-2022-38178 ISC
Debian
Fedoraproject
Netapp
Memory Leak vulnerability in multiple products

By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak.

7.5
2022-09-21 CVE-2022-3080 ISC
Fedoraproject
By sending specific queries to the resolver, an attacker can cause named to crash.
7.5
2022-09-20 CVE-2022-37884 Arubanetworks Unspecified vulnerability in Arubanetworks Clearpass Policy Manager

A vulnerability exists in the ClearPass Policy Manager Guest User Interface that can allow an unauthenticated attacker to send specific operations which result in a Denial-of-Service condition.

7.5
2022-09-20 CVE-2022-37972 Microsoft Unspecified vulnerability in Microsoft Endpoint Configuration Manager 2103/2207

Microsoft Endpoint Configuration Manager Spoofing Vulnerability

7.5
2022-09-20 CVE-2022-37259 Stealjs Unspecified vulnerability in Stealjs Steal 2.2.4

A Regular Expression Denial of Service (ReDoS) flaw was found in stealjs steal 2.2.4 via the string variable in babel.js.

7.5
2022-09-20 CVE-2022-38955 Netgear Improper Validation of Integrity Check Value vulnerability in Netgear Wpn824Ext Firmware 1.1.11.1.9

An exploitable firmware modification vulnerability was discovered on the Netgear WPN824EXT WiFi Range Extender.

7.5
2022-09-20 CVE-2022-39974 Wasm3 Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Wasm3 Project Wasm3 0.5.0

WASM3 v0.5.0 was discovered to contain a segmentation fault via the component op_Select_i32_srs in wasm3/source/m3_exec.h.

7.5
2022-09-20 CVE-2022-39957 Owasp
Fedoraproject
Debian
Improper Encoding or Escaping of Output vulnerability in multiple products

The OWASP ModSecurity Core Rule Set (CRS) is affected by a response body bypass.

7.5
2022-09-20 CVE-2022-39958 Owasp
Fedoraproject
Debian
Improper Encoding or Escaping of Output vulnerability in multiple products

The OWASP ModSecurity Core Rule Set (CRS) is affected by a response body bypass to sequentially exfiltrate small and undetectable sections of data by repeatedly submitting an HTTP Range header field with a small byte range.

7.5
2022-09-19 CVE-2022-28203 Mediawiki
Debian
Release of Invalid Pointer or Reference vulnerability in multiple products

A denial-of-service issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2.

7.5
2022-09-19 CVE-2022-40141 Trendmicro Unspecified vulnerability in Trendmicro Apex ONE 2019

A vulnerability in Trend Micro Apex One and Apex One as a Service could allow an attacker to intercept and decode certain communication strings that may contain some identification attributes of a particular Apex One server.

7.5
2022-09-19 CVE-2022-38333 Openwrt Out-of-bounds Read vulnerability in Openwrt

Openwrt before v21.02.3 and Openwrt v22.03.0-rc6 were discovered to contain two skip loops in the function header_value().

7.5
2022-09-19 CVE-2022-40468 Tinyproxy Project Insecure Default Initialization of Resource vulnerability in Tinyproxy Project Tinyproxy

Potential leak of left-over heap data if custom error page templates containing special non-standard variables are used.

7.5
2022-09-19 CVE-2022-37700 Easycorp Path Traversal vulnerability in Easycorp Zentao 15.0

Zentao Demo15 is vulnerable to Directory Traversal.

7.5
2022-09-22 CVE-2022-40932 Phpgurukul Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul ZOO Management System 1.0

In Zoo Management System v1.0, there is an arbitrary file upload vulnerability in the picture upload point of the "gallery" file of the "Gallery" module in the background management system.

7.2
2022-09-21 CVE-2022-37027 Ahsay Argument Injection or Modification vulnerability in Ahsay Cloud Backup Suite 9.1.4.0

Ahsay AhsayCBS 9.1.4.0 allows an authenticated system user to inject arbitrary Java JVM options.

7.2
2022-09-20 CVE-2022-37878 Arubanetworks OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host.

7.2
2022-09-20 CVE-2022-37879 Arubanetworks Unspecified vulnerability in Arubanetworks Clearpass Policy Manager

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host.

7.2
2022-09-20 CVE-2022-37880 Arubanetworks Unspecified vulnerability in Arubanetworks Clearpass Policy Manager

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host.

7.2
2022-09-20 CVE-2022-37881 Arubanetworks Unspecified vulnerability in Arubanetworks Clearpass Policy Manager

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host.

7.2
2022-09-20 CVE-2022-37882 Arubanetworks Unspecified vulnerability in Arubanetworks Clearpass Policy Manager

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host.

7.2
2022-09-20 CVE-2022-37883 Arubanetworks Unspecified vulnerability in Arubanetworks Clearpass Policy Manager

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host.

7.2
2022-09-20 CVE-2022-38340 Safe Path Traversal vulnerability in Safe FME Server

Safe Software FME Server v2021.2.5, v2022.0.0.2 and below was discovered to contain a Path Traversal vulnerability via the component fmedataupload.

7.2
2022-09-19 CVE-2022-40139 Trendmicro Unspecified vulnerability in Trendmicro Apex ONE 2019

Improper validation of some components used by the rollback mechanism in Trend Micro Apex One and Trend Micro Apex One as a Service clients could allow a Apex One server administrator to instruct affected clients to download an unverified rollback package, which could lead to remote code execution.

7.2
2022-09-23 CVE-2020-36521 Apple Out-of-bounds Read vulnerability in Apple products

An out-of-bounds read was addressed with improved input validation.

7.1
2022-09-23 CVE-2022-32797 Apple Unspecified vulnerability in Apple mac OS X and Macos

This issue was addressed with improved checks.

7.1
2022-09-23 CVE-2022-32807 Apple Unspecified vulnerability in Apple mac OS X and Macos

This issue was addressed with improved file handling.

7.1
2022-09-23 CVE-2022-32831 Apple Out-of-bounds Read vulnerability in Apple mac OS X and Macos

An out-of-bounds read was addressed with improved bounds checking.

7.1
2022-09-23 CVE-2022-32843 Apple Out-of-bounds Write vulnerability in Apple mac OS X and Macos

An out-of-bounds write issue was addressed with improved bounds checking.

7.1
2022-09-23 CVE-2022-32851 Apple Out-of-bounds Read vulnerability in Apple mac OS X and Macos

An out-of-bounds read issue was addressed with improved input validation.

7.1
2022-09-23 CVE-2022-32853 Apple Out-of-bounds Read vulnerability in Apple mac OS X and Macos

An out-of-bounds read issue was addressed with improved input validation.

7.1
2022-09-23 CVE-2022-2347 Denx Out-of-bounds Write vulnerability in Denx U-Boot

There exists an unchecked length field in UBoot.

7.1
2022-09-23 CVE-2021-41803 Hashicorp Missing Authorization vulnerability in Hashicorp Consul

HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 do not properly validate the node or segment names prior to interpolation and usage in JWT claim assertions with the auto config RPC.

7.1
2022-09-19 CVE-2022-38341 Safe Unspecified vulnerability in Safe FME Server 2021.2.3

Safe Software FME Server v2021.2.5 and below does not employ server-side validation.

7.1
2022-09-21 CVE-2022-41222 Linux
Debian
Netapp
Canonical
Use After Free vulnerability in multiple products

mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.

7.0

80 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2022-09-23 CVE-2022-32832 Apple Unspecified vulnerability in Apple products

The issue was addressed with improved memory handling.

6.7
2022-09-23 CVE-2022-30121 Ivanti Unspecified vulnerability in Ivanti Endpoint Manager

The “LANDesk(R) Management Agent” service exposes a socket and once connected, it is possible to launch commands only for signed executables.

6.7
2022-09-23 CVE-2021-3782 Wayland Integer Overflow or Wraparound vulnerability in Wayland

An internal reference count is held on the buffer pool, incremented every time a new buffer is created from the pool.

6.6
2022-09-20 CVE-2022-35957 Grafana
Fedoraproject
Authentication Bypass by Spoofing vulnerability in multiple products

Grafana is an open-source platform for monitoring and observability.

6.6
2022-09-23 CVE-2022-32220 Rocket Chat Missing Authorization vulnerability in Rocket.Chat

An information disclosure vulnerability exists in Rocket.Chat <v5 due to the getUserMentionsByChannel meteor server method discloses messages from private channels and direct messages regardless of the users access permission to the room.

6.5
2022-09-23 CVE-2022-32227 Rocket Chat Cleartext Transmission of Sensitive Information vulnerability in Rocket.Chat

A cleartext transmission of sensitive information exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 relating to Oauth tokens by having the permission "view-full-other-user-info", this could cause an oauth token leak in the product.

6.5
2022-09-23 CVE-2022-32816 Apple Unspecified vulnerability in Apple products

The issue was addressed with improved UI handling.

6.5
2022-09-23 CVE-2022-40716 Hashicorp Unchecked Return Value vulnerability in Hashicorp Consul

HashiCorp Consul and Consul Enterprise up to 1.11.8, 1.12.4, and 1.13.1 do not check for multiple SAN URI values in a CSR on the internal RPC endpoint, enabling leverage of privileged access to bypass service mesh intentions.

6.5
2022-09-22 CVE-2022-38512 Liferay Missing Authorization vulnerability in Liferay DXP and Liferay Portal

The Translation module in Liferay Portal v7.4.3.12 through v7.4.3.36, and Liferay DXP 7.4 update 8 through 36 does not check permissions before allowing a user to export a web content for translation, allowing attackers to download a web content page's XLIFF translation file via crafted URL.

6.5
2022-09-21 CVE-2022-41246 Jenkins Missing Authorization vulnerability in Jenkins Worksoft Execution Manager

A missing permission check in Jenkins Worksoft Execution Manager Plugin 10.0.3.503 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

6.5
2022-09-21 CVE-2022-41250 Jenkins Missing Authorization vulnerability in Jenkins SCM Httpclient

A missing permission check in Jenkins SCM HttpClient Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

6.5
2022-09-21 CVE-2022-41254 Jenkins Missing Authorization vulnerability in Jenkins Cons3Rt 1.0.0

Missing permission checks in Jenkins CONS3RT Plugin 1.0.0 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

6.5
2022-09-21 CVE-2022-41255 Jenkins Insufficiently Protected Credentials vulnerability in Jenkins Cons3Rt 1.0.0

Jenkins CONS3RT Plugin 1.0.0 and earlier stores Cons3rt API token unencrypted in job config.xml files on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.

6.5
2022-09-20 CVE-2017-20147 Smokeping Unspecified vulnerability in Smokeping

In the ebuild package through smokeping-2.7.3-r1 for SmokePing on Gentoo, the initscript uses a PID file that is writable by the smokeping user.

6.5
2022-09-23 CVE-2022-41319 Veritas Cross-site Scripting vulnerability in Veritas Desktop and Laptop Option

A Reflected Cross-Site Scripting (XSS) vulnerability affects the Veritas Desktop Laptop Option (DLO) application login page (aka the DLOServer/restore/login.jsp URI).

6.1
2022-09-22 CVE-2022-2266 Yordam Cross-site Scripting vulnerability in Yordam Library Automation System

University Library Automation System developed by Yordam Bilgi Teknolojileri before version 19.2 has an unauthenticated Reflected XSS vulnerability.

6.1
2022-09-22 CVE-2022-28980 Liferay Cross-site Scripting vulnerability in Liferay Portal

Multiple cross-site scripting (XSS) vulnerabilities in Liferay Portal v7.4.3.4 and Liferay DXP v7.4 GA allows attackers to execute arbitrary web scripts or HTML via parameters with the filter_ prefix.

6.1
2022-09-19 CVE-2022-38339 Safe Cross-site Scripting vulnerability in Safe FME Server

Safe Software FME Server v2021.2.5, v2022.0.0.2 and below contains a cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the login page.

6.1
2022-09-22 CVE-2022-35896 Insyde Improper Input Validation vulnerability in Insyde Insydeh2O

An issue SMM memory leak vulnerability in SMM driver (SMRAM was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5.

6.0
2022-09-23 CVE-2022-32799 Apple Out-of-bounds Read vulnerability in Apple mac OS X and Macos

An out-of-bounds read issue was addressed with improved bounds checking.

5.9
2022-09-23 CVE-2021-45035 Velneo Improper Certificate Validation vulnerability in Velneo Vclient 28.1.3

Velneo vClient on its 28.1.3 version, does not correctly check the certificate of authenticity by default.

5.9
2022-09-21 CVE-2022-41231 Jenkins Path Traversal vulnerability in Jenkins Build-Publisher

Jenkins Build-Publisher Plugin 1.22 and earlier allows attackers with Item/Configure permission to create or replace any config.xml file on the Jenkins controller file system by providing a crafted file name to an API endpoint.

5.7
2022-09-23 CVE-2022-3278 VIM
Fedoraproject
NULL Pointer Dereference vulnerability in multiple products

NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0552.

5.5
2022-09-23 CVE-2022-26707 Apple Improper Input Validation vulnerability in Apple Macos

An issue in the handling of environment variables was addressed with improved validation.

5.5
2022-09-23 CVE-2022-32783 Apple Unspecified vulnerability in Apple Macos

A logic issue was addressed with improved checks.

5.5
2022-09-23 CVE-2022-32785 Apple NULL Pointer Dereference vulnerability in Apple products

A null pointer dereference was addressed with improved validation.

5.5
2022-09-23 CVE-2022-32786 Apple Unspecified vulnerability in Apple mac OS X and Macos

An issue in the handling of environment variables was addressed with improved validation.

5.5
2022-09-23 CVE-2022-32789 Apple Unspecified vulnerability in Apple Macos

A logic issue was addressed with improved checks.

5.5
2022-09-23 CVE-2022-32800 Apple Unspecified vulnerability in Apple mac OS X and Macos

This issue was addressed with improved checks.

5.5
2022-09-23 CVE-2022-32805 Apple Unspecified vulnerability in Apple mac OS X and Macos

The issue was addressed with improved handling of caches.

5.5
2022-09-23 CVE-2022-32817 Apple Out-of-bounds Read vulnerability in Apple products

An out-of-bounds read issue was addressed with improved bounds checking.

5.5
2022-09-23 CVE-2022-32823 Apple Improper Initialization vulnerability in Apple products

A memory initialization issue was addressed with improved memory handling.

5.5
2022-09-23 CVE-2022-32825 Apple Unspecified vulnerability in Apple products

The issue was addressed with improved memory handling.

5.5
2022-09-23 CVE-2022-32828 Apple Unspecified vulnerability in Apple products

The issue was addressed with improved memory handling.

5.5
2022-09-23 CVE-2022-32841 Apple Unspecified vulnerability in Apple products

The issue was addressed with improved memory handling.

5.5
2022-09-23 CVE-2022-32849 Apple Unspecified vulnerability in Apple products

An information disclosure issue was addressed by removing the vulnerable code.

5.5
2022-09-23 CVE-2022-2785 Linux Out-of-bounds Read vulnerability in Linux Kernel

There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpf_sys_bpf are not verified and can point anywhere, including memory not owned by BPF.

5.5
2022-09-21 CVE-2022-23951 Keylime Unspecified vulnerability in Keylime

In Keylime before 6.3.0, quote responses from the agent can contain possibly untrusted ZIP data which can lead to zip bombs.

5.5
2022-09-21 CVE-2022-29799 Microsoft Path Traversal vulnerability in Microsoft Windows Defender for Endpoint

A vulnerability was found in networkd-dispatcher.

5.5
2022-09-21 CVE-2022-41218 Linux
Debian
Use After Free vulnerability in multiple products

In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.

5.5
2022-09-21 CVE-2022-35086 Swftools Out-of-bounds Write vulnerability in Swftools

SWFTools commit 772e55a2 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S.

5.5
2022-09-21 CVE-2022-35087 Swftools NULL Pointer Dereference vulnerability in Swftools

SWFTools commit 772e55a2 was discovered to contain a segmentation violation via MovieAddFrame at /src/gif2swf.c.

5.5
2022-09-20 CVE-2022-32854 Apple Unspecified vulnerability in Apple products

This issue was addressed with improved checks.

5.5
2022-09-20 CVE-2022-32864 Apple Unspecified vulnerability in Apple products

The issue was addressed with improved memory handling.

5.5
2022-09-20 CVE-2022-32883 Apple Unspecified vulnerability in Apple products

A logic issue was addressed with improved restrictions.

5.5
2022-09-21 CVE-2022-41224 Jenkins Cross-site Scripting vulnerability in Jenkins 2.367/2.369

Jenkins 2.367 through 2.369 (both inclusive) does not escape tooltips of the l:helpIcon UI component used for some help icons on the Jenkins web UI, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control tooltips for this component.

5.4
2022-09-21 CVE-2022-41225 Jenkins Cross-site Scripting vulnerability in Jenkins Anchore Container Image Scanner

Jenkins Anchore Container Image Scanner Plugin 1.0.24 and earlier does not escape content provided by the Anchore engine API, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control API responses by Anchore engine.

5.4
2022-09-21 CVE-2022-41229 Jenkins Cross-site Scripting vulnerability in Jenkins Ns-Nd Integration Performance Publisher

Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.134 and earlier does not escape configuration options of the Execute NetStorm/NetCloud Test build step, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

5.4
2022-09-21 CVE-2022-41239 Jenkins Cross-site Scripting vulnerability in Jenkins Dotci

Jenkins DotCi Plugin 2.40.00 and earlier does not escape the GitHub user name parameter provided to commit notifications when displaying them in a build cause, resulting in a stored cross-site scripting (XSS) vulnerability.

5.4
2022-09-21 CVE-2022-41240 Jenkins Cross-site Scripting vulnerability in Jenkins Walti 1.0.1

Jenkins Walti Plugin 1.0.1 and earlier does not escape the information provided by the Walti API, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide malicious API responses from Walti.

5.4
2022-09-21 CVE-2022-41242 Jenkins Missing Authorization vulnerability in Jenkins Extreme-Feedback

A missing permission check in Jenkins extreme-feedback Plugin 1.7 and earlier allows attackers with Overall/Read permission to discover information about job names attached to lamps, discover MAC and IP addresses of existing lamps, and rename lamps.

5.4
2022-09-24 CVE-2022-39242 Parity Incorrect Calculation vulnerability in Parity Frontier 20210903/20211013

Frontier is an Ethereum compatibility layer for Substrate.

5.3
2022-09-23 CVE-2022-35238 Brinidesigner Unspecified vulnerability in Brinidesigner Awesome Filterable Portfolio

Unauthenticated Plugin Settings Change vulnerability in Awesome Filterable Portfolio plugin <= 1.9.7 at WordPress.

5.3
2022-09-22 CVE-2021-39190 Teclib Edition Missing Authorization vulnerability in Teclib-Edition System Center Configuration Manager

The SCCM plugin for GLPI is a plugin to synchronize computers from SCCM (version 1802) to GLPI.

5.3
2022-09-22 CVE-2022-38398 Apache
Debian
Server-Side Request Forgery (SSRF) vulnerability in multiple products

Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol.

5.3
2022-09-22 CVE-2022-38648 Apache
Debian
Server-Side Request Forgery (SSRF) vulnerability in multiple products

Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources.

5.3
2022-09-21 CVE-2022-41235 Jenkins Unspecified vulnerability in Jenkins Wildfly Deployer 1.0.2

Jenkins WildFly Deployer Plugin 1.0.2 and earlier implements functionality that allows agent processes to read arbitrary files on the Jenkins controller file system.

5.3
2022-09-21 CVE-2022-41248 Jenkins Cleartext Storage of Sensitive Information vulnerability in Jenkins Bigpanda Notifier

Jenkins BigPanda Notifier Plugin 1.4.0 and earlier does not mask the BigPanda API key on the global configuration form, increasing the potential for attackers to observe and capture it.

5.3
2022-09-21 CVE-2022-2795 ISC
Debian
Fedoraproject
By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service.
5.3
2022-09-20 CVE-2022-38956 Netgear Improper Validation of Integrity Check Value vulnerability in Netgear Wpn824Ext Firmware 1.1.11.1.9

An exploitable firmware downgrade vulnerability was discovered on the Netgear WPN824EXT WiFi Range Extender.

5.3
2022-09-19 CVE-2022-29835 Westerndigital Inadequate Encryption Strength vulnerability in Westerndigital WD Discovery 4.0.251.0

WD Discovery software executable files were signed with an unsafe SHA-1 hashing algorithm.

5.3
2022-09-23 CVE-2022-3144 Wordfence Unspecified vulnerability in Wordfence Security

The Wordfence Security – Firewall & Malware Scan plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 7.6.0 via a setting on the options page due to insufficient escaping on the stored value.

4.8
2022-09-21 CVE-2022-29800 Microsoft Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Microsoft Windows Defender for Endpoint

A time-of-check-time-of-use (TOCTOU) race condition vulnerability was found in networkd-dispatcher.

4.7
2022-09-23 CVE-2022-32781 Apple Unspecified vulnerability in Apple products

This issue was addressed by enabling hardened runtime.

4.4
2022-09-23 CVE-2022-32782 Apple Unspecified vulnerability in Apple Macos

This issue was addressed by enabling hardened runtime.

4.4
2022-09-20 CVE-2021-33079 Intel Unspecified vulnerability in Intel products

Protection mechanism failure in firmware for some Intel(R) SSD DC Products may allow a privileged user to potentially enable information disclosure via local access.

4.4
2022-09-20 CVE-2021-33081 Intel Unspecified vulnerability in Intel products

Protection mechanism failure in firmware for some Intel(R) SSD DC Products may allow a privileged user to potentially enable information disclosure via local access.

4.4
2022-09-19 CVE-2022-28201 Mediawiki
Debian
Uncontrolled Recursion vulnerability in multiple products

An issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2.

4.4
2022-09-23 CVE-2022-32218 Rocket Chat Information Exposure Through Discrepancy vulnerability in Rocket.Chat

An information disclosure vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 due to the actionLinkHandler method was found to allow Message ID Enumeration with Regex MongoDB queries.

4.3
2022-09-23 CVE-2022-32228 Rocket Chat Unspecified vulnerability in Rocket.Chat

An information disclosure vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 since the getReadReceipts Meteor server method does not properly filter user inputs that are passed to MongoDB queries, allowing $regex queries to enumerate arbitrary Message IDs.

4.3
2022-09-23 CVE-2022-32229 Rocket Chat Unspecified vulnerability in Rocket.Chat

A information disclosure vulnerability exists in Rockert.Chat <v5 due to /api/v1/chat.getThreadsList lack of sanitization of user inputs and can therefore leak private thread messages to unauthorized users via Mongo DB injection.

4.3
2022-09-23 CVE-2022-35246 Rocket Chat Unspecified vulnerability in Rocket.Chat

A NoSQL-Injection information disclosure vulnerability vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 in the getS3FileUrl Meteor server method that can disclose arbitrary file upload URLs to users that should not be able to access.

4.3
2022-09-23 CVE-2022-35249 Rocket Chat Missing Authorization vulnerability in Rocket.Chat

A information disclosure vulnerability exists in Rocket.Chat <v5 where the getUserMentionsByChannel meteor server method discloses messages from private channels and direct messages regardless of the users access permission to the room.

4.3
2022-09-21 CVE-2022-41230 Jenkins Missing Authorization vulnerability in Jenkins Build-Publisher

Jenkins Build-Publisher Plugin 1.22 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to obtain names and URLs of Jenkins servers that the plugin is configured to publish builds to, as well as builds pending for publication to those Jenkins servers.

4.3
2022-09-21 CVE-2022-41233 Jenkins Missing Authorization vulnerability in Jenkins Rundeck

Jenkins Rundeck Plugin 3.6.11 and earlier does not perform Run/Artifacts permission checks in multiple HTTP endpoints, allowing attackers with Item/Read permission to obtain information about build artifacts of a given job, if the optional Run/Artifacts permission is enabled.

4.3
2022-09-21 CVE-2022-41247 Jenkins Insufficiently Protected Credentials vulnerability in Jenkins Bigpanda Notifier

Jenkins BigPanda Notifier Plugin 1.4.0 and earlier stores the BigPanda API key unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.

4.3
2022-09-21 CVE-2022-41251 Jenkins Missing Authorization vulnerability in Jenkins Apprenda

A missing permission check in Jenkins Apprenda Plugin 2.2.0 and earlier allows users with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.

4.3
2022-09-21 CVE-2022-41252 Jenkins Missing Authorization vulnerability in Jenkins Cons3Rt 1.0.0

Missing permission checks in Jenkins CONS3RT Plugin 1.0.0 and earlier allows users with Overall/Read permission to enumerate credentials ID of credentials stored in Jenkins.

4.3
2022-09-20 CVE-2022-32795 Apple Unspecified vulnerability in Apple Ipados and Iphone OS

This issue was addressed with improved checks.

4.3
2022-09-20 CVE-2022-32868 Apple Unspecified vulnerability in Apple Ipados and Iphone OS

A logic issue was addressed with improved state management.

4.3

4 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2022-09-22 CVE-2022-36062 Grafana Improper Preservation of Permissions vulnerability in Grafana

Grafana is an open-source platform for monitoring and observability.

3.8
2022-09-23 CVE-2022-35252 Haxx
Netapp
Apple
Debian
Splunk
When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses.
3.7
2022-09-23 CVE-2022-39225 Parseplatform Incorrect Resource Transfer Between Spheres vulnerability in Parseplatform Parse-Server

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js.

3.1
2022-09-20 CVE-2022-32872 Apple Unspecified vulnerability in Apple Ipados and Iphone OS

A logic issue was addressed with improved restrictions.

2.4