Weekly Vulnerabilities Reports > September 26 to October 2, 2022

Overview

344 new vulnerabilities reported during this period, including 44 critical vulnerabilities and 140 high severity vulnerabilities. This weekly summary report vulnerabilities in 733 products from 163 vendors including Fedoraproject, Google, Zyxel, Cisco, and Debian. Vulnerabilities are notably categorized as "Cross-site Scripting", "SQL Injection", "Out-of-bounds Write", "Use After Free", and "Path Traversal".

  • 282 reported vulnerabilities are remotely exploitables.
  • 2 reported vulnerabilities have public exploit available.
  • 122 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 222 reported vulnerabilities are exploitable by an anonymous user.
  • Fedoraproject has the most reported vulnerabilities, with 52 reported vulnerabilities.
  • Gavazziautomation has the most reported critical vulnerabilities, with 6 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

44 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2022-09-30 CVE-2022-35156 Phpgurukul SQL Injection vulnerability in PHPgurukul BUS Pass Management System 1.0

Bus Pass Management System 1.0 was discovered to contain a SQL Injection vulnerability via the searchdata parameter at /buspassms/download-pass.php..

9.8
2022-09-30 CVE-2022-40943 Phpgurukul SQL Injection vulnerability in PHPgurukul Dairy Farm Shop Management System 1.0

Dairy Farm Shop Management System 1.0 is vulnerable to SQL Injection via bwdate-report-ds.php file.

9.8
2022-09-30 CVE-2022-40944 Phpgurukul SQL Injection vulnerability in PHPgurukul Dairy Farm Shop Management System 1.0

Dairy Farm Shop Management System 1.0 is vulnerable to SQL Injection via sales-report-ds.php file.

9.8
2022-09-30 CVE-2022-40314 Moodle Unspecified vulnerability in Moodle

A remote code execution risk when restoring backup files originating from Moodle 1.9 was identified.

9.8
2022-09-30 CVE-2022-40315 Moodle
Fedoraproject
SQL Injection vulnerability in multiple products

A limited SQL injection risk was identified in the "browse list of users" site administration page.

9.8
2022-09-30 CVE-2022-2778 Octopus Unspecified vulnerability in Octopus Server

In affected versions of Octopus Deploy it is possible to bypass rate limiting on login using null bytes.

9.8
2022-09-29 CVE-2022-33880 Hospital Management System Mini Project Project SQL Injection vulnerability in Hospital Management System Mini-Project Project Hospital Management System Mini-Project

hms-staff.php in Projectworlds Hospital Management System Mini-Project through 2018-06-17 allows SQL injection via the type parameter.

9.8
2022-09-29 CVE-2022-39266 Isolated VM Project Protection Mechanism Failure vulnerability in Isolated-Vm Project Isolated-Vm

isolated-vm is a library for nodejs which gives the user access to v8's Isolate interface.

9.8
2022-09-29 CVE-2022-29503 Uclibc
Uclibc NG Project
Anker
Allocation of Resources Without Limits or Throttling vulnerability in multiple products

A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0.9.33.2 and uClibC-ng 1.0.40.

9.8
2022-09-29 CVE-2022-40887 Best Student Result Management System Project SQL Injection vulnerability in Best Student Result Management System Project Best Student Result Management System 1.0

SourceCodester Best Student Result Management System 1.0 is vulnerable to SQL Injection.

9.8
2022-09-29 CVE-2022-40475 Totolink OS Command Injection vulnerability in Totolink A860R Firmware 4.1.2Cu.5182B20201027

TOTOLINK A860R V4.1.2cu.5182_B20201027 was discovered to contain a command injection via the component /cgi-bin/downloadFile.cgi.

9.8
2022-09-29 CVE-2016-2338 Ruby Lang
Debian
Out-of-bounds Write vulnerability in multiple products

An exploitable heap overflow vulnerability exists in the Psych::Emitter start_document function of Ruby.

9.8
2022-09-29 CVE-2020-15331 Zyxel Missing Encryption of Sensitive Data vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded OAUTH_SECRET_KEY in /opt/axess/etc/default/axess.

9.8
2022-09-29 CVE-2020-15332 Zyxel Cleartext Storage of Sensitive Information vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak /opt/axess/etc/default/axess permissions.

9.8
2022-09-29 CVE-2020-15347 Zyxel Insufficiently Protected Credentials vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the q6xV4aW8bQ4cfD-b password for the axiros account.

9.8
2022-09-29 CVE-2020-27602 Bigbluebutton Injection vulnerability in Bigbluebutton

BigBlueButton before 2.2.7 does not have a protection mechanism for separator injection in meetingId, userId, and authToken.

9.8
2022-09-29 CVE-2020-35674 Bigprof SQL Injection vulnerability in Bigprof Online Invoicing System

BigProf Online Invoicing System before 2.9 suffers from an unauthenticated SQL Injection found in /membership_passwordReset.php (the endpoint that is responsible for issuing self-service password resets).

9.8
2022-09-29 CVE-2021-45790 Metersphere Unrestricted Upload of File with Dangerous Type vulnerability in Metersphere 1.15.4

An arbitrary file upload vulnerability was found in Metersphere v1.15.4.

9.8
2022-09-28 CVE-2022-40929 Xuxueli OS Command Injection vulnerability in Xuxueli Xxl-Job 2.2.0

XXL-JOB 2.2.0 has a Command execution vulnerability in background tasks.

9.8
2022-09-28 CVE-2022-40942 Tenda Out-of-bounds Write vulnerability in Tenda TX3 Firmware 16.03.13.11

Tenda TX3 US_TX3V1.0br_V16.03.13.11 is vulnerable to stack overflow via compare_parentcontrol_time.

9.8
2022-09-28 CVE-2022-22522 Gavazziautomation Use of Hard-coded Credentials vulnerability in Gavazziautomation products

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of hard-coded credentials to gain full access to the device.

9.8
2022-09-28 CVE-2022-22526 Gavazziautomation Missing Authentication for Critical Function vulnerability in Gavazziautomation products

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a missing authentication allows for full access via API.

9.8
2022-09-28 CVE-2022-28811 Gavazziautomation OS Command Injection vulnerability in Gavazziautomation products

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could utilize an improper input validation on an API-submitted parameter to execute arbitrary OS commands.

9.8
2022-09-28 CVE-2022-28812 Gavazziautomation Use of Hard-coded Credentials vulnerability in Gavazziautomation products

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of hard-coded credentials to gain SuperUser access to the device.

9.8
2022-09-28 CVE-2022-28814 Gavazziautomation Path Traversal vulnerability in Gavazziautomation products

Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 was discovered to be vulnerable to a relative path traversal vulnerability which enables remote attackers to read arbitrary files and gain full control of the device.

9.8
2022-09-28 CVE-2022-3332 Food Ordering Management System Project Improper Enforcement of Message or Data Structure vulnerability in Food Ordering Management System Project Food Ordering Management System

A vulnerability classified as critical has been found in SourceCodester Food Ordering Management System.

9.8
2022-09-28 CVE-2022-39033 Lcnet Path Traversal vulnerability in Lcnet Smart Evision 2022.02.21

Smart eVision’s file acquisition function has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter.

9.8
2022-09-27 CVE-2021-41433 Resumes Management AND JOB Application Website Application Project SQL Injection vulnerability in Resumes Management and JOB Application Website Application Project Resumes Management and JOB Application Website Application 1.0

SQL Injection vulnerability exists in version 1.0 of the Resumes Management and Job Application Website application login form by EGavilan Media that allows authentication bypass through login.php.

9.8
2022-09-27 CVE-2022-37346 EC Cube Unrestricted Upload of File with Dangerous Type vulnerability in Ec-Cube Product Image Bulk Upload 1.0.0/4.1.0

EC-CUBE plugin 'Product Image Bulk Upload Plugin' 1.0.0 and 4.1.0 contains an insufficient verification vulnerability when uploading files.

9.8
2022-09-27 CVE-2022-40877 Exam Reviewer Management System Project SQL Injection vulnerability in Exam Reviewer Management System Project Exam Reviewer Management System 1.0

Exam Reviewer Management System 1.0 is vulnerable to SQL Injection via the ‘id’ parameter.

9.8
2022-09-27 CVE-2022-41570 Eyesofnetwork SQL Injection vulnerability in Eyesofnetwork

An issue was discovered in EyesOfNetwork (EON) through 5.3.11.

9.8
2022-09-27 CVE-2022-41571 Eyesofnetwork Unspecified vulnerability in Eyesofnetwork

An issue was discovered in EyesOfNetwork (EON) through 5.3.11.

9.8
2022-09-26 CVE-2022-30004 Online Market Place Site Project SQL Injection vulnerability in Online Market Place Site Project Online Market Place Site 1.0

Sourcecodester Online Market Place Site v1.0 suffers from an unauthenticated blind SQL Injection Vulnerability allowing remote attackers to dump the SQL database via time-based SQL injection..

9.8
2022-09-26 CVE-2022-40050 Zfile Unrestricted Upload of File with Dangerous Type vulnerability in Zfile 4.1.1

ZFile v4.1.1 was discovered to contain an arbitrary file upload vulnerability via the component /file/upload/1.

9.8
2022-09-26 CVE-2022-28721 HP Unspecified vulnerability in HP products

Certain HP Print Products are potentially vulnerable to Remote Code Execution.

9.8
2022-09-26 CVE-2022-28722 HP Classic Buffer Overflow vulnerability in HP products

Certain HP Print Products are potentially vulnerable to Buffer Overflow.

9.8
2022-09-26 CVE-2022-39243 Nuprocess Project Unspecified vulnerability in Nuprocess Project Nuprocess

NuProcess is an external process execution implementation for Java.

9.8
2022-09-26 CVE-2022-21797 Joblib Project
Fedoraproject
Debian
The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the pre_dispatch flag in Parallel() class due to the eval() statement.
9.8
2022-09-26 CVE-2022-41352 Zimbra Path Traversal vulnerability in Zimbra Collaboration 8.8.15/9.0.0

An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0.

9.8
2022-09-28 CVE-2022-40083 Labstack Open Redirect vulnerability in Labstack Echo 4.8.0

Labstack Echo v4.8.0 was discovered to contain an open redirect vulnerability via the Static Handler component.

9.6
2022-09-26 CVE-2022-3075 Google
Fedoraproject
Improper Input Validation vulnerability in multiple products

Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

9.6
2022-09-28 CVE-2022-22524 Gavazziautomation SQL Injection vulnerability in Gavazziautomation products

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 an unauthenticated remote attacker could utilize a SQL-Injection vulnerability to gain full database access, modify users and stop services .

9.4
2022-10-01 CVE-2022-42002 Sonicjs Out-of-bounds Write vulnerability in Sonicjs

SonicJS through 0.6.0 allows file overwrite.

9.1
2022-09-28 CVE-2022-30935 B2Evolution Use of Insufficiently Random Values vulnerability in B2Evolution

An authorization bypass in b2evolution allows remote, unauthenticated attackers to predict password reset tokens for any user through the use of a bad randomness function.

9.1

140 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2022-09-30 CVE-2022-40341 Mojoportal Unrestricted Upload of File with Dangerous Type vulnerability in Mojoportal 2.7.0.0

mojoPortal v2.7 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted PNG file.

8.8
2022-09-30 CVE-2022-40756 Actian Unspecified vulnerability in Actian Psql and ZEN

If folder security is misconfigured for Actian Zen PSQL BEFORE Patch Update 1 for Zen 15 SP1 (v15.11.005), Patch Update 4 for Zen 15 (v15.01.017), or Patch Update 5 for Zen 14 SP2 (v14.21.022), it can allow an attacker (with file read/write access) to remove specific security files in order to reset the master password and gain access to the database.

8.8
2022-09-30 CVE-2021-36854 Bookingultrapro Cross-Site Request Forgery (CSRF) vulnerability in Bookingultrapro Booking Ultra PRO Appointments Booking Calendar

Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Booking Ultra Pro plugin <= 1.1.4 at WordPress.

8.8
2022-09-30 CVE-2022-36961 Solarwinds SQL Injection vulnerability in Solarwinds Orion Platform

A vulnerable component of Orion Platform was vulnerable to SQL Injection, an authenticated attacker could leverage this for privilege escalation or remote code execution.

8.8
2022-09-29 CVE-2022-40407 Chamilo Unrestricted Upload of File with Dangerous Type vulnerability in Chamilo 1.11

A zip slip vulnerability in the file upload function of Chamilo v1.11 allows attackers to execute arbitrary code via a crafted Zip file.

8.8
2022-09-29 CVE-2020-35675 Bigprof Cross-Site Request Forgery (CSRF) vulnerability in Bigprof Online Invoicing System

BigProf Online Invoicing System before 3.0 offers a functionality that allows an administrator to move the records of members across groups.

8.8
2022-09-29 CVE-2021-45788 Metersphere SQL Injection vulnerability in Metersphere 1.15.4

Time-based SQL Injection vulnerabilities were found in Metersphere v1.15.4 via the "orders" parameter.

8.8
2022-09-28 CVE-2022-40486 TP Link Code Injection vulnerability in Tp-Link Archer Ax10 V1 Firmware 1.3.1

TP Link Archer AX10 V1 Firmware Version 1.3.1 Build 20220401 Rel.

8.8
2022-09-28 CVE-2022-39032 Lcnet Improper Privilege Management vulnerability in Lcnet Smart Evision 2022.02.21

Smart eVision has an improper privilege management vulnerability.

8.8
2022-09-28 CVE-2022-40497 Wazuh Unspecified vulnerability in Wazuh

Wazuh v3.6.1 - v3.13.5, v4.0.0 - v4.2.7, and v4.3.0 - v4.3.7 were discovered to contain an authenticated remote code execution (RCE) vulnerability via the Active Response endpoint.

8.8
2022-09-27 CVE-2022-31367 Strapi SQL Injection vulnerability in Strapi

Strapi before 3.6.10 and 4.x before 4.1.10 mishandles hidden attributes within admin API responses.

8.8
2022-09-27 CVE-2022-37209 Jflyfox SQL Injection vulnerability in Jflyfox Jfinal CMS 5.1.0

JFinal CMS 5.1.0 is affected by: SQL Injection.

8.8
2022-09-27 CVE-2022-40878 Exam Reviewer Management System Project Unrestricted Upload of File with Dangerous Type vulnerability in Exam Reviewer Management System Project Exam Reviewer Management System 1.0

In Exam Reviewer Management System 1.0, an authenticated attacker can upload a web-shell php file in profile page to achieve Remote Code Execution (RCE).

8.8
2022-09-27 CVE-2022-41604 Checkpoint Improper Privilege Management vulnerability in Checkpoint Zonealarm

Check Point ZoneAlarm Extreme Security before 15.8.211.19229 allows local users to escalate privileges.

8.8
2022-09-26 CVE-2022-2852 Google
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in FedCM in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-09-26 CVE-2022-2853 Google
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

Heap buffer overflow in Downloads in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-09-26 CVE-2022-2854 Google
Fedoraproject
Race Condition vulnerability in multiple products

Use after free in SwiftShader in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-09-26 CVE-2022-2855 Google
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in ANGLE in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-09-26 CVE-2022-2857 Google
Fedoraproject
Race Condition vulnerability in multiple products

Use after free in Blink in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-09-26 CVE-2022-2858 Google
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in Sign-In Flow in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via specific UI interaction.

8.8
2022-09-26 CVE-2022-2859 Google
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in Chrome OS Shell in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions.

8.8
2022-09-26 CVE-2022-3038 Google
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in Network Service in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-09-26 CVE-2022-3039 Google
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in WebSQL in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-09-26 CVE-2022-3040 Google
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

Use after free in Layout in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-09-26 CVE-2022-3041 Google
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in WebSQL in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-09-26 CVE-2022-3042 Google
Fedoraproject
Race Condition vulnerability in multiple products

Use after free in PhoneHub in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-09-26 CVE-2022-3043 Google
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

Heap buffer overflow in Screen Capture in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-09-26 CVE-2022-3045 Google
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

Insufficient validation of untrusted input in V8 in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-09-26 CVE-2022-3046 Google
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in Browser Tag in Google Chrome prior to 105.0.5195.52 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-09-26 CVE-2022-3049 Google
Fedoraproject
Race Condition vulnerability in multiple products

Use after free in SplitScreen in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-09-26 CVE-2022-3050 Google
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

Heap buffer overflow in WebUI in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions.

8.8
2022-09-26 CVE-2022-3051 Google
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

Heap buffer overflow in Exosphere in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions.

8.8
2022-09-26 CVE-2022-3052 Google
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

Heap buffer overflow in Window Manager in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions.

8.8
2022-09-26 CVE-2022-3055 Google
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in Passwords in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-09-26 CVE-2022-3058 Google
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in Sign-In Flow in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interaction.

8.8
2022-09-26 CVE-2022-3071 Google
Fedoraproject
Race Condition vulnerability in multiple products

Use after free in Tab Strip in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interaction.

8.8
2022-09-26 CVE-2022-3195 Google
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

Out of bounds write in Storage in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.

8.8
2022-09-26 CVE-2022-3196 Google
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

8.8
2022-09-26 CVE-2022-3197 Google
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

8.8
2022-09-26 CVE-2022-3198 Google
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

8.8
2022-09-26 CVE-2022-3199 Google
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-09-26 CVE-2022-3200 Google
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

Heap buffer overflow in Internals in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2022-09-26 CVE-2022-40043 Centreon SQL Injection vulnerability in Centreon 20.10.18

Centreon v20.10.18 was discovered to contain a SQL injection vulnerability via the esc_name (Escalation Name) parameter at Configuration/Notifications/Escalations.

8.8
2022-09-26 CVE-2022-40784 Mipcm Out-of-bounds Write vulnerability in Mipcm Mipc Camera Firmware 5.3.1.2003161406

Unlimited strcpy on user input when setting a locale file leads to stack buffer overflow in mIPC camera firmware 5.3.1.2003161406.

8.8
2022-09-26 CVE-2022-40785 Mipcm Unspecified vulnerability in Mipcm Mipc Camera Firmware 5.3.1.2003161406

Unsanitized input when setting a locale file leads to shell injection in mIPC camera firmware 5.3.1.2003161406.

8.8
2022-09-26 CVE-2021-24890 Dplugins Missing Authorization vulnerability in Dplugins Scripts Organizer

The Scripts Organizer WordPress plugin before 3.0 does not have capability and CSRF checks in the saveScript AJAX action, available to both unauthenticated and authenticated users, and does not validate user input in any way, which could allow unauthenticated users to put arbitrary PHP code in a file

8.8
2022-09-26 CVE-2022-36159 Contec Use of Hard-coded Credentials vulnerability in Contec products

Contec FXA3200 version 1.13 and under were discovered to contain a hard coded hash password for root stored in the component /etc/shadow.

8.8
2022-09-29 CVE-2014-0144 Qemu
Redhat
Improper Input Validation vulnerability in multiple products

QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various other image formats are vulnerable to potential memory corruptions, integer/buffer overflows or crash caused by missing input validations which could allow a remote user to execute arbitrary code on the host with the privileges of the QEMU process.

8.6
2022-09-28 CVE-2022-36448 Insyde Improper Input Validation vulnerability in Insyde Insydeh2O

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5.

8.2
2022-09-27 CVE-2022-39258 Mailcow Open Redirect vulnerability in Mailcow Mailcow: Dockerized

mailcow is a mailserver suite.

8.2
2022-09-30 CVE-2022-39268 Orchest Cross-Site Request Forgery (CSRF) vulnerability in Orchest

### Impact In a CSRF attack, an innocent end user is tricked by an attacker into submitting a web request that they did not intend.

8.1
2022-09-30 CVE-2021-33354 Htmly Path Traversal vulnerability in Htmly

Directory Traversal vulnerability in htmly before 2.8.1 allows remote attackers to perform arbitrary file deletions via modified file parameter.

8.1
2022-09-29 CVE-2022-41828 Amazon Incorrect Type Conversion or Cast vulnerability in Amazon web Services Redshift Java Database Connectivity Driver

In Amazon AWS Redshift JDBC Driver (aka amazon-redshift-jdbc-driver or redshift-jdbc42) before 2.1.0.8, the Object Factory does not check the class type when instantiating an object from a class name.

8.1
2022-09-28 CVE-2022-39263 Nextauth JS Improper Authentication vulnerability in Nextauth.Js Next-Auth

`@next-auth/upstash-redis-adapter` is the Upstash Redis adapter for NextAuth.js, which provides authentication for Next.js.

8.1
2022-09-29 CVE-2022-40472 Zktec Improper Neutralization of Formula Elements in a CSV File vulnerability in Zktec Zkbio Time 8.0.7

ZKTeco Xiamen Information Technology ZKBio Time 8.0.7 Build: 20220721.14829 was discovered to contain a CSV injection vulnerability.

8.0
2022-09-27 CVE-2022-39256 Orckestra Deserialization of Untrusted Data vulnerability in Orckestra C1 CMS

Orckestra C1 CMS is a .NET based Web Content Management System.

8.0
2022-09-26 CVE-2022-36158 Contec Forced Browsing vulnerability in Contec products

Contec FXA3200 version 1.13.00 and under suffers from Insecure Permissions in the Wireless LAN Manager interface which allows malicious actors to execute Linux commands with root privilege via a hidden web page (/usr/www/ja/mnt_cmd.cgi).

8.0
2022-09-30 CVE-2022-20775 Cisco Path Traversal vulnerability in Cisco products

Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges.

7.8
2022-09-30 CVE-2022-20818 Cisco Path Traversal vulnerability in Cisco products

Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges.

7.8
2022-09-30 CVE-2022-41975 Realvnc Unspecified vulnerability in Realvnc VNC Server and VNC Viewer

RealVNC VNC Server before 6.11.0 and VNC Viewer before 6.22.826 on Windows allow local privilege escalation via MSI installer Repair mode.

7.8
2022-09-30 CVE-2022-40274 Gridea Unspecified vulnerability in Gridea 0.9.3

Gridea version 0.9.3 allows an external attacker to execute arbitrary code remotely on any client attempting to view a malicious markdown file through Gridea.

7.8
2022-09-30 CVE-2022-40277 Joplinapp Improper Input Validation vulnerability in Joplinapp Joplin 2.8.8

Joplin version 2.8.8 allows an external attacker to execute arbitrary commands remotely on any client that opens a link in a malicious markdown file, via Joplin.

7.8
2022-09-29 CVE-2022-3352 VIM
Fedoraproject
Debian
Use After Free vulnerability in multiple products

Use After Free in GitHub repository vim/vim prior to 9.0.0614.

7.8
2022-09-29 CVE-2022-40126 Clash Project Files or Directories Accessible to External Parties vulnerability in Clash Project Clash 0.19.9

A misconfiguration in the Service Mode profile directory of Clash for Windows v0.19.9 allows attackers to escalate privileges and execute arbitrary commands when Service Mode is activated.

7.8
2022-09-29 CVE-2022-38222 Xpdfreader Use After Free vulnerability in Xpdfreader Xpdf 4.04

There is a use-after-free issue in JBIG2Stream::close() located in JBIG2Stream.cc in Xpdf 4.04.

7.8
2022-09-28 CVE-2022-40710 Trendmicro Link Following vulnerability in Trendmicro Deep Security Agent 20.0

A link following vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to escalate privileges on affected installations.

7.8
2022-09-28 CVE-2022-1270 Graphicsmagick
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

In GraphicsMagick, a heap buffer overflow was found when parsing MIFF.

7.8
2022-09-28 CVE-2022-32168 Notepad Plus Plus Uncontrolled Search Path Element vulnerability in Notepad-Plus-Plus Notepad++

Notepad++ versions 8.4.1 and before are vulnerable to DLL hijacking where an attacker can replace the vulnerable dll (UxTheme.dll) with his own dll and run arbitrary code in the context of Notepad++.

7.8
2022-09-27 CVE-2022-38932 Toaruos Out-of-bounds Write vulnerability in Toaruos 2.0.1

readelf in ToaruOS 2.0.1 has a global overflow allowing RCE when parsing a crafted ELF file.

7.8
2022-09-27 CVE-2022-3324 VIM
Fedoraproject
Debian
Stack-based Buffer Overflow vulnerability in multiple products

Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598.

7.8
2022-09-26 CVE-2022-22058 Qualcomm Use After Free vulnerability in Qualcomm products

Memory corruption due to use after free issue in kernel while processing ION handles in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8
2022-09-26 CVE-2022-3103 Linux Off-by-one Error vulnerability in Linux Kernel 6.0

off-by-one in io_uring module.

7.8
2022-09-26 CVE-2022-39245 Makedeb Untrusted Search Path vulnerability in Makedeb Mist

Mist is the command-line interface for the makedeb Package Repository.

7.8
2022-09-26 CVE-2022-41347 Zimbra Unspecified vulnerability in Zimbra Collaboration 8.8.15/9.0.0

An issue was discovered in Zimbra Collaboration (ZCS) 8.8.x and 9.x (e.g., 8.8.15).

7.8
2022-10-02 CVE-2022-42003 Fasterxml
Quarkus
Debian
Netapp
Deserialization of Untrusted Data vulnerability in multiple products

In FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled.

7.5
2022-10-02 CVE-2022-42004 Fasterxml
Quarkus
Debian
Netapp
Deserialization of Untrusted Data vulnerability in multiple products

In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays.

7.5
2022-09-30 CVE-2022-20847 Cisco Unspecified vulnerability in Cisco IOS XE 17.3.3

A vulnerability in the DHCP processing functionality of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

7.5
2022-09-30 CVE-2022-20848 Cisco Unspecified vulnerability in Cisco IOS XE 17.6.1/17.6.3/17.9.1

A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

7.5
2022-09-30 CVE-2022-20856 Cisco Unspecified vulnerability in Cisco IOS XE 17.3.4C

A vulnerability in the processing of Control and Provisioning of Wireless Access Points (CAPWAP) Mobility messages in Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

7.5
2022-09-30 CVE-2022-20919 Cisco Improper Handling of Exceptional Conditions vulnerability in Cisco IOS XE 17.9.1

A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition.

7.5
2022-09-30 CVE-2022-3371 Ikus Soft Allocation of Resources Without Limits or Throttling vulnerability in Ikus-Soft Rdiffweb

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a3.

7.5
2022-09-30 CVE-2022-2529 Cloudflare Resource Exhaustion vulnerability in Cloudflare Goflow

sflow decode package does not employ sufficient packet sanitisation which can lead to a denial of service attack.

7.5
2022-09-30 CVE-2022-21222 CSS What Project Unspecified vulnerability in Css-What Project Css-What

The package css-what before 2.1.3 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of insecure regular expression in the re_attr variable of index.js.

7.5
2022-09-30 CVE-2022-24373 Swmansion Unspecified vulnerability in Swmansion React Native Reanimated

The package react-native-reanimated before 3.0.0-rc.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper usage of regular expression in the parser of Colors.js.

7.5
2022-09-29 CVE-2022-3364 Ikus Soft Allocation of Resources Without Limits or Throttling vulnerability in Ikus-Soft Rdiffweb

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a3.

7.5
2022-09-29 CVE-2022-39168 IBM Insufficiently Protected Credentials vulnerability in IBM products

IBM Robotic Process Automation Clients are vulnerable to proxy credentials being exposed in upgrade logs.

7.5
2022-09-29 CVE-2022-38732 Netapp Unspecified vulnerability in Netapp Snapcenter

SnapCenter versions prior to 4.7 shipped without Content Security Policy (CSP) implemented which could allow certain types of attacks that otherwise would be prevented.

7.5
2022-09-29 CVE-2022-39252 Matrix Key Exchange without Entity Authentication vulnerability in Matrix Matrix-Rust-Sdk

matrix-rust-sdk is an implementation of a Matrix client-server library in Rust, and matrix-sdk-crypto is the Matrix encryption library.

7.5
2022-09-29 CVE-2022-39250 Matrix Improper Authentication vulnerability in Matrix Javascript SDK

Matrix JavaScript SDK is the Matrix Client-Server software development kit (SDK) for JavaScript.

7.5
2022-09-29 CVE-2022-40890 Open5Gs Improper Resource Shutdown or Release vulnerability in Open5Gs

A vulnerability in /src/amf/amf-context.c in Open5GS 2.4.10 and earlier leads to AMF denial of service.

7.5
2022-09-29 CVE-2012-2201 IBM Unspecified vulnerability in IBM Websphere MQ 7.1

IBM WebSphere MQ 7.1 is vulnerable to a denial of service, caused by an error when handling user ids.

7.5
2022-09-29 CVE-2020-15327 Zyxel Use of Hard-coded Credentials vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 uses ZODB storage without authentication.

7.5
2022-09-29 CVE-2020-15340 Zyxel Missing Encryption of Sensitive Data vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded opt/axess/AXAssets/default_axess/axess/TR69/Handlers/turbolink/sshkeys/id_rsa SSH key.

7.5
2022-09-29 CVE-2020-15341 Zyxel Insufficiently Protected Credentials vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated update_all_realm_license API.

7.5
2022-09-29 CVE-2022-1718 Trudesk Project Integer Overflow or Wraparound vulnerability in Trudesk Project Trudesk

The trudesk application allows large characters to insert in the input field "Full Name" on the signup field which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request in GitHub repository polonel/trudesk prior to 1.2.2.

7.5
2022-09-29 CVE-2022-40278 Samsung Use After Free vulnerability in Samsung Tizenrt

An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE).

7.5
2022-09-29 CVE-2022-40279 Samsung Unchecked Return Value vulnerability in Samsung Tizenrt

An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE).

7.5
2022-09-29 CVE-2019-5797 Google Double Free vulnerability in Google Chrome

Double free in DOMStorage in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

7.5
2022-09-29 CVE-2022-39173 Wolfssl Out-of-bounds Write vulnerability in Wolfssl

In wolfSSL before 5.5.1, malicious clients can cause a buffer overflow during a TLS 1.3 handshake.

7.5
2022-09-28 CVE-2022-34424 Dell Out-of-bounds Write vulnerability in Dell Smartfabric Os10

Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that could allow an attacker to cause a system crash by running particular security scans.

7.5
2022-09-28 CVE-2022-39255 Matrix Improper Authentication vulnerability in Matrix Software Development KIT

Matrix iOS SDK allows developers to build iOS apps compatible with Matrix.

7.5
2022-09-28 CVE-2022-39257 Matrix Improper Authentication vulnerability in Matrix Software Development KIT

Matrix iOS SDK allows developers to build iOS apps compatible with Matrix.

7.5
2022-09-28 CVE-2022-39248 Matrix Key Exchange without Entity Authentication vulnerability in Matrix Software Development KIT

matrix-android-sdk2 is the Matrix SDK for Android.

7.5
2022-09-28 CVE-2022-39249 Matrix Improper Authentication vulnerability in Matrix Javascript SDK

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript.

7.5
2022-09-28 CVE-2022-39251 Matrix Improper Authentication vulnerability in Matrix Javascript SDK

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript.

7.5
2022-09-28 CVE-2022-3215 Apple Injection vulnerability in Apple Swiftnio

NIOHTTP1 and projects using it for generating HTTP responses can be subject to a HTTP Response Injection attack.

7.5
2022-09-28 CVE-2022-3354 Open5Gs Improper Resource Shutdown or Release vulnerability in Open5Gs

A vulnerability has been found in Open5GS up to 2.4.10 and classified as problematic.

7.5
2022-09-28 CVE-2022-22523 Gavazziautomation Improper Authentication vulnerability in Gavazziautomation products

An improper authentication vulnerability exists in the Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 Web-App which allows an authentication bypass to the context of an unauthorised user if free-access is disabled.

7.5
2022-09-28 CVE-2022-28813 Gavazziautomation SQL Injection vulnerability in Gavazziautomation products

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of an SQL-injection to gain access to a volatile temporary database with the current states of the device.

7.5
2022-09-28 CVE-2022-39261 Symfony
Drupal
Fedoraproject
Debian
Path Traversal vulnerability in multiple products

Twig is a template language for PHP.

7.5
2022-09-28 CVE-2022-40082 Cloudwego Path Traversal vulnerability in Cloudwego Hertz 0.3.0

Hertz v0.3.0 ws discovered to contain a path traversal vulnerability via the normalizePath function.

7.5
2022-09-28 CVE-2022-39030 Lcnet Incorrect Authorization vulnerability in Lcnet Smart Evision 2022.02.21

smart eVision has inadequate authorization for system information query function.

7.5
2022-09-27 CVE-2022-34326 Realtek Unspecified vulnerability in Realtek Rtl8195Am Firmware 2.0.10/2.0.6

In ambiot amb1_sdk (aka SDK for Ameba1) before 2022-06-20 on Realtek RTL8195AM devices before 284241d70308ff2519e40afd7b284ba892c730a3, the timer task and RX task would be locked when there are frequent and continuous Wi-Fi connection (with four-way handshake) failures in Soft AP mode.

7.5
2022-09-27 CVE-2022-3323 Advantech SQL Injection vulnerability in Advantech Iview 5.7.04.6469

An SQL injection vulnerability in Advantech iView 5.7.04.6469.

7.5
2022-09-26 CVE-2022-3298 Ikus Soft Allocation of Resources Without Limits or Throttling vulnerability in Ikus-Soft Rdiffweb

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8.

7.5
2022-09-26 CVE-2022-3290 Ikus Soft Unspecified vulnerability in Ikus-Soft Rdiffweb

Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8.

7.5
2022-09-26 CVE-2022-3272 Ikus Soft Unspecified vulnerability in Ikus-Soft Rdiffweb

Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8.

7.5
2022-09-26 CVE-2022-3204 Nlnetlabs
Fedoraproject
Resource Exhaustion vulnerability in multiple products

A vulnerability named 'Non-Responsive Delegation Attack' (NRDelegation Attack) has been discovered in various DNS resolving software.

7.5
2022-09-26 CVE-2022-2987 Ldap WP Login Active Directory Integration Project Missing Authorization vulnerability in Ldap WP Login / Active Directory Integration Project Ldap WP Login / Active Directory Integration

The Ldap WP Login / Active Directory Integration WordPress plugin before 3.0.2 does not have any authorisation and CSRF checks when updating it's settings (which are hooked to the init action), allowing unauthenticated attackers to update them.

7.5
2022-09-26 CVE-2022-3119 Oauth Client Single Sign ON Project Cross-Site Request Forgery (CSRF) vulnerability in Oauth Client Single Sign on Project Oauth Client Single Sign on

The OAuth client Single Sign On WordPress plugin before 3.0.4 does not have authorisation and CSRF when updating its settings, which could allow unauthenticated attackers to update them and change the OAuth endpoints to ones they controls, allowing them to then be authenticated as admin if they know the correct email address

7.5
2022-09-26 CVE-2022-3295 Ikus Soft Allocation of Resources Without Limits or Throttling vulnerability in Ikus-Soft Rdiffweb

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8.

7.5
2022-09-27 CVE-2022-37193 Chipolo Insufficiently Protected Credentials vulnerability in Chipolo 4.13.0

Chipolo ONE Bluetooth tracker (2020) Chipolo iOS app version 4.13.0 is vulnerable to Incorrect Access Control.

7.4
2022-09-30 CVE-2022-20851 Cisco OS Command Injection vulnerability in Cisco IOS XE 17.6.1

A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device.

7.2
2022-09-30 CVE-2022-41870 Innovaphone Command Injection vulnerability in Innovaphone Firmware 12R1/13R2

AP Manager in Innovaphone before 13r2 Service Release 17 allows command injection via a modified service ID during app upload.

7.2
2022-09-30 CVE-2022-41437 Billing System Project Project Unrestricted Upload of File with Dangerous Type vulnerability in Billing System Project Billing System Project 1.0

Billing System Project v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the component /php_action/createProduct.php.

7.2
2022-09-30 CVE-2022-41439 Billing System Project Project SQL Injection vulnerability in Billing System Project Billing System Project 1.0

Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /phpinventory/edituser.php.

7.2
2022-09-30 CVE-2022-41440 Billing System Project Project SQL Injection vulnerability in Billing System Project Billing System Project 1.0

Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /phpinventory/editcategory.php.

7.2
2022-09-29 CVE-2022-36066 Discourse Unrestricted Upload of File with Dangerous Type vulnerability in Discourse

Discourse is an open source discussion platform.

7.2
2022-09-29 CVE-2022-40048 Flatpress Unrestricted Upload of File with Dangerous Type vulnerability in Flatpress 1.2.1

Flatpress v1.2.1 was discovered to contain a remote code execution (RCE) vulnerability in the Upload File function.

7.2
2022-09-28 CVE-2022-22525 Gavazziautomation Improper Input Validation vulnerability in Gavazziautomation products

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 an remote attacker with admin rights could execute arbitrary commands due to missing input sanitization in the backup restore function

7.2
2022-09-27 CVE-2022-40352 Online Tours Travels Management System Project SQL Injection vulnerability in Online Tours & Travels Management System Project Online Tours & Travels Management System 1.0

Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_traveller.php.

7.2
2022-09-27 CVE-2022-40353 Online Tours Travels Management System Project SQL Injection vulnerability in Online Tours & Travels Management System Project Online Tours & Travels Management System 1.0

Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/up_booking.php.

7.2
2022-09-27 CVE-2022-40354 Online Tours Travels Management System Project SQL Injection vulnerability in Online Tours & Travels Management System Project Online Tours & Travels Management System 1.0

Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_booking.php.

7.2
2022-09-26 CVE-2022-2352 Wpexperts Server-Side Request Forgery (SSRF) vulnerability in Wpexperts Post Smtp

The Post SMTP Mailer/Email Log WordPress plugin before 2.1.7 does not have proper authorisation in some AJAX actions, which could allow high privilege users such as admin to perform blind SSRF on multisite installations for example.

7.2
2022-09-26 CVE-2022-2903 Ninjaforms Deserialization of Untrusted Data vulnerability in Ninjaforms Ninja Forms

The Ninja Forms Contact Form WordPress plugin before 3.6.13 unserialises the content of an imported file, which could lead to PHP object injections issues when an admin import (intentionally or not) a malicious file and a suitable gadget chain is present on the blog.

7.2
2022-09-26 CVE-2022-40924 Phpgurukul Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul ZOO Management System 1.0

Zoo Management System v1.0 has an arbitrary file upload vulnerability in the picture upload point of the "save_animal" file of the "Animals" module in the background management system.

7.2
2022-09-26 CVE-2022-40925 Phpgurukul Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul ZOO Management System 1.0

Zoo Management System v1.0 has an arbitrary file upload vulnerability in the picture upload point of the "save_event" file of the "Events" module in the background management system.

7.2
2022-09-30 CVE-2022-34429 Dell Path Traversal vulnerability in Dell Hybrid Client

Dell Hybrid Client below 1.8 version contains a Zip Slip Vulnerability in UI.

7.1
2022-09-30 CVE-2022-20850 Cisco Improper Input Validation vulnerability in Cisco products

A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device.

7.1
2022-09-30 CVE-2022-40313 Moodle
Fedoraproject
Cross-site Scripting vulnerability in multiple products

Recursive rendering of Mustache template helpers containing user input could, in some cases, result in an XSS risk or a page failing to load.

7.1

149 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2022-09-30 CVE-2022-20662 Cisco Improper Authentication vulnerability in Cisco DUO 1.1.0/1.1.1/2.0

A vulnerability in the smart card login authentication of Cisco Duo for macOS could allow an unauthenticated attacker with physical access to bypass authentication.

6.8
2022-09-28 CVE-2022-3349 Sony Out-of-bounds Write vulnerability in Sony Playstation 4 Firmware and Playstation 5 Firmware

A vulnerability was found in Sony PS4 and PS5.

6.8
2022-09-26 CVE-2022-3048 Google
Fedoraproject
Incorrect Authorization vulnerability in multiple products

Inappropriate implementation in Chrome OS lockscreen in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a local attacker to bypass lockscreen navigation restrictions via physical access to the device.

6.8
2022-09-30 CVE-2022-20855 Cisco OS Command Injection vulnerability in Cisco IOS XE 17.6.1

A vulnerability in the self-healing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst Access Points could allow an authenticated, local attacker to escape the restricted controller shell and execute arbitrary commands on the underlying operating system of the access point.

6.7
2022-09-30 CVE-2022-20930 Cisco OS Command Injection vulnerability in Cisco products

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system.

6.7
2022-09-27 CVE-2022-23006 Westerndigital Out-of-bounds Write vulnerability in Westerndigital products

A stack-based buffer overflow vulnerability was found on Western Digital My Cloud Home, My Cloud Home Duo, and SanDisk ibi that could allow an attacker accessing the system locally to read information from /etc/version file.

6.7
2022-09-30 CVE-2022-1959 Spsoftmobile Unspecified vulnerability in Spsoftmobile Applock 7.9.29

AppLock version 7.9.29 allows an attacker with physical access to the device to bypass biometric authentication.

6.6
2022-09-30 CVE-2022-20769 Cisco Out-of-bounds Write vulnerability in Cisco Wireless LAN Controller Software

A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device.

6.5
2022-09-30 CVE-2022-20810 Cisco Unspecified vulnerability in Cisco IOS XE

A vulnerability in the Simple Network Management Protocol (SNMP) of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an authenticated, remote attacker to access sensitive information.

6.5
2022-09-30 CVE-2022-20945 Cisco Improper Input Validation vulnerability in Cisco products

A vulnerability in the 802.11 association frame validation of Cisco Catalyst 9100 Series Access Points (APs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device.

6.5
2022-09-30 CVE-2022-40923 Lief Project Unspecified vulnerability in Lief-Project Lief 0.12.1

A vulnerability in the LIEF::MachO::SegmentCommand::virtual_address function of LIEF v0.12.1 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted MachO file.

6.5
2022-09-29 CVE-2022-39254 Matrix NIO Project Unspecified vulnerability in Matrix-Nio Project Matrix-Nio

matrix-nio is a Python Matrix client library, designed according to sans I/O principles.

6.5
2022-09-29 CVE-2012-4818 IBM Unspecified vulnerability in IBM Infosphere Information Server 8.1/8.5/8.7

IBM InfoSphere Information Server 8.1, 8.5, and 8,7 could allow a remote authenticated attacker to obtain sensitive information, caused by improper restrictions on directories.

6.5
2022-09-29 CVE-2021-40693 Moodle Improper Authentication vulnerability in Moodle

An authentication bypass risk was identified in the external database authentication functionality, due to a type juggling vulnerability.

6.5
2022-09-29 CVE-2021-42049 Mediawiki Unspecified vulnerability in Mediawiki

An issue was discovered in the Translate extension in MediaWiki through 1.36.2.

6.5
2022-09-29 CVE-2021-43403 Fusionpbx Unspecified vulnerability in Fusionpbx

An issue was discovered in FusionPBX before 4.5.30.

6.5
2022-09-29 CVE-2021-45789 Metersphere Unspecified vulnerability in Metersphere 1.15.4

An arbitrary file read vulnerability was found in Metersphere v1.15.4, where authenticated users can read any file on the server via the file download function.

6.5
2022-09-29 CVE-2022-35888 Amperecomputing Information Exposure Through Discrepancy vulnerability in Amperecomputing products

Ampere Altra and Ampere Altra Max devices through 2022-07-15 allow attacks via Hertzbleed, which is a power side-channel attack that extracts secret information from the CPU by correlating the power consumption with data being processed on the system.

6.5
2022-09-28 CVE-2022-31629 PHP
Fedoraproject
Debian
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.
6.5
2022-09-28 CVE-2022-3287 Fwupd Files or Directories Accessible to External Parties vulnerability in Fwupd

When creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated password to /etc/fwupd/redfish.conf without proper restriction, allowing any user on the system to read the same configuration file.

6.5
2022-09-28 CVE-2022-35282 IBM Server-Side Request Forgery (SSRF) vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to server-side request forgery (SSRF).

6.5
2022-09-28 CVE-2022-36771 IBM Unspecified vulnerability in IBM Qradar User Behavior Analytics 1.0.0/4.1.0/4.1.1

IBM QRadar User Behavior Analytics could allow an authenticated user to obtain sensitive information from that they should not have access to.

6.5
2022-09-28 CVE-2022-39029 Lcnet Incorrect Authorization vulnerability in Lcnet Smart Evision

Smart eVision has inadequate authorization for the database query function.

6.5
2022-09-28 CVE-2022-39034 Lcnet Path Traversal vulnerability in Lcnet Smart Evision 2022.03.21

Smart eVision has a path traversal vulnerability in the Report API function due to insufficient filtering for special characters in URLs.

6.5
2022-09-27 CVE-2022-40816 Zammad Incorrect Authorization vulnerability in Zammad 5.2.0/5.2.1

Zammad 5.2.1 is vulnerable to Incorrect Access Control.

6.5
2022-09-26 CVE-2022-2856 Google
Fedoraproject
Improper Input Validation vulnerability in multiple products

Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker to arbitrarily browse to a malicious website via a crafted HTML page.

6.5
2022-09-26 CVE-2022-2860 Google
Fedoraproject
Insufficient policy enforcement in Cookies in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to bypass cookie prefix restrictions via a crafted HTML page.
6.5
2022-09-26 CVE-2022-2861 Google
Fedoraproject
Cross-site Scripting vulnerability in multiple products

Inappropriate implementation in Extensions API in Google Chrome prior to 104.0.5112.101 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts into WebUI via a crafted HTML page.

6.5
2022-09-26 CVE-2022-3044 Google
Fedoraproject
Inappropriate implementation in Site Isolation in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.
6.5
2022-09-26 CVE-2022-3047 Google
Fedoraproject
Insufficient policy enforcement in Extensions API in Google Chrome prior to 105.0.5195.52 allowed an attacker who convinced a user to install a malicious extension to bypass downloads policy via a crafted HTML page.
6.5
2022-09-26 CVE-2022-3054 Google
Fedoraproject
Insufficient policy enforcement in DevTools in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
6.5
2022-09-26 CVE-2022-3056 Google
Fedoraproject
Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to bypass content security policy via a crafted HTML page.
6.5
2022-09-26 CVE-2022-3057 Google
Fedoraproject
Inappropriate implementation in iframe Sandbox in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
6.5
2022-09-26 CVE-2021-41437 Asus Injection vulnerability in Asus Rt-Ax88U Firmware

An HTTP response splitting attack in web application in ASUS RT-AX88U before v3.0.0.4.388.20558 allows an attacker to craft a specific URL that if an authenticated victim visits it, the URL will give access to the cloud storage of the attacker.

6.5
2022-09-26 CVE-2022-39219 Xbifrost Improper Authentication vulnerability in Xbifrost Bifrost

Bifrost is a middleware package which can synchronize MySQL/MariaDB binlog data to other types of databases.

6.5
2022-09-26 CVE-2022-3299 Open5Gs Improper Resource Shutdown or Release vulnerability in Open5Gs

A vulnerability was found in Open5GS up to 2.4.10.

6.5
2022-09-26 CVE-2022-38970 Iegeek
Hipcam
Use of Insufficiently Random Values vulnerability in multiple products

ieGeek IG20 hipcam RealServer V1.0 is vulnerable to Incorrect Access Control.

6.5
2022-09-29 CVE-2014-0147 Qemu
Fedoraproject
Redhat
Integer Overflow or Wraparound vulnerability in multiple products

Qemu before 1.6.2 block diver for the various disk image formats used by Bochs and for the QCOW version 2 format, are vulnerable to a possible crash caused by signed data types or a logic error while creating QCOW2 snapshots, which leads to incorrectly calling update_refcount() routine.

6.2
2022-09-30 CVE-2022-35155 Phpgurukul Cross-site Scripting vulnerability in PHPgurukul BUS Pass Management System 1.0

Bus Pass Management System v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the searchdata parameter.

6.1
2022-09-30 CVE-2021-36855 Bookingultrapro Cross-site Scripting vulnerability in Bookingultrapro Booking Ultra PRO Appointments Booking Calendar

Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability in Booking Ultra Pro plugin <= 1.1.4 at WordPress.

6.1
2022-09-30 CVE-2022-36965 Solarwinds Cross-site Scripting vulnerability in Solarwinds Platform 2022.2.0

Insufficient sanitization of inputs in QoE application input field could lead to stored and Dom based XSS attack.

6.1
2022-09-30 CVE-2022-37461 Canon Cross-site Scripting vulnerability in Canon Medical Vitrea View

Multiple cross-site scripting (XSS) vulnerabilities in Canon Medical Vitrea View 7.x before 7.7.6 allow remote attackers to inject arbitrary web script or HTML via (1) the input after the error subdirectory to the /vitrea-view/error/ subdirectory, or the (2) groupID, (3) offset, or (4) limit parameter to an Administrative Panel (Group and Users) page.

6.1
2022-09-29 CVE-2022-40879 Keking Cross-site Scripting vulnerability in Keking Kkfileview 4.1.0

kkFileView v4.1.0 is vulnerable to Cross Site Scripting (XSS) via the parameter 'errorMsg.'

6.1
2022-09-29 CVE-2022-40931 Dutchcoders Cross-site Scripting vulnerability in Dutchcoders Transfer.Sh 1.4.0

dutchcoders Transfer.sh 1.4.0 is vulnerable to Cross Site Scripting (XSS).

6.1
2022-09-29 CVE-2012-2160 IBM Cross-site Scripting vulnerability in IBM Rational Change 5.3

IBM Rational Change 5.3 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input.

6.1
2022-09-29 CVE-2020-15339 Zyxel Cross-site Scripting vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows live/CPEManager/AXCampaignManager/handle_campaign_script_link?script_name= XSS.

6.1
2022-09-29 CVE-2021-42046 Mediawiki Cross-site Scripting vulnerability in Mediawiki

An issue was discovered in the GlobalWatchlist extension in MediaWiki through 1.36.2.

6.1
2022-09-29 CVE-2021-45843 Glfusion Cross-site Scripting vulnerability in Glfusion 1.7.9

glFusion CMS v1.7.9 is affected by a reflected Cross Site Scripting (XSS) vulnerability.

6.1
2022-09-28 CVE-2022-3193 Ovirt Cross-site Scripting vulnerability in Ovirt Ovirt-Engine 4.3.0

An HTML injection/reflected Cross-site scripting (XSS) vulnerability was found in the ovirt-engine.

6.1
2022-09-28 CVE-2022-28816 Gavazziautomation Cross-site Scripting vulnerability in Gavazziautomation products

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 the Sentilo Proxy is prone to reflected XSS which only affects the Sentilo service.

6.1
2022-09-28 CVE-2022-40912 Etaplighting Cross-site Scripting vulnerability in Etaplighting Etap Safety Manager 1.0.0.32

ETAP Lighting International NV ETAP Safety Manager 1.0.0.32 is vulnerable to Cross Site Scripting (XSS).

6.1
2022-09-28 CVE-2022-39035 Lcnet Cross-site Scripting vulnerability in Lcnet Smart Evision 2022.02.21

Smart eVision has insufficient filtering for special characters in the POST Data parameter in the specific function.

6.1
2022-09-28 CVE-2022-39053 Heimavista Cross-site Scripting vulnerability in Heimavista Dark Horse Rpage

Heimavista Rpage has insufficient filtering for platform web URL.

6.1
2022-09-28 CVE-2022-39054 Cowell Enterprise Travel Management System Project Cross-site Scripting vulnerability in Cowell Enterprise Travel Management System Project Cowell Enterprise Travel Management System

Cowell enterprise travel management system has insufficient filtering for special characters within web URL.

6.1
2022-09-26 CVE-2022-2404 Themehunk Cross-site Scripting vulnerability in Themehunk WP Popup Builder

The WP Popup Builder WordPress plugin before 1.2.9 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting

6.1
2022-09-26 CVE-2022-38553 Creativeitem Cross-site Scripting vulnerability in Creativeitem Academy Learning Management System

Academy Learning Management System before v5.9.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the Search parameter.

6.1
2022-09-26 CVE-2022-21169 Express XSS Sanitizer Project Unspecified vulnerability in Express XSS Sanitizer Project Express XSS Sanitizer

The package express-xss-sanitizer before 1.1.3 are vulnerable to Prototype Pollution via the allowedTags attribute, allowing the attacker to bypass xss sanitization.

6.1
2022-09-30 CVE-2022-32540 Bosch Information Exposure vulnerability in Bosch products

Information Disclosure in Operator Client application in BVMS 10.1.1, 11.0 and 11.1.0 and VIDEOJET Decoder VJD-7513 versions 10.23 and 10.30 allows man-in-the-middle attacker to compromise confidential video stream.

5.9
2022-09-28 CVE-2022-39264 Nheko Reborn
Fedoraproject
Improper Certificate Validation vulnerability in multiple products

nheko is a desktop client for the Matrix communication application.

5.9
2022-09-28 CVE-2022-38699 Asus Link Following vulnerability in Asus Armoury Crate Service

Armoury Crate Service’s logging function has insufficient validation to check if the log file is a symbolic link.

5.9
2022-09-30 CVE-2022-41841 Axiosys NULL Pointer Dereference vulnerability in Axiosys Bento4

An issue was discovered in Bento4 through 1.6.0-639.

5.5
2022-09-30 CVE-2022-41842 Xpdfreader Out-of-bounds Write vulnerability in Xpdfreader Xpdf 4.04

An issue was discovered in Xpdf 4.04.

5.5
2022-09-30 CVE-2022-41843 Xpdfreader NULL Pointer Dereference vulnerability in Xpdfreader Xpdf 4.04

An issue was discovered in Xpdf 4.04.

5.5
2022-09-30 CVE-2022-41844 Xpdfreader Out-of-bounds Write vulnerability in Xpdfreader Xpdf 4.04

An issue was discovered in Xpdf 4.04.

5.5
2022-09-30 CVE-2022-41845 Axiosys Allocation of Resources Without Limits or Throttling vulnerability in Axiosys Bento4 1.6.0639

An issue was discovered in Bento4 1.6.0-639.

5.5
2022-09-30 CVE-2022-41846 Axiosys Allocation of Resources Without Limits or Throttling vulnerability in Axiosys Bento4 1.6.0639

An issue was discovered in Bento4 1.6.0-639.

5.5
2022-09-30 CVE-2022-41847 Axiosys Memory Leak vulnerability in Axiosys Bento4 1.6.0639

An issue was discovered in Bento4 1.6.0-639.

5.5
2022-09-29 CVE-2022-40363 Flipperzero Out-of-bounds Write vulnerability in Flipperzero Flipper Zero Firmware

A buffer overflow in the component nfc_device_load_mifare_ul_data of Flipper Devices Inc., Flipper Zero before v0.65.2 allows attackers to cause a Denial of Service (DoS) via a crafted NFC file.

5.5
2022-09-29 CVE-2014-0148 Qemu
Redhat
Infinite Loop vulnerability in multiple products

Qemu before 2.0 block driver for Hyper-V VHDX Images is vulnerable to infinite loops and other potential issues when calculating BAT entries, due to missing bounds checks for block_size and logical_sector_size variables.

5.5
2022-09-29 CVE-2015-1931 IBM
Suse
Redhat
Cleartext Storage of Sensitive Information vulnerability in multiple products

IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores plaintext information in memory dumps, which allows local users to obtain sensitive information by reading a file.

5.5
2022-09-29 CVE-2022-1725 VIM
Apple
NULL Pointer Dereference vulnerability in multiple products

NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4959.

5.5
2022-09-28 CVE-2022-31628 PHP
Fedoraproject
Debian
Infinite Loop vulnerability in multiple products

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.

5.5
2022-09-30 CVE-2022-21826 Pulsesecure
Ivanti
HTTP Request Smuggling vulnerability in multiple products

Pulse Secure version 9.115 and below may be susceptible to client-side http request smuggling, When the application receives a POST request, it ignores the request's Content-Length header and leaves the POST body on the TCP/TLS socket.

5.4
2022-09-30 CVE-2022-28851 Adobe Cross-site Scripting vulnerability in Adobe Experience Manager

Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability.

5.4
2022-09-29 CVE-2022-35137 Dgiotcloud Cross-site Scripting vulnerability in Dgiotcloud Dgiot 4.5.4

DGIOT Lightweight industrial IoT v4.5.4 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities.

5.4
2022-09-29 CVE-2022-40408 Feehi Cross-site Scripting vulnerability in Feehi Feehicms 2.1.1

FeehiCMS v2.1.1 was discovered to contain a cross-site scripting (XSS) vulnerability via a crafted payload injected into the Comment box under the Single Page module.

5.4
2022-09-29 CVE-2022-3355 Inventree Project Cross-site Scripting vulnerability in Inventree Project Inventree

Cross-site Scripting (XSS) - Stored in GitHub repository inventree/inventree prior to 0.8.3.

5.4
2022-09-29 CVE-2021-42045 Mediawiki Cross-site Scripting vulnerability in Mediawiki

An issue was discovered in SecurePoll in the Growth extension in MediaWiki through 1.36.2.

5.4
2022-09-29 CVE-2021-42047 Mediawiki Cross-site Scripting vulnerability in Mediawiki

An issue was discovered in the Growth extension in MediaWiki through 1.36.2.

5.4
2022-09-29 CVE-2022-1719 Trudesk Project Cross-site Scripting vulnerability in Trudesk Project Trudesk

Reflected XSS on ticket filter function in GitHub repository polonel/trudesk prior to 1.2.2.

5.4
2022-09-28 CVE-2021-41434 Expense Management System Project Cross-site Scripting vulnerability in Expense Management System Project Expense Management System 1.0

A stored Cross-Site Scripting (XSS) vulnerability exists in version 1.0 of the Expense Management System application that allows for arbitrary execution of JavaScript commands through index.php.

5.4
2022-09-28 CVE-2022-22387 IBM Cross-site Scripting vulnerability in IBM Application Gateway 1.0

IBM Application Gateway is vulnerable to cross-site scripting.

5.4
2022-09-28 CVE-2022-35722 IBM Cross-site Scripting vulnerability in IBM Jazz for Service Management

IBM Jazz for Service Management is vulnerable to stored cross-site scripting.

5.4
2022-09-28 CVE-2022-3333 Zephyr ONE Improper Enforcement of Message or Data Structure vulnerability in Zephyr-One Zephyr Project Manager

A vulnerability, which was classified as problematic, was found in Zephyr Project Manager up to 3.2.4.

5.4
2022-09-27 CVE-2022-37028 Iris Cross-site Scripting vulnerability in Iris Isams 22.2.3.2

ISAMS 22.2.3.2 is prone to stored Cross-site Scripting (XSS) attack on the title field for groups, allowing an attacker to store a JavaScript payload that will be executed when another user uses the application.

5.4
2022-09-27 CVE-2022-38335 Vtiger Cross-site Scripting vulnerability in Vtiger CRM

Vtiger CRM v7.4.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the e-mail template modules.

5.4
2022-09-27 CVE-2022-38975 EC Cube Cross-site Scripting vulnerability in Ec-Cube

DOM-based cross-site scripting vulnerability in EC-CUBE 4 series (EC-CUBE 4.0.0 to 4.1.2) allows a remote attacker to inject an arbitrary script by having an administrative user of the product to visit a specially crafted page.

5.4
2022-09-26 CVE-2022-30003 Online Market Place Site Project Cross-site Scripting vulnerability in Online Market Place Site Project Online Market Place Site 1.0

Sourcecodester Online Market Place Site 1.0 is vulnerable to Cross Site Scripting (XSS), allowing attackers to register as a Seller then create new products containing XSS payloads in the 'Product Title' and 'Short Description' fields.

5.4
2022-09-26 CVE-2022-3201 Google
Fedoraproject
Debian
Improper Input Validation vulnerability in multiple products

Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page.

5.4
2022-09-26 CVE-2022-40044 Centreon Cross-site Scripting vulnerability in Centreon 20.10.18

Centreon v20.10.18 was discovered to contain a cross-site scripting (XSS) vulnerability via the esc_name (Escalation Name) parameter at Configuration/Notifications/Escalations.

5.4
2022-09-26 CVE-2022-1755 Benbodhi Cross-site Scripting vulnerability in Benbodhi SVG Support

The SVG Support WordPress plugin before 2.5 does not properly handle SVG added via an URL, which could allow users with a role as low as author to perform Cross-Site Scripting attacks

5.4
2022-09-26 CVE-2022-3024 Simple Bitcoin Faucets Project Incorrect Authorization vulnerability in Simple Bitcoin Faucets Project Simple Bitcoin Faucets

The Simple Bitcoin Faucets WordPress plugin through 1.7.0 does not have any authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscribers to call it and add/delete/edit Bonds.

5.4
2022-09-26 CVE-2022-3025 Bitcoin Altcoin Faucet Project Cross-site Scripting vulnerability in Bitcoin/Altcoin Faucet Project Bitcoin/Altcoin Faucet

The Bitcoin / Altcoin Faucet WordPress plugin through 1.6.0 does not have any CSRF check when saving its settings, allowing attacker to make a logged in admin change them via a CSRF attack.

5.4
2022-09-30 CVE-2022-20844 Cisco Use of Hard-coded Credentials vulnerability in Cisco Sd-Wan

A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control (SD-AVC) on Cisco vManage could allow an unauthenticated, remote attacker to access the GUI of Cisco SD-AVC using a default static username and password combination.

5.3
2022-09-29 CVE-2020-15325 Zyxel Cleartext Storage of Sensitive Information vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded Erlang cookie for ejabberd replication.

5.3
2022-09-29 CVE-2020-15326 Zyxel Use of Hard-coded Credentials vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded certificate for Ejabberd in ejabberd.pem.

5.3
2022-09-29 CVE-2020-15328 Zyxel Incorrect Permission Assignment for Critical Resource vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak /opt/axess/var/blobstorage/ permissions.

5.3
2022-09-29 CVE-2020-15329 Zyxel Incorrect Permission Assignment for Critical Resource vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak Data.fs permissions.

5.3
2022-09-29 CVE-2020-15330 Zyxel Missing Encryption of Sensitive Data vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded APP_KEY in /opt/axess/etc/default/axess.

5.3
2022-09-29 CVE-2020-15333 Zyxel SQL Injection vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows attackers to discover accounts via MySQL "select * from Administrator_users" and "select * from Users_users" requests.

5.3
2022-09-29 CVE-2020-15334 Zyxel Unspecified vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows escape-sequence injection into the /var/log/axxmpp.log file.

5.3
2022-09-29 CVE-2020-15337 Zyxel Missing Authorization vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a "Use of GET Request Method With Sensitive Query Strings" issue for /registerCpe requests.

5.3
2022-09-29 CVE-2020-15338 Zyxel Missing Authorization vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a "Use of GET Request Method With Sensitive Query Strings" issue for /cnr requests.

5.3
2022-09-29 CVE-2020-15342 Zyxel Missing Encryption of Sensitive Data vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_install_user API.

5.3
2022-09-29 CVE-2020-15343 Zyxel Missing Encryption of Sensitive Data vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_install_user_key API.

5.3
2022-09-29 CVE-2020-15344 Zyxel Missing Encryption of Sensitive Data vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_get_user_id_and_key API.

5.3
2022-09-29 CVE-2020-15345 Zyxel Missing Encryption of Sensitive Data vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_get_instances_for_update API.

5.3
2022-09-29 CVE-2020-15346 Zyxel Missing Encryption of Sensitive Data vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a /live/GLOBALS API with the CLOUDCNM key.

5.3
2022-09-28 CVE-2022-23716 Elastic Information Exposure Through Log Files vulnerability in Elastic Cloud Enterprise

A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing private key used for the RBAC features, in deployment logs in the Logging and Monitoring cluster.

5.3
2022-09-28 CVE-2022-36781 Connectwise Improper Restriction of Excessive Authentication Attempts vulnerability in Connectwise Screenconnect

ConnectWise ScreenConnect versions 22.6 and below contained a flaw allowing potential brute force attacks on custom access tokens due to inadequate rate-limiting controls in the default configuration.

5.3
2022-09-28 CVE-2022-39246 Matrix Key Exchange without Entity Authentication vulnerability in Matrix Software Development KIT

matrix-android-sdk2 is the Matrix SDK for Android.

5.3
2022-09-28 CVE-2022-39236 Matrix Unspecified vulnerability in Matrix Javascript SDK

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript.

5.3
2022-09-28 CVE-2022-39031 Lcnet Incorrect Authorization vulnerability in Lcnet Smart Evision 2022.02.21

Smart eVision has insufficient authorization for task acquisition function.

5.3
2022-09-27 CVE-2022-39835 Gajim Unspecified vulnerability in Gajim

An issue was discovered in Gajim through 1.4.7.

5.3
2022-09-26 CVE-2022-1613 10Up Authorization Bypass Through User-Controlled Key vulnerability in 10Up Restricted Site Access

The Restricted Site Access WordPress plugin before 7.3.2 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based limitations in certain situations.

5.3
2022-09-30 CVE-2022-23726 Pingidentity Incorrect Permission Assignment for Critical Resource vulnerability in Pingidentity Pingcentral

PingCentral versions prior to listed versions expose Spring Boot actuator endpoints that with administrative authentication return large amounts of sensitive environmental and application information.

4.9
2022-09-30 CVE-2022-2922 Dnnsoftware Path Traversal vulnerability in Dnnsoftware Dotnetnuke

Relative Path Traversal in GitHub repository dnnsoftware/dnn.platform prior to 9.11.0.

4.9
2022-09-29 CVE-2021-40694 Moodle Improper Encoding or Escaping of Output vulnerability in Moodle

Insufficient escaping of the LaTeX preamble made it possible for site administrators to read files available to the HTTP server system account.

4.9
2022-09-28 CVE-2022-29089 Dell Insufficiently Protected Credentials vulnerability in Dell Smartfabric Os10

Dell Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an information disclosure vulnerability.

4.9
2022-09-28 CVE-2022-3348 Tooljet Information Exposure vulnerability in Tooljet

Just like in the previous report, an attacker could steal the account of different users.

4.9
2022-09-26 CVE-2021-28052 Hitach Missing Authorization vulnerability in Hitach Vantara

A tenant administrator Hitachi Content Platform (HCP) may modify the configuration in another tenant without authorization, potentially allowing unauthorized access to data in the other tenant.

4.9
2022-09-26 CVE-2022-2926 Adobe Path Traversal vulnerability in Adobe Download Manager

The Download Manager WordPress plugin before 3.2.55 does not validate one of its settings, which could allow high privilege users such as admin to list and read arbitrary files and folders outside of the blog directory

4.9
2022-09-30 CVE-2021-36830 Comment Guestbook Project Cross-site Scripting vulnerability in Comment Guestbook Project Comment Guestbook

Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Comment Guestbook plugin <= 0.8.0 at WordPress.

4.8
2022-09-30 CVE-2021-36839 Spacexchimp Cross-site Scripting vulnerability in Spacexchimp Social Media Follow Buttons BAR

Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Social Media Follow Buttons Bar plugin <= 4.73 at WordPress.

4.8
2022-09-29 CVE-2021-42048 Mediawiki Cross-site Scripting vulnerability in Mediawiki

An issue was discovered in the Growth extension in MediaWiki through 1.36.2.

4.8
2022-09-30 CVE-2022-20728 Cisco Unspecified vulnerability in Cisco products

A vulnerability in the client forwarding code of multiple Cisco Access Points (APs) could allow an unauthenticated, adjacent attacker to inject packets from the native VLAN to clients within nonnative VLANs on an affected device.

4.7
2022-09-30 CVE-2022-41850 Linux
Debian
Use After Free vulnerability in multiple products

roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress.

4.7
2022-09-27 CVE-2022-3303 Linux
Debian
Improper Locking vulnerability in multiple products

A race condition flaw was found in the Linux kernel sound subsystem due to improper locking.

4.7
2022-09-27 CVE-2021-27854 Ieee
Ietf
Authentication Bypass by Spoofing vulnerability in multiple products

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using combinations of VLAN 0 headers, LLC/SNAP headers, and converting frames from Ethernet to Wifi and its reverse.

4.7
2022-09-27 CVE-2021-27861 Ieee
Ietf
Authentication Bypass by Spoofing vulnerability in multiple products

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length (and optionally VLAN0 headers)

4.7
2022-09-27 CVE-2021-27862 Ieee
Ietf
Authentication Bypass by Spoofing vulnerability in multiple products

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length and Ethernet to Wifi frame conversion (and optionally VLAN0 headers).

4.7
2022-09-27 CVE-2021-27853 Ieee
Ietf
Cisco
Authentication Bypass by Spoofing vulnerability in multiple products

Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers.

4.7
2022-09-28 CVE-2022-3292 Ikus Soft Information Exposure Through Caching vulnerability in Ikus-Soft Rdiffweb

Use of Cache Containing Sensitive Information in GitHub repository ikus060/rdiffweb prior to 2.4.8.

4.6
2022-09-30 CVE-2021-36865 Quizandsurveymaster Authorization Bypass Through User-Controlled Key vulnerability in Quizandsurveymaster Quiz and Survey Master

Insecure direct object references (IDOR) vulnerability in ExpressTech Quiz And Survey Master plugin <= 7.3.4 at WordPress allows attackers to change the content of the quiz.

4.3
2022-09-30 CVE-2022-40316 Moodle
Fedoraproject
Missing Authorization vulnerability in multiple products

The H5P activity attempts report did not filter by groups, which in separate groups mode could reveal information to non-editing teachers about attempts/users in groups they should not have access to.

4.3
2022-09-29 CVE-2022-39232 Discourse Unspecified vulnerability in Discourse 2.9.0

Discourse is an open source discussion platform.

4.3
2022-09-29 CVE-2022-36068 Discourse Missing Authorization vulnerability in Discourse

Discourse is an open source discussion platform.

4.3
2022-09-29 CVE-2022-39226 Discourse Allocation of Resources Without Limits or Throttling vulnerability in Discourse

Discourse is an open source discussion platform.

4.3
2022-09-29 CVE-2011-4820 IBM Unspecified vulnerability in IBM Rational Asset Manager 7.5

IBM Rational Asset Manager 7.5 could allow a remote attacker to bypass security restrictions.

4.3
2022-09-29 CVE-2021-40691 Moodle Unspecified vulnerability in Moodle

A session hijack risk was identified in the Shibboleth authentication plugin.

4.3
2022-09-29 CVE-2021-40692 Moodle Incorrect Authorization vulnerability in Moodle

Insufficient capability checks made it possible for teachers to download users outside of their courses.

4.3
2022-09-29 CVE-2021-40695 Moodle Unspecified vulnerability in Moodle

It was possible for a student to view their quiz grade before it had been released, using a quiz web service.

4.3
2022-09-29 CVE-2022-3326 Ikus Soft Weak Password Requirements vulnerability in Ikus-Soft Rdiffweb

Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.9.

4.3
2022-09-28 CVE-2022-2760 Octopus Information Exposure Through an Error Message vulnerability in Octopus Server

In affected versions of Octopus Deploy it is possible to reveal the Space ID of spaces that the user does not have access to view in an error message when a resource is part of another Space.

4.3
2022-09-27 CVE-2022-40817 Zammad Incorrect Permission Assignment for Critical Resource vulnerability in Zammad 5.2.0/5.2.1

Zammad 5.2.1 has a fine-grained permission model that allows to configure read-only access to tickets.

4.3
2022-09-26 CVE-2022-3053 Google
Fedoraproject
Inappropriate implementation in Pointer Lock in Google Chrome on Mac prior to 105.0.5195.52 allowed a remote attacker to restrict user navigation via a crafted HTML page.
4.3
2022-09-26 CVE-2022-2405 Themehunk Missing Authorization vulnerability in Themehunk WP Popup Builder

The WP Popup Builder WordPress plugin before 1.2.9 does not have authorisation and CSRF check in an AJAX action, allowing any authenticated users, such as subscribers to delete arbitrary Popup

4.3
2022-09-30 CVE-2022-41848 Linux Use After Free vulnerability in Linux Kernel

drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling ioctl, aka a race condition between mgslpc_ioctl and mgslpc_detach.

4.2
2022-09-30 CVE-2022-41849 Linux
Debian
Use After Free vulnerability in multiple products

drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect.

4.2

11 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2022-09-28 CVE-2022-34394 Dell Improper Certificate Validation vulnerability in Dell Smartfabric Os10 10.5.3.4

Dell OS10, version 10.5.3.4, contains an Improper Certificate Validation vulnerability in Support Assist.

3.7
2022-09-28 CVE-2021-43980 Apache
Debian
Race Condition vulnerability in multiple products

The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing (but extremely hard to trigger) concurrency bug in Apache Tomcat 10.1.0 to 10.1.0-M12, 10.0.0-M1 to 10.0.18, 9.0.0-M1 to 9.0.60 and 8.5.0 to 8.5.77 that could cause client connections to share an Http11Processor instance resulting in responses, or part responses, to be received by the wrong client.

3.7
2022-09-29 CVE-2020-27601 Bigbluebutton Exposure of Resource to Wrong Sphere vulnerability in Bigbluebutton

In BigBlueButton before 2.2.7, lockSettingsProps.disablePrivateChat does not apply to already opened chats.

3.5
2022-09-28 CVE-2022-40707 Trendmicro Out-of-bounds Read vulnerability in Trendmicro Deep Security Agent 20.0

An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations.

3.3
2022-09-28 CVE-2022-40708 Trendmicro Out-of-bounds Read vulnerability in Trendmicro Deep Security Agent 20.0

An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations.

3.3
2022-09-28 CVE-2022-40709 Trendmicro Out-of-bounds Read vulnerability in Trendmicro Deep Security Agent 20.0

An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations.

3.3
2022-09-28 CVE-2022-38934 Toaruos Out-of-bounds Read vulnerability in Toaruos 2.0.1

readelf in ToaruOS 2.0.1 has some arbitrary address read vulnerabilities when parsing a crafted ELF file.

3.3
2022-09-30 CVE-2022-34428 Dell Unspecified vulnerability in Dell Hybrid Client

Dell Hybrid Client prior to version 1.8 contains a Regular Expression Denial of Service Vulnerability in the UI.

2.7
2022-09-28 CVE-2022-28815 Gavazziautomation SQL Injection vulnerability in Gavazziautomation products

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 the Sentilo Proxy server was discovered to contain a SQL injection vulnerability allowing an attacker to query other tables of the Sentilo service.

2.7
2022-09-27 CVE-2022-40199 EC Cube Path Traversal vulnerability in Ec-Cube

Directory traversal vulnerability in EC-CUBE 3 series (EC-CUBE 3.0.0 to 3.0.18-p4 ) and EC-CUBE 4 series (EC-CUBE 4.0.0 to 4.1.2) allows a remote authenticated attacker with an administrative privilege to obtain the product's directory structure information.

2.7
2022-09-26 CVE-2022-3301 Ikus Soft Improper Cleanup on Thrown Exception vulnerability in Ikus-Soft Rdiffweb

Improper Cleanup on Thrown Exception in GitHub repository ikus060/rdiffweb prior to 2.4.8.

2.4