Vulnerability Summary for the Week of December 19, 2022

Released
Dec 28, 2022
Document ID
SB22-361

The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High: vulnerabilities with a CVSS base score of 7.0–10.0
  • Medium: vulnerabilities with a CVSS base score of 4.0–6.9
  • Low: vulnerabilities with a CVSS base score of 0.0–3.9

Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis. 

 

High Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
greenend -- sftpserver** DISPUTED ** A vulnerability was found in ewxrjk sftpserver. It has been declared as problematic. Affected by this vulnerability is the function sftp_parse_path of the file parse.c. The manipulation leads to uninitialized pointer. The real existence of this vulnerability is still doubted at the moment. The name of the patch is bf4032f34832ee11d79aa60a226cc018e7ec5eed. It is recommended to apply a patch to fix this issue. The identifier VDB-216205 was assigned to this vulnerability. NOTE: In some deployment models this would be a vulnerability. README specifically warns about avoiding such deployment models.2022-12-189.8CVE-2020-36617
N/A
N/A
online_grading_system_project -- online_grading_systemA SQL injection vulnerability in Sourcecodester Online Grading System 1.0 allows remote attackers to execute arbitrary SQL commands via the uname parameter.2022-12-169.8CVE-2021-31650
MISC
ruoyi -- ruoyiDeserialization issue discovered in Ruoyi before 4.6.1 allows remote attackers to run arbitrary code via weak cipher in Shiro framework.2022-12-169.8CVE-2021-38241
MISC
lmeve_project -- lmeveA vulnerability was found in roxlukas LMeve and classified as critical. Affected by this issue is some unknown functionality of the component Login Page. The manipulation of the argument X-Forwarded-For leads to sql injection. The attack may be launched remotely. The name of the patch is 29e1ead3bb1c1fad53b77dfc14534496421c5b5d. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216176.2022-12-179.8CVE-2021-4246
N/A
N/A
kapetan_dns_project -- kapetan_dnsA vulnerability was found in kapetan dns up to 6.1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file DNS/Protocol/Request.cs. The manipulation leads to insufficient entropy in prng. The attack may be launched remotely. Upgrading to version 7.0.0 is able to address this issue. The name of the patch is cf7105aa2aae90d6656088fe5a8ee1d5730773b6. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216188.2022-12-189.8CVE-2021-4248
N/A
N/A
N/A
N/A
mozilla -- firefoxThe search term could have been specified externally to trigger SQL injection. This vulnerability affects Firefox for iOS < 101.2022-12-229.8CVE-2022-1887
MISC
MISC
mutiny -- mutinyMutiny 7.2.0-10788 suffers from Hardcoded root password.2022-12-169.8CVE-2022-37832
MISC
beardev -- joomsportThe JoomSport WordPress plugin before 5.2.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users2022-12-199.8CVE-2022-4050
MISC
pluginus -- inpost_galleryThe InPost Gallery WordPress plugin before 2.1.4.1 insecurely uses PHP's extract() function when rendering HTML views, allowing attackers to force the inclusion of malicious files & URLs, which may enable them to run code on servers.2022-12-199.8CVE-2022-4063
MISC
google -- androidProduct: AndroidVersions: Android kernelAndroid ID: A-235292841References: N/A2022-12-169.8CVE-2022-42529
MISC
contec -- conprosys_hmi_systemCONPROSYS HMI System (CHS) Ver.3.4.4?and earlier allows a remote unauthenticated attacker to execute an arbitrary OS command on the server where the product is running by sending a specially crafted request.2022-12-199.8CVE-2022-44456
MISC
MISC
MISC
ruoyi_project -- ruoyiA vulnerability, which was classified as critical, has been found in y_project RuoYi 4.7.5. This issue affects some unknown processing of the file com/ruoyi/generator/controller/GenController. The manipulation leads to sql injection. The name of the patch is 167970e5c4da7bb46217f576dc50622b83f32b40. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-215975.2022-12-169.8CVE-2022-4566
MISC
MISC
MISC
MISC
crmx_project -- crmxA vulnerability was found in luckyshot CRMx and classified as critical. This issue affects the function get/save/delete/comment/commentdelete of the file index.php. The manipulation leads to sql injection. The attack may be initiated remotely. The name of the patch is 8c62d274986137d6a1d06958a6f75c3553f45f8f. It is recommended to apply a patch to fix this issue. The identifier VDB-216185 was assigned to this vulnerability.2022-12-189.8CVE-2022-4592
N/A
N/A
tjws2_project -- tjws2A vulnerability was found in drogatkin TJWS2. It has been declared as critical. Affected by this vulnerability is the function deployWar of the file 1.x/src/rogatkin/web/WarRoller.java. The manipulation leads to path traversal. The attack can be launched remotely. The name of the patch is 1bac15c496ec54efe21ad7fab4e17633778582fc. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216187.2022-12-189.8CVE-2022-4594
N/A
N/A
flatpress -- flatpressPHP Remote File Inclusion in GitHub repository flatpressblog/flatpress prior to 1.3.2022-12-189.8CVE-2022-4606
CONFIRM
MISC
tum -- ogc_web_feature_serviceA vulnerability was found in 3D City Database OGC Web Feature Service up to 5.2.0. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to xml external entity reference. Upgrading to version 5.2.1 is able to address this issue. The name of the patch is 246f4e2a97ad81491c00a7ed72ce5e7c7f75050a. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216215.2022-12-189.8CVE-2022-4607
N/A
N/A
N/A
MISC
huawei -- harmonyosA thread security vulnerability exists in the authentication process. Successful exploitation of this vulnerability may affect data integrity, confidentiality, and availability.2022-12-209.8CVE-2022-46316
MISC
huawei -- harmonyosFingerprint calibration has a vulnerability of lacking boundary judgment. Successful exploitation of this vulnerability may cause out-of-bounds write.2022-12-209.8CVE-2022-46319
MISC
MISC
huawei -- harmonyosThe kernel module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may cause memory overwriting.2022-12-209.8CVE-2022-46320
MISC
MISC
huawei -- harmonyosSome smartphones have the out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause system service exceptions.2022-12-209.8CVE-2022-46323
MISC
MISC
huawei -- harmonyosSome smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions.2022-12-209.8CVE-2022-46324
MISC
MISC
huawei -- harmonyosSome smartphones have the out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause system service exceptions.2022-12-209.8CVE-2022-46325
MISC
MISC
huawei -- harmonyosSome smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions.2022-12-209.8CVE-2022-46326
MISC
MISC
huawei -- harmonyosSome smartphones have configuration issues. Successful exploitation of this vulnerability may cause privilege escalation, which results in system service exceptions.2022-12-209.8CVE-2022-46327
MISC
MISC
tenda -- f1203_firmwareTenda F1203 V2.0.1.6 was discovered to contain a command injection vulnerability via the mac parameter at /goform/WriteFacMac.2022-12-209.8CVE-2022-46538
MISC
sick -- sim2000_firmwarePassword recovery vulnerability in SICK SIM2000ST Partnumber 2086502 with firmware version <1.13.4 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. This leads to an increase in their privileges on the system and thereby affecting the confidentiality integrity and availability of the system. An attacker can expect repeatable success by exploiting the vulnerability. The recommended solution is to update the firmware to a version >= 1.13.4 as soon as possible (available in SICK Support Portal).2022-12-169.8CVE-2022-47377
MISC
ibm -- cognos_analyticsIBM Cognos Analytics 11.1.7 11.2.0, and 11.2.1 could be vulnerable to a Server-Side Request Forgery Attack (SSRF) attack by constructing URLs from user-controlled data. This could enable attackers to make arbitrary requests to the internal network or to the local file system. IBM X-Force ID: 234180.2022-12-199.1CVE-2022-38708
MISC
MISC
google -- androidIn the Pixel cellular firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with LTE authentication needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238914868References: N/A2022-12-168.8CVE-2022-20607
MISC
google -- androidIn cellular modem firmware, there is a possible out of bounds read due to a missing bounds check. This could lead to remote code execution with LTE authentication needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-240462530References: N/A2022-12-168.8CVE-2022-20610
MISC
broadcom -- symantec_identity_governance_and_administrationAn authenticated user can perform XML eXternal Entity injection in Management Console in Symantec Identity Manager 14.42022-12-168.8CVE-2022-25628
MISC
ucf -- materiaA vulnerability classified as problematic has been found in University of Central Florida Materia up to 9.0.0. This affects the function before of the file fuel/app/classes/controller/api.php of the component API Controller. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Upgrading to version 9.0.1-alpha1 is able to address this issue. The name of the patch is af259115d2e8f17068e61902151ee8a9dbac397b. It is recommended to upgrade the affected component. The identifier VDB-215973 was assigned to this vulnerability.2022-12-168.8CVE-2022-4564
N/A
N/A
N/A
MISC
axiosys -- bento4A vulnerability was found in Axiomatic Bento4. It has been rated as critical. Affected by this issue is some unknown functionality of the component mp42aac. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-216170 is the identifier assigned to this vulnerability.2022-12-178.8CVE-2022-4584
N/A
N/A
N/A
samba -- ppp** DISPUTED ** A vulnerability classified as problematic has been found in ppp. Affected is the function dumpppp of the file pppdump/pppdump.c of the component pppdump. The manipulation of the argument spkt.buf/rpkt.buf leads to improper validation of array index. The real existence of this vulnerability is still doubted at the moment. The name of the patch is a75fb7b198eed50d769c80c36629f38346882cbf. It is recommended to apply a patch to fix this issue. VDB-216198 is the identifier assigned to this vulnerability. NOTE: pppdump is not used in normal process of setting up a PPP connection, is not installed setuid-root, and is not invoked automatically in any scenario.2022-12-188.8CVE-2022-4603
N/A
N/A
wp-english-wp-admin_project -- wp-english-wp-adminA vulnerability classified as problematic was found in wp-english-wp-admin Plugin up to 1.5.1. Affected by this vulnerability is the function register_endpoints of the file english-wp-admin.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. Upgrading to version 1.5.2 is able to address this issue. The name of the patch is ad4ba171c974c65c3456e7c6228f59f40783b33d. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216199.2022-12-188.8CVE-2022-4604
N/A
N/A
MISC
xml-rpc.net_project -- xml-rpc.netAn XML external entity (XXE) injection vulnerability in XML-RPC.NET before 2.5.0 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, as demonstrated by a pingback.aspx POST request.2022-12-188.8CVE-2022-47514
MISC
MISC
open-emr -- openemrImproper Access Control in GitHub repository openemr/openemr prior to 7.0.0.2.2022-12-178.1CVE-2022-4567
CONFIRM
MISC
google -- androidIn onCreate of WifiDppConfiguratorActivity.java, there is a possible way for a guest user to add a WiFi configuration due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2247728902022-12-167.8CVE-2022-20503
MISC
google -- androidIn onCreate of WifiDialogActivity.java, there is a missing permission check. This could lead to local escalation of privilege from a guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2261330342022-12-167.8CVE-2022-20506
MISC
google -- androidIn onMulticastListUpdateNotificationReceived of UwbEventManager.java, there is a possible arbitrary code execution due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2466491792022-12-167.8CVE-2022-20507
MISC
google -- androidIn onAttach of ConfigureWifiSettings.java, there is a possible way for a guest user to change WiFi settings due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2186796142022-12-167.8CVE-2022-20508
MISC
google -- androidIn navigateUpTo of Task.java, there is a possible way to launch an intent handler with a mismatched intent due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2386028792022-12-167.8CVE-2022-20512
MISC
google -- androidIn onCreate of various files, there is a possible tapjacking/overlay attack. This could lead to local escalation of privilege or denial of server with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2272032022022-12-167.8CVE-2022-20520
MISC
google -- androidIn getSlice of ProviderModelSlice.java, there is a missing permission check. This could lead to local escalation of privilege from the guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2274708772022-12-167.8CVE-2022-20522
MISC
google -- androidIn compose of Vibrator.cpp, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2285232132022-12-167.8CVE-2022-20524
MISC
google -- androidIn SurfaceFlinger::doDump of SurfaceFlinger.cpp, there is possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2372915062022-12-167.8CVE-2022-20540
MISC
google -- androidIn multiple functions of AdapterService.java, there is a possible way to manipulate Bluetooth state due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2403017532022-12-167.8CVE-2022-20547
MISC
google -- androidIn setParameter of EqualizerEffect.cpp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2409193982022-12-167.8CVE-2022-20548
MISC
google -- androidIn Multiple Locations, there is a possibility to launch arbitrary protected activities due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2428455142022-12-167.8CVE-2022-20550
MISC
google -- androidIn TBD of aud_hal_tunnel.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222162870References: N/A2022-12-167.8CVE-2022-20561
MISC
google -- androidIn l2cap_chan_put of l2cap_core, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-165329981References: Upstream kernel2022-12-167.8CVE-2022-20566
MISC
google -- androidIn (TBD) of (TBD), there is a possible way to corrupt kernel memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-220738351References: Upstream kernel2022-12-167.8CVE-2022-20568
MISC
google -- androidIn ppmp_unprotect_mfcfw_buf of drm_fw.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-233645166References: N/A2022-12-167.8CVE-2022-20582
MISC
google -- androidIn page_number of shared_mem.c, there is a possible code execution in secure world due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238366009References: N/A2022-12-167.8CVE-2022-20584
MISC
google -- androidIn valid_out_of_special_sec_dram_addr of drm_access_control.c, there is a possible EoP due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238716781References: N/A2022-12-167.8CVE-2022-20585
MISC
google -- androidIn valid_out_of_special_sec_dram_addr of drm_access_control.c, there is a possible EoP due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238718854References: N/A2022-12-167.8CVE-2022-20586
MISC
google -- androidIn ppmp_validate_wsm of drm_fw.c, there is a possible EoP due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238720411References: N/A2022-12-167.8CVE-2022-20587
MISC
google -- androidIn ppmpu_set of ppmpu.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243480506References: N/A2022-12-167.8CVE-2022-20597
MISC
google -- androidIn sec_media_protect of media.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege of secure mode MFC Core with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242357514References: N/A2022-12-167.8CVE-2022-20598
MISC
google -- androidIn TBD of TBD, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239847859References: N/A2022-12-167.8CVE-2022-20600
MISC
datadoghq -- guarddogGuardDog is a CLI tool to identify malicious PyPI packages. Versions prior to 0.1.5 are vulnerable to Relative Path Traversal when scanning a specially-crafted local PyPI package. Running GuardDog against a specially-crafted package can allow an attacker to write an arbitrary file on the machine where GuardDog is executed due to a path traversal vulnerability when extracting the .tar.gz file of the package being scanned, which exists by design in the tarfile.TarFile.extractall function. This issue is patched in version 0.1.5.2022-12-177.8CVE-2022-23531
MISC
MISC
MISC
paxtechnology -- paydroidThe systool_server in PAX Technology A930 PayDroid 7.1.1 Virgo V04.4.02 20211201 fails to check for dollar signs or backticks in user supplied commands, leading to to arbitrary command execution as root.2022-12-167.8CVE-2022-26582
MISC
hcltech -- bigfix_platformIn specific scenarios, on Windows the operator credentials may be encrypted in a manner that is not completely machine-dependent.2022-12-197.8CVE-2022-38659
MISC
poweriso -- powerisoA memory corruption vulnerability exists in the VHD File Format parsing CXSPARSE record functionality of PowerISO PowerISO 8.3. A specially-crafted file can lead to an out-of-bounds write. A victim needs to open a malicious file to trigger this vulnerability.2022-12-167.8CVE-2022-41992
MISC
google -- androidIn mmu_map_for_fw of gs_ldfw_load.c, there is a possible mitigation bypass due to Permissive Memory Allocation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-231500967References: N/A2022-12-167.8CVE-2022-42531
MISC
google -- androidIn trusty_ffa_mem_reclaim of shared-mem-smcall.c, there is a possible privilege escalation due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237838301References: N/A2022-12-167.8CVE-2022-42534
MISC
google -- androidIn getView of AddAppNetworksFragment.java, there is a possible way to mislead the user about network add requests due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2245453902022-12-167.8CVE-2022-42544
MISC
entropymine -- dearkDeark v.1.6.2 was discovered to contain a stack overflow via the do_prism_read_palette() function at /modules/atari-img.c.2022-12-197.8CVE-2022-43289
MISC
MISC
ibm -- dominoIBM Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in CVE-2022-44754.2022-12-197.8CVE-2022-44750
MISC
ibm -- notesIBM Notes is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in CVE-2022-44755.2022-12-197.8CVE-2022-44751
MISC
ibm -- dominoIBM Domino is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted WordPerfect file.2022-12-197.8CVE-2022-44752
MISC
ibm -- notesIBM Notes is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted WordPerfect file.2022-12-197.8CVE-2022-44753
MISC
ibm -- dominoIBM Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in CVE-2022-44750.2022-12-197.8CVE-2022-44754
MISC
ibm -- notesIBM Notes is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in CVE-2022-44751.2022-12-197.8CVE-2022-44755
MISC
freedom -- securedropA vulnerability was found in Freedom of the Press SecureDrop. It has been rated as critical. Affected by this issue is some unknown functionality of the file gpg-agent.conf. The manipulation leads to symlink following. Local access is required to approach this attack. The name of the patch is b0526a06f8ca713cce74b63e00d3730618d89691. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-215972.2022-12-167.8CVE-2022-4563
N/A
N/A
N/A
linux -- linux_kernelAn issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when copying the list of operating channels from Wi-Fi management frames.2022-12-187.8CVE-2022-47518
MISC
MISC
MLIST
linux -- linux_kernelAn issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_OPER_CHANNEL in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger an out-of-bounds write when parsing the channel list attribute from Wi-Fi management frames.2022-12-187.8CVE-2022-47519
MISC
MISC
MLIST
linux -- linux_kernelAn issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_CHANNEL_LIST in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when parsing the operating channel attribute from Wi-Fi management frames.2022-12-187.8CVE-2022-47521
MISC
MISC
MLIST
knexjs -- knexKnex Knex.js through 2.3.0 has a limited SQL injection vulnerability that can be exploited to ignore the WHERE clause of a SQL query.2022-12-197.5CVE-2016-20018
MISC
MISC
solarwinds -- serv-uCommon encryption key appears to be used across all deployed instances of Serv-U FTP Server. Because of this an encrypted value that is exposed to an attacker can be simply recovered to plaintext.2022-12-167.5CVE-2021-35252
MISC
MISC
MISC
owasp -- nodegoatA vulnerability has been found in OWASP NodeGoat and classified as problematic. This vulnerability affects unknown code of the file app/routes/research.js of the component Query Parameter Handler. The manipulation leads to denial of service. The attack can be initiated remotely. The name of the patch is 4a4d1db74c63fb4ff8d366551c3af006c25ead12. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216184.2022-12-187.5CVE-2021-4247
N/A
N/A
N/A
haskell -- xml-conduitA vulnerability was found in xml-conduit. It has been classified as problematic. Affected is an unknown function of the file xml-conduit/src/Text/XML/Stream/Parse.hs of the component DOCTYPE Entity Expansion Handler. The manipulation leads to infinite loop. It is possible to launch the attack remotely. Upgrading to version 1.9.1.0 is able to address this issue. The name of the patch is 4be1021791dcdee8b164d239433a2043dc0939ea. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216204.2022-12-187.5CVE-2021-4249
N/A
N/A
N/A
N/A
google -- androidIn rw_t3t_act_handle_check_ndef_rsp of rw_t3t.cc, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2240023312022-12-167.5CVE-2022-20516
MISC
google -- androidIn bindArtworkAndColors of MediaControlPanel.java, there is a possible way to crash the phone due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2393686972022-12-167.5CVE-2022-20545
MISC
google -- androidProduct: AndroidVersions: Android kernelAndroid ID: A-212623833References: N/A2022-12-167.5CVE-2022-20560
MISC
google -- androidProduct: AndroidVersions: Android kernelAndroid ID: A-204541506References: N/A2022-12-167.5CVE-2022-20601
MISC
google -- androidProduct: AndroidVersions: Android kernelAndroid ID: A-211081867References: N/A2022-12-167.5CVE-2022-20602
MISC
google -- androidIn SAECOMM_CopyBufferBytes of SAECOMM_Utility.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-231722405References: N/A2022-12-167.5CVE-2022-20605
MISC
juniper_networks -- multiple_products
 
An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker to cause a Denial of Service (DoS). If a BGP update message is received over an established BGP session, and that message contains a specific, optional transitive attribute, this session will be torn down with an update message error. This issue cannot propagate beyond an affected system as the processing error occurs as soon as the update is received. This issue is exploitable remotely as the respective attribute will propagate through unaffected systems and intermediate AS (if any). Continuous receipt of a BGP update containing this attribute will create a sustained Denial of Service (DoS) condition. Since this issue only affects 22.3R1, Juniper strongly encourages customers to move to 22.3R1-S1. Juniper SIRT felt that the need to promptly warn customers about this issue affecting the 22.3R1 versions of Junos OS and Junos OS Evolved warranted an Out of Cycle JSA. This issue affects: Juniper Networks Junos OS version 22.3R1. Juniper Networks Junos OS Evolved version 22.3R1-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 22.3R1. Juniper Networks Junos OS Evolved versions prior to 22.3R1-EVO.2022-12-227.5CVE-2022-22184
CONFIRM
bigbluebutton -- bigbluebuttonBigBlueButton is an open source web conferencing system. Versions prior to 2.4-rc-6 are vulnerable to Insertion of Sensitive Information Into Sent Data. The moderators-only webcams lock setting is not enforced on the backend, which allows an attacker to subscribe to viewers' webcams, even when the lock setting is applied. (The required streamId was being sent to all users even with lock setting applied). This issue is fixed in version 2.4-rc-6. There are no workarounds.2022-12-177.5CVE-2022-23488
MISC
MISC
ffmpeg -- ffmpegAn issue was discovered in the FFmpeg through 3.0. vp3_decode_frame in libavcodec/vp3.c lacks check of the return value of av_malloc() and will cause the null pointer dereference, impacting confidentiality and availability.2022-12-167.5CVE-2022-3109
MISC
MISC
rockwellautomation -- compactlogix_5370_firmwareA vulnerability exists in the Rockwell Automation controllers that allows a malformed CIP request to cause a major non-recoverable fault (MNRF) and a denial-of-service condition (DOS).2022-12-167.5CVE-2022-3157
MISC
rockwellautomation -- micrologix_1100_firmwareRockwell Automation was made aware that the webservers of the Micrologix 1100 and 1400 controllers contain a vulnerability that may lead to a denial-of-service condition. The security vulnerability could be exploited by an attacker with network access to the affected systems by sending TCP packets to webserver and closing it abruptly which would cause a denial-of-service condition for the web server application on the device2022-12-167.5CVE-2022-3166
MISC
apache -- traffic_serverImproper Check for Unusual or Exceptional Conditions vulnerability handling requests in Apache Traffic Server allows an attacker to crash the server under certain conditions. This issue affects Apache Traffic Server: from 8.0.0 through 9.1.3.2022-12-197.5CVE-2022-32749
MISC
ibm -- spectrum_controlIBM Spectrum Control 5.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 233982.2022-12-207.5CVE-2022-38391
MISC
MISC
ultimatemember -- jobboardwpThe JobBoardWP WordPress plugin before 1.2.2 does not properly validate file names and types in its file upload functionalities, allowing unauthenticated users to upload arbitrary files such as PHP.2022-12-197.5CVE-2022-4061
MISC
cedcommerce -- wholesale_market_for_woocommerceThe Wholesale Market for WooCommerce WordPress plugin before 1.0.7 does not have authorisation check, as well as does not validate user input used to generate system path, allowing unauthenticated attackers to download arbitrary file from the server.2022-12-197.5CVE-2022-4106
MISC
redhat -- satelliteA blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker's server by modifying the Referer header in an HTTP request of specific resources in the server.2022-12-167.5CVE-2022-4130
MISC
huawei -- harmonyosThe system tool has inconsistent serialization and deserialization. Successful exploitation of this vulnerability will cause unauthorized startup of components.2022-12-207.5CVE-2022-41596
MISC
MISC
huawei -- harmonyosThe system service has a vulnerability that causes incorrect return values. Successful exploitation of this vulnerability may affect data confidentiality.2022-12-207.5CVE-2022-41599
MISC
MISC
google -- androidIn sms_GetTpUdlIe of sms_PduCodec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243401445References: N/A2022-12-167.5CVE-2022-42524
MISC
google -- androidIn cd_SsParseMsg of cd_SsCodec.c, there is a possible crash due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-244448906References: N/A2022-12-167.5CVE-2022-42527
MISC
ibm -- cognos_analyticsIBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could be vulnerable to a Log Injection attack by constructing URLs from user-controlled data. This could enable attackers to make arbitrary requests to the internal network or to the local file system. IBM X-Force ID: 240266.2022-12-197.5CVE-2022-43883
MISC
MISC
rockoa -- xinhuSQL Injection exits in xinhu < 2.5.02022-12-197.5CVE-2022-45041
MISC
MISC
hutool -- hutoolA vulnerability classified as problematic was found in Dromara HuTool up to 5.8.10. This vulnerability affects unknown code of the file cn.hutool.core.util.ZipUtil.java. The manipulation leads to resource consumption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 5.8.11 is able to address this issue. It is recommended to upgrade the affected component. VDB-215974 is the identifier assigned to this vulnerability.2022-12-167.5CVE-2022-4565
MISC
MISC
tenda -- i22_firmwareTenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the funcpara1 parameter in the formSetCfm function.2022-12-207.5CVE-2022-45665
MISC
tenda -- i22_firmwareTenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDset function.2022-12-207.5CVE-2022-45666
MISC
tenda -- ac10_firmwareTenda AC15 V15.03.06.23 is vulnerable to Buffer Overflow via function formSetClientState.2022-12-167.5CVE-2022-46109
MISC
aerocms_project -- aerocmsAeroCMS v0.0.1 is vulnerable to Directory Traversal. The impact is: obtain sensitive information (remote). The component is: AeroCMS v0.0.1.2022-12-167.5CVE-2022-46137
MISC
huawei -- harmonyosThe TelephonyProvider module has a vulnerability in obtaining values.Successful exploitation of this vulnerability may affect data confidentiality.2022-12-207.5CVE-2022-46310
MISC
huawei -- harmonyosThe contacts component has a free (undefined) provider vulnerability. Successful exploitation of this vulnerability may affect data integrity.2022-12-207.5CVE-2022-46311
MISC
huawei -- harmonyosThe application management module has a vulnerability in permission verification. Successful exploitation of this vulnerability causes unexpected clear of device applications.2022-12-207.5CVE-2022-46312
MISC
MISC
huawei -- harmonyosThe IPC module has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability.2022-12-207.5CVE-2022-46314
MISC
huawei -- harmonyosThe ProfileSDK has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability.2022-12-207.5CVE-2022-46315
MISC
huawei -- harmonyosThe power consumption module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability.2022-12-207.5CVE-2022-46317
MISC
MISC
huawei -- harmonyosThe Wi-Fi module has a vulnerability in permission verification. Successful exploitation of this vulnerability may affect data confidentiality.2022-12-207.5CVE-2022-46321
MISC
MISC
huawei -- harmonyosSome smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions.2022-12-207.5CVE-2022-46322
MISC
MISC
huawei -- harmonyosSome smartphones have the input validation vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.2022-12-207.5CVE-2022-46328
MISC
MISC
tenda -- f1203_firmwareTenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the mac parameter at /goform/GetParentControlInfo.2022-12-207.5CVE-2022-46530
MISC
tenda -- f1203_firmwareTenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceId parameter at /goform/addWifiMacFilter.2022-12-207.5CVE-2022-46531
MISC
tenda -- f1203_firmwareTenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceMac parameter at /goform/addWifiMacFilter.2022-12-207.5CVE-2022-46532
MISC
tenda -- f1203_firmwareTenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the limitSpeed parameter at /goform/SetClientState.2022-12-207.5CVE-2022-46533
MISC
tenda -- f1203_firmwareTenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the speed_dir parameter at /goform/SetSpeedWan.2022-12-207.5CVE-2022-46534
MISC
tenda -- f1203_firmwareTenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceId parameter at /goform/SetClientState.2022-12-207.5CVE-2022-46535
MISC
tenda -- f1203_firmwareTenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the limitSpeedUp parameter at /goform/SetClientState.2022-12-207.5CVE-2022-46536
MISC
tenda -- f1203_firmwareTenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the security parameter at /goform/WifiBasicSet.2022-12-207.5CVE-2022-46537
MISC
tenda -- f1203_firmwareTenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the security_5g parameter at /goform/WifiBasicSet.2022-12-207.5CVE-2022-46539
MISC
tenda -- f1203_firmwareTenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the entrys parameter at /goform/addressNat.2022-12-207.5CVE-2022-46540
MISC
tenda -- f1203_firmwareTenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the ssid parameter at /goform/fast_setting_wifi_set.2022-12-207.5CVE-2022-46541
MISC
tenda -- f1203_firmwareTenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/addressNat.2022-12-207.5CVE-2022-46542
MISC
tenda -- f1203_firmwareTenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the mitInterface parameter at /goform/addressNat.2022-12-207.5CVE-2022-46543
MISC
tenda -- f1203_firmwareTenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the cmdinput parameter at /goform/exeCommand.2022-12-207.5CVE-2022-46544
MISC
tenda -- f1203_firmwareTenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/NatStaticSetting.2022-12-207.5CVE-2022-46545
MISC
tenda -- f1203_firmwareTenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the entrys parameter at /goform/RouteStatic.2022-12-207.5CVE-2022-46546
MISC
tenda -- f1203_firmwareTenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/VirtualSer.2022-12-207.5CVE-2022-46547
MISC
tenda -- f1203_firmwareTenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/DhcpListClient.2022-12-207.5CVE-2022-46548
MISC
tenda -- f1203_firmwareTenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceId parameter at /goform/saveParentControlInfo.2022-12-207.5CVE-2022-46549
MISC
tenda -- f1203_firmwareTenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the urls parameter at /goform/saveParentControlInfo.2022-12-207.5CVE-2022-46550
MISC
tenda -- f1203_firmwareTenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the time parameter at /goform/saveParentControlInfo.2022-12-207.5CVE-2022-46551
MISC
drachtio -- drachtio-serverAn issue was discovered in drachtio-server before 0.8.20. It allows remote attackers to cause a denial of service (daemon crash) via a long message in a TCP request that leads to std::length_error.2022-12-187.5CVE-2022-47515
MISC
MISC
drachtio -- drachtio-serverAn issue was discovered in the libsofia-sip fork in drachtio-server before 0.8.20. It allows remote attackers to cause a denial of service (daemon crash) via a crafted UDP message that leads to a failure of the libsofia-sip-ua/tport/tport.c self assertion.2022-12-187.5CVE-2022-47516
MISC
MISC
drachtio -- drachtio-serverAn issue was discovered in the libsofia-sip fork in drachtio-server before 0.8.19. It allows remote attackers to cause a denial of service (daemon crash) via a crafted UDP message that causes a url_canonize2 heap-based buffer over-read because of an off-by-one error.2022-12-187.5CVE-2022-47517
MISC
MISC
MISC
google -- androidIn SetDecompContextDb of RohcDeCompContextOfRbId.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-219265339References: N/A2022-12-167.2CVE-2022-20603
MISC
vmware -- vrealize_operationsvRealize Operations (vROps) contains a privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2.2022-12-167.2CVE-2022-31707
MISC
aerocms_project -- aerocmsIn AeroCms v0.0.1, there is an arbitrary file upload vulnerability at /admin/posts.php?source=edit_post , through which we can upload webshell and control the web server.2022-12-167.2CVE-2022-46135
MISC
ubi_reader_project -- ubi_readerA vulnerability, which was classified as problematic, has been found in UBI Reader up to 0.8.0. Affected by this issue is the function ubireader_extract_files of the file ubireader/ubifs/output.py of the component UBIFS File Handler. The manipulation leads to path traversal. The attack may be launched remotely. Upgrading to version 0.8.5 is able to address this issue. The name of the patch is d5d68e6b1b9f7070c29df5f67fc060f579ae9139. It is recommended to upgrade the affected component. VDB-216146 is the identifier assigned to this vulnerability.2022-12-177.1CVE-2022-4572
MISC
MISC
MISC
MISC
linux -- linux_kernelAn issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet.2022-12-187.1CVE-2022-47520
MISC
MISC
MLIST

Back to top

 

Medium Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
paxtechnology -- paydroidPAX Technology A930 PayDroid 7.1.1 Virgo V04.4.02 20211201 was discovered to be vulnerable to command injection.2022-12-166.8CVE-2022-26580
MISC
paxtechnology -- paydroidThe ADB daemon in PAX Technology A930 PayDroid 7.1.1 Virgo V04.4.02 20211201 allows the execution of the systool utility in production mode, allowing unauthenticated attackers to perform privileged actions.2022-12-166.8CVE-2022-26581
MISC
ibm -- spectrum_scaleIBM Spectrum Scale 5.1 could allow users with permissions to create pod, persistent volume and persistent volume claim to access files and directories outside of the volume, including on the host filesystem. IBM X-Force ID: 235740.2022-12-196.8CVE-2022-40607
MISC
MISC
google -- androidIn multiple locations of DreamManagerService.java, there is a missing permission check. This could lead to local escalation of privilege and dismissal of system dialogs with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2258785532022-12-166.7CVE-2022-20504
MISC
google -- androidIn openFile of CallLogProvider.java, there is a possible permission bypass due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitationProduct: AndroidVersions: Android-13Android ID: A-2259817542022-12-166.7CVE-2022-20505
MISC
google -- androidIn mapGrantorDescr of MessageQueueBase.h, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2447133172022-12-166.7CVE-2022-20509
MISC
google -- androidIn acquireFabricatedOverlayIterator, nextFabricatedOverlayInfos, and releaseFabricatedOverlayIterator of Idmap2Service.cpp, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2457278752022-12-166.7CVE-2022-20514
MISC
google -- androidIn parameterToHal of Effect.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the audio server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2372914252022-12-166.7CVE-2022-20539
MISC
google -- androidIn getCurrentConfigImpl of Effect.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2402667982022-12-166.7CVE-2022-20546
MISC
google -- androidIn authToken2AidlVec of KeyMintUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2427024512022-12-166.7CVE-2022-20549
MISC
google -- androidIn removeEventHubDevice of InputDevice.cpp, there is a possible OOB read due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2457705962022-12-166.7CVE-2022-20554
MISC
google -- androidIn MessageQueueBase of MessageQueueBase.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2470927342022-12-166.7CVE-2022-20557
MISC
google -- androidIn TBD of ufdt_convert, there is a possible out of bounds read due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242067561References: N/A2022-12-166.7CVE-2022-20563
MISC
google -- androidIn _ufdt_output_strtab_to_fdt of ufdt_convert.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243798789References: N/A2022-12-166.7CVE-2022-20564
MISC
google -- androidIn thermal_cooling_device_stats_update of thermal_sysfs.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-229258234References: N/A2022-12-166.7CVE-2022-20569
MISC
google -- androidIn extract_metadata of dm-android-verity.c, there is a possible way to corrupt kernel memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234030265References: Upstream kernel2022-12-166.7CVE-2022-20571
MISC
google -- androidIn verity_target of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234475629References: Upstream kernel2022-12-166.7CVE-2022-20572
MISC
google -- androidIn externalOnRequest of rilapplication.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239701761References: N/A2022-12-166.7CVE-2022-20576
MISC
google -- androidIn OemSimAuthRequest::encode of wlandata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241762281References: N/A2022-12-166.7CVE-2022-20577
MISC
google -- androidIn RadioImpl::setGsmBroadcastConfig of ril_service_legacy.cpp, there is a possible stack clash leading to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243509749References: N/A2022-12-166.7CVE-2022-20578
MISC
google -- androidIn RadioImpl::setCdmaBroadcastConfig of ril_service_legacy.cpp, there is a possible stack clash leading to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243510139References: N/A2022-12-166.7CVE-2022-20579
MISC
google -- androidIn ufdt_do_one_fixup of ufdt_overlay.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243629453References: N/A2022-12-166.7CVE-2022-20580
MISC
google -- androidIn the Pixel camera driver, there is a possible use after free due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-245916120References: N/A2022-12-166.7CVE-2022-20581
MISC
google -- androidIn ppmp_unprotect_mfcfw_buf of drm_fw.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege in S-EL1 with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234859169References: N/A2022-12-166.7CVE-2022-20583
MISC
google -- androidIn sysmmu_map of sysmmu.c, there is a possible EoP due to a precondition check failure. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238785915References: N/A2022-12-166.7CVE-2022-20588
MISC
google -- androidIn updateStart of WirelessCharger.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239567689References: N/A2022-12-166.7CVE-2022-20594
MISC
google -- androidIn sendChunk of WirelessCharger.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239700400References: N/A2022-12-166.7CVE-2022-20596
MISC
google -- androidIn Pixel firmware, there is a possible exposure of sensitive memory due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242332706References: N/A2022-12-166.7CVE-2022-20599
MISC
broadcom -- symantec_identity_governance_and_administrationAn authenticated administrator who has physical access to the environment can carry out Remote Command Execution on Management Console in Symantec Identity Manager 14.42022-12-166.7CVE-2022-25627
MISC
google -- androidIn HexString2Value of util.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241231403References: N/A2022-12-166.7CVE-2022-42501
MISC
google -- androidIn FacilityLock::Parse of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241231970References: N/A2022-12-166.7CVE-2022-42502
MISC
google -- androidIn ProtocolMiscBuilder::BuildSetLinkCapaReportCriteria of protocolmiscbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241231983References: N/A2022-12-166.7CVE-2022-42503
MISC
google -- androidIn CallDialReqData::encodeCallNumber of callreqdata.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241232209References: N/A2022-12-166.7CVE-2022-42504
MISC
google -- androidIn ProtocolMiscBuilder::BuildSetSignalReportCriteria of protocolmiscbuilder.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241232492References: N/A2022-12-166.7CVE-2022-42505
MISC
google -- androidIn SimUpdatePbEntry::encode of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241388399References: N/A2022-12-166.7CVE-2022-42506
MISC
google -- androidIn ProtocolSimBuilder::BuildSimUpdatePb3gEntry of protocolsimbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241388774References: N/A2022-12-166.7CVE-2022-42507
MISC
google -- androidIn ProtocolCallBuilder::BuildSendUssd of protocolcallbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241388966References: N/A2022-12-166.7CVE-2022-42508
MISC
google -- androidIn CallDialReqData::encode of callreqdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241544307References: N/A2022-12-166.7CVE-2022-42509
MISC
google -- androidIn StringsRequestData::encode of requestdata.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241762656References: N/A2022-12-166.7CVE-2022-42510
MISC
google -- androidIn EmbmsSessionData::encode of embmsdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241762712References: N/A2022-12-166.7CVE-2022-42511
MISC
google -- androidIn ProtocolEmbmsBuilder::BuildSetSession of protocolembmsbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763204References: N/A2022-12-166.7CVE-2022-42513
MISC
google -- androidIn BroadcastSmsConfigsRequestData::encode of smsdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242536278References: N/A2022-12-166.7CVE-2022-42518
MISC
google -- androidIn CdmaBroadcastSmsConfigsRequestData::encode of cdmasmsdata.cpp, there is a possible stack clash leading to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242540694References: N/A2022-12-166.7CVE-2022-42519
MISC
google -- androidIn ServiceInterface::HandleRequest of serviceinterface.cpp, there is a possible use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242994270References: N/A2022-12-166.7CVE-2022-42520
MISC
google -- androidIn encode of wlandata.cpp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243130019References: N/A2022-12-166.7CVE-2022-42521
MISC
google -- androidIn fillSetupDataCallInfo_V1_6 of ril_service_1_6.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243376893References: N/A2022-12-166.7CVE-2022-42523
MISC
google -- androidIn fillSetupDataCallInfo_V1_6 of ril_service_1_6.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243509750References: N/A2022-12-166.7CVE-2022-42525
MISC
google -- androidIn ConvertUtf8ToUcs2 of radio_hal_utils.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243509880References: N/A2022-12-166.7CVE-2022-42526
MISC
google -- androidIn phNxpNciHal_core_initialized of phNxpNciHal.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2314451842022-12-166.7CVE-2022-42542
MISC
apache -- zeppelinThe improper Input Validation vulnerability in "”Move folder to Trash” feature of Apache Zeppelin allows an attacker to delete the arbitrary files. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.2022-12-166.5CVE-2021-28655
MISC
google -- androidIn onCreate of LogAccessDialogActivity.java, there is a possible way to bypass a permission check due to a tapjacking/overlay attack. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2441552652022-12-166.5CVE-2022-20553
MISC
datadoghq -- guarddogGuardDog is a CLI tool to identify malicious PyPI packages. Versions prior to v0.1.8 are vulnerable to arbitrary file write when scanning a specially-crafted remote PyPI package. Extracting files using shutil.unpack_archive() from a potentially malicious tarball without validating that the destination file path is within the intended destination directory can cause files outside the destination directory to be overwritten. This issue is patched in version 0.1.8. Potential workarounds include using a safer module, like zipfile, and validating the location of the extracted files and discarding those with malicious paths.2022-12-166.5CVE-2022-23530
MISC
MISC
MISC
wpwax -- directoristThe Directorist WordPress plugin before 7.4.4 does not prevent users with low privileges (like subscribers) from accessing sensitive system information.2022-12-196.5CVE-2022-3961
MISC
genetechsolutions -- pie_registerThe Registration Forms WordPress plugin before 3.8.1.3 does not have authorisation and CSRF when deleting users via an init action handler, allowing unauthenticated attackers to delete arbitrary users (along with their posts)2022-12-196.5CVE-2022-4024
MISC
cedcommerce -- smsa_shipping_for_woocommerceThe SMSA Shipping for WooCommerce WordPress plugin before 1.0.5 does not have authorisation and proper CSRF checks, as well as does not validate the file to be downloaded, allowing any authenticated users, such as subscriber to download arbitrary file from the server2022-12-196.5CVE-2022-4107
MISC
adobe -- campaignAdobe Campaign version 7.3.1 (and earlier) and 8.3.9 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. A low-privilege authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction.2022-12-166.5CVE-2022-42343
MISC
clickstudios -- passwordstateA vulnerability has been found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome and classified as problematic. This vulnerability affects unknown code. The manipulation leads to insufficiently protected credentials. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. VDB-216274 is the identifier assigned to this vulnerability.2022-12-196.5CVE-2022-4612
N/A
N/A
N/A
clickstudios -- passwordstateA vulnerability was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome and classified as critical. This issue affects some unknown processing of the component Browser Extension Provisioning. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216275.2022-12-196.5CVE-2022-4613
N/A
N/A
N/A
google -- androidIn pppol2tp_create of l2tp_ppp.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-186777253References: Upstream kernel2022-12-166.4CVE-2022-20567
MISC
as_project -- asA vulnerability classified as problematic was found in as. This vulnerability affects the function getFullURL of the file include.cdn.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. The name of the patch is 4acad1e3d2c34c017473ceea442fb3e3e078b2bd. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216208.2022-12-186.1CVE-2021-4251
N/A
N/A
wp-ban_project -- wp-banA vulnerability, which was classified as problematic, has been found in WP-Ban. This issue affects the function toggle_checkbox of the file ban-options.php. The manipulation of the argument $_SERVER["HTTP_USER_AGENT"] leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 13e0b1e922f3aaa3f8fcb1dd6d50200dd693fd76. It is recommended to apply a patch to fix this issue. The identifier VDB-216209 was assigned to this vulnerability.2022-12-186.1CVE-2021-4252
N/A
N/A
N/A
ctrlo -- lenioA vulnerability, which was classified as problematic, was found in ctrlo lenio. Affected is an unknown function in the library lib/Lenio.pm of the component Ticket Handler. The manipulation of the argument site_id leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is 7a1f90bd2a0ce95b8338ec0926902da975ec64d9. It is recommended to apply a patch to fix this issue. VDB-216210 is the identifier assigned to this vulnerability.2022-12-186.1CVE-2021-4253
N/A
N/A
ctrlo -- lenioA vulnerability has been found in ctrlo lenio and classified as problematic. Affected by this vulnerability is an unknown functionality of the file views/layouts/main.tt of the component Notice Handler. The manipulation of the argument notice.notice.text leads to cross site scripting. The attack can be launched remotely. The name of the patch is aa300555343c1c081951fcb68bfb6852fbba7451. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216211.2022-12-186.1CVE-2021-4254
N/A
N/A
ctrlo -- lenioA vulnerability was found in ctrlo lenio and classified as problematic. Affected by this issue is some unknown functionality of the file views/contractor.tt. The manipulation of the argument contractor.name leads to cross site scripting. The attack may be launched remotely. The name of the patch is e1646d5cd0a2fbab9eb505196dd2ca1c9e4cdd97. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216212.2022-12-186.1CVE-2021-4255
N/A
N/A
ctrlo -- lenioA vulnerability was found in ctrlo lenio. It has been classified as problematic. This affects an unknown part of the file views/index.tt. The manipulation of the argument task.name/task.site.org.name leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is e1646d5cd0a2fbab9eb505196dd2ca1c9e4cdd97. It is recommended to apply a patch to fix this issue. The identifier VDB-216213 was assigned to this vulnerability.2022-12-186.1CVE-2021-4256
N/A
N/A
ctrlo -- lenioA vulnerability was found in ctrlo lenio. It has been declared as problematic. This vulnerability affects unknown code of the file views/task.tt of the component Task Handler. The manipulation of the argument site.org.name/check.name/task.tasktype.name/task.name leads to cross site scripting. The attack can be initiated remotely. The name of the patch is 698c5fa465169d6f23c6a41ca4b1fc9a7869013a. It is recommended to apply a patch to fix this issue. VDB-216214 is the identifier assigned to this vulnerability.2022-12-186.1CVE-2021-4257
N/A
N/A
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-196.1CVE-2022-30679
MISC
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-166.1CVE-2022-35694
MISC
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-166.1CVE-2022-35696
MISC
emby -- embyIn Emby Server 4.6.7.0, the playlist name field is vulnerable to XSS stored where it is possible to steal the administrator access token and flip or steal the media server administrator account.2022-12-166.1CVE-2022-36223
MISC
hcltech -- hcl_digital_experienceIn HCL Digital Experience, URLs can be constructed to redirect users to untrusted sites.2022-12-196.1CVE-2022-38662
MISC
ibm -- cognos_analyticsIBM Cognos Analytics 11.2.1, 11.2.0, and 11.1.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 235064.2022-12-196.1CVE-2022-39160
MISC
MISC
apache -- traffic_serverImproper Input Validation vulnerability for the xdebug plugin in Apache Software Foundation Apache Traffic Server can lead to cross site scripting and cache poisoning attacks.This issue affects Apache Traffic Server: 9.0.0 to 9.1.3. Users should upgrade to 9.1.4 or later versions.2022-12-196.1CVE-2022-40743
MISC
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-166.1CVE-2022-42360
MISC
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-166.1CVE-2022-42366
MISC
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-166.1CVE-2022-42367
MISC
alinto -- sogoA vulnerability was found in Alinto SOGo up to 5.7.1 and classified as problematic. Affected by this issue is the function _migrateMailIdentities of the file SoObjects/SOGo/SOGoUserDefaults.m of the component Identity Handler. The manipulation of the argument fullName leads to cross site scripting. The attack may be launched remotely. Upgrading to version 5.8.0 is able to address this issue. The name of the patch is efac49ae91a4a325df9931e78e543f707a0f8e5e. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-215960.2022-12-166.1CVE-2022-4556
MISC
MISC
MISC
alinto -- sogoA vulnerability was found in Alinto SOGo up to 5.7.1. It has been classified as problematic. This affects an unknown part of the file SoObjects/SOGo/NSString+Utilities.m of the component Folder/Mail Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 5.8.0 is able to address this issue. The name of the patch is 1e0f5f00890f751e84d67be4f139dd7f00faa5f3. It is recommended to upgrade the affected component. The identifier VDB-215961 was assigned to this vulnerability.2022-12-166.1CVE-2022-4558
MISC
MISC
MISC
inex -- ixp_managerA vulnerability was found in INEX IPX-Manager up to 6.2.0. It has been declared as problematic. This vulnerability affects unknown code of the file resources/views/customer/list.foil.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 6.3.0 is able to address this issue. The name of the patch is bc9b14c6f70cccdb89b559e8bc3a7318bfe9c243. It is recommended to upgrade the affected component. VDB-215962 is the identifier assigned to this vulnerability.2022-12-166.1CVE-2022-4559
MISC
MISC
MISC
joget -- joget_dxA vulnerability was found in Joget up to 7.0.31. It has been rated as problematic. This issue affects the function getInternalJsCssLib of the file wflow-core/src/main/java/org/joget/plugin/enterprise/UniversalTheme.java of the component wflow-core. The manipulation of the argument key leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 7.0.32 is able to address this issue. The name of the patch is ecf8be8f6f0cb725c18536ddc726d42a11bdaa1b. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-215963.2022-12-166.1CVE-2022-4560
MISC
MISC
MISC
mediawiki -- semantic_drilldownA vulnerability classified as problematic has been found in SemanticDrilldown Extension. Affected is the function printFilterLine of the file includes/specials/SDBrowseDataPage.php of the component GET Parameter Handler. The manipulation of the argument value leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is 6e18cf740a4548166c1d95f6d3a28541d298a3aa. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-215964.2022-12-166.1CVE-2022-4561
MISC
MISC
mind-map_project -- mind-mapA vulnerability was found in 1j01 mind-map and classified as problematic. This issue affects some unknown processing of the file app.coffee. The manipulation of the argument html leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 9617e6084dfeccd92079ab4d7f439300a4b24394. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216167.2022-12-176.1CVE-2022-4581
N/A
N/A
starter-public-edition-4_project -- starter-public-edition-4A vulnerability was found in starter-public-edition-4 up to 4.6.10. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 4.6.11 is able to address this issue. The name of the patch is 2606983c20f6ea3430ac4b36b3d2e88aafef45da. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216168.2022-12-176.1CVE-2022-4582
N/A
N/A
N/A
oc-server3_project -- oc-server3A vulnerability classified as problematic has been found in Opencaching Deutschland oc-server3. This affects an unknown part of the file htdocs/templates2/ocstyle/start.tpl of the component Cookie Handler. The manipulation of the argument usercountryCode leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is c720f2777a452186c67ef30db3679dd409556544. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216171.2022-12-176.1CVE-2022-4585
N/A
N/A
N/A
oc-server3_project -- oc-server3A vulnerability classified as problematic was found in Opencaching Deutschland oc-server3. This vulnerability affects unknown code of the file htdocs/templates2/ocstyle/cachelists.tpl of the component Cachelist Handler. The manipulation of the argument name_filter/by_filter leads to cross site scripting. The attack can be initiated remotely. The name of the patch is a9f79c7da78cd24a7ef1d298e6bc86006972ea73. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216172.2022-12-176.1CVE-2022-4586
N/A
N/A
N/A
bostonsleep -- sliceA vulnerability, which was classified as problematic, was found in Boston Sleep slice up to 84.1.x. Affected is an unknown function of the component Layout Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 84.2.0 is able to address this issue. The name of the patch is 6523bb17d889e2ab13d767f38afefdb37083f1d0. It is recommended to upgrade the affected component. VDB-216174 is the identifier assigned to this vulnerability.2022-12-176.1CVE-2022-4588
N/A
N/A
MISC
django_terms_and_conditions_project -- django_terms_and_conditionsA vulnerability has been found in cyface Terms and Conditions Module up to 2.0.9 and classified as problematic. Affected by this vulnerability is the function returnTo of the file termsandconditions/views.py. The manipulation leads to open redirect. The attack can be launched remotely. Upgrading to version 2.0.10 is able to address this issue. The name of the patch is 03396a1c2e0af95e12a45c5faef7e47a4b513e1a. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216175.2022-12-176.1CVE-2022-4589
N/A
N/A
N/A
MISC
toto_project -- totoA vulnerability was found in mschaef toto up to 1.4.20. It has been classified as problematic. This affects an unknown part of the component Todo List Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.4.21 is able to address this issue. The name of the patch is fdc825ac5249f40683377e8a526a06cdc6870125. It is recommended to upgrade the affected component. The identifier VDB-216177 was assigned to this vulnerability.2022-12-176.1CVE-2022-4590
N/A
N/A
N/A
toto_project -- totoA vulnerability was found in mschaef toto up to 1.4.20. It has been declared as problematic. This vulnerability affects unknown code of the component Email Parameter Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 1.4.21 is able to address this issue. The name of the patch is 1f27f37c1a06f54a76971f70eaa6139dc139bdf9. It is recommended to upgrade the affected component. VDB-216178 is the identifier assigned to this vulnerability.2022-12-176.1CVE-2022-4591
N/A
N/A
N/A
retra-system_project -- retra-systemA vulnerability was found in retra-system. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is a6d94ab88f4a6f631a14c59b72461140fb57ae1f. It is recommended to apply a patch to fix this issue. VDB-216186 is the identifier assigned to this vulnerability.2022-12-186.1CVE-2022-4593
N/A
N/A
django-openipam_project -- django-openipamA vulnerability classified as problematic has been found in django-openipam. This affects an unknown part of the file openipam/report/templates/report/exposed_hosts.html. The manipulation of the argument description leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is a6223a1150d60cd036106ba6a8e676c1bfc3cc85. It is recommended to apply a patch to fix this issue. The identifier VDB-216189 was assigned to this vulnerability.2022-12-186.1CVE-2022-4595
N/A
N/A
N/A
open-emr -- openemrCross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.0.2.2022-12-196.1CVE-2022-4615
CONFIRM
MISC
microweber -- microweberCross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.3.2.2022-12-216.1CVE-2022-4617
CONFIRM
MISC
jacic -- electronic_bidding_core_systemCross-site scripting vulnerability in DENSHI NYUSATSU CORE SYSTEM v6 R4 and earlier allows a remote unauthenticated attacker to inject an arbitrary script.2022-12-196.1CVE-2022-46287
MISC
MISC
jacic -- electronic_bidding_core_systemOpen redirect vulnerability in DENSHI NYUSATSU CORE SYSTEM v6 R4 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.2022-12-196.1CVE-2022-46288
MISC
MISC
microweber -- microweberCross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.2.2022-12-226.1CVE-2022-4647
MISC
CONFIRM
rockwellautomation -- micrologix_1400_firmwareRockwell Automation was made aware of a vulnerability by a security researcher from Georgia Institute of Technology that the MicroLogix 1100 and 1400 controllers contain a vulnerability that may give an attacker the ability to accomplish remote code execution. The vulnerability is an unauthenticated stored cross-site scripting vulnerability in the embedded webserver. The payload is transferred to the controller over SNMP and is rendered on the homepage of the embedded website.2022-12-166.1CVE-2022-46670
MISC
apache -- helixURL Redirection to Untrusted Site ('Open Redirect') vulnerability in Apache Software Foundation Apache Helix UI component.This issue affects Apache Helix all releases from 0.8.0 to 1.0.4. Solution: removed the the forward component since it was improper designed for UI embedding. User please upgrade to 1.1.0 to fix this issue.2022-12-196.1CVE-2022-47500
MISC
paxtechnology -- paydroidPAX Technology A930 PayDroid 7.1.1 Virgo V04.4.02 20211201 allows root privileged attackers to install an unsigned application by copying the APK to /data/app, setting the appropriate permissions and rebooting the device.2022-12-166CVE-2022-26579
MISC
trellix -- endpoint_securityImproper preservation of permissions vulnerability in Trellix Endpoint Agent (xAgent) prior to V35.31.22 on Windows allows a local user with administrator privileges to bypass the product protection to uninstall the agent via incorrectly applied permissions in the removal protection functionality.2022-12-166CVE-2022-4326
MISC
bigbluebutton -- bigbluebuttonBigBlueButton is an open source web conferencing system. This vulnerability only affects release candidates of BigBlueButton 2.4. The attacker can start a subscription for poll results before starting an anonymous poll, and use this subscription to see individual responses in the anonymous poll. The attacker had to be a meeting presenter. This issue is patched in version 2.4.0. There are no workarounds.2022-12-165.7CVE-2022-41964
MISC
MISC
google -- androidIn multiple locations of NfcService.java, there is a possible disclosure of NFC tags due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-1992910252022-12-165.5CVE-2022-20199
MISC
google -- androidIn getNearbyNotificationStreamingPolicy of DevicePolicyManagerService.java, there is a possible way to learn about the notification streaming policy of other users due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2358223362022-12-165.5CVE-2022-20510
MISC
google -- androidIn getNearbyAppStreamingPolicy of DevicePolicyManagerService.java, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2358218292022-12-165.5CVE-2022-20511
MISC
google -- androidIn decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2445697592022-12-165.5CVE-2022-20513
MISC
google -- androidIn onPreferenceClick of AccountTypePreferenceLoader.java, there is a possible way to retrieve protected files from the Settings app due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2207334962022-12-165.5CVE-2022-20515
MISC
google -- androidIn getMessagesByPhoneNumber of MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2247699562022-12-165.5CVE-2022-20517
MISC
google -- androidIn query of MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2247702032022-12-165.5CVE-2022-20518
MISC
google -- androidIn IncFs_GetFilledRangesStartingFrom of incfs.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2282225082022-12-165.5CVE-2022-20523
MISC
google -- androidIn HalCoreCallback of halcore.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure from the NFC firmware with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2299948612022-12-165.5CVE-2022-20527
MISC
google -- androidIn getSmsRoleHolder of RoleService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2356017702022-12-165.5CVE-2022-20538
MISC
google -- androidIn btif_a2dp_sink_command_ready of btif_a2dp_sink.cc, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2439228062022-12-165.5CVE-2022-20552
MISC
google -- androidProduct: AndroidVersions: Android kernelAndroid ID: A-230660904References: N/A2022-12-165.5CVE-2022-20570
MISC
google -- androidIn sec_sysmmu_info of drm_fw.c, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237582191References: N/A2022-12-165.5CVE-2022-20574
MISC
google -- androidIn read_ppmpu_info of drm_fw.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237585040References: N/A2022-12-165.5CVE-2022-20575
MISC
google -- androidIn valid_va_sec_mfc_check of drm_access_control.c, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238932493References: N/A2022-12-165.5CVE-2022-20590
MISC
google -- androidIn ppmpu_set of ppmpu.c, there is a possible information disclosure due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238939706References: N/A2022-12-165.5CVE-2022-20591
MISC
google -- androidIn ppmp_validate_secbuf of drm_fw.c, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238976908References: N/A2022-12-165.5CVE-2022-20592
MISC
google -- androidIn SAECOMM_SetDcnIdForPlmn of SAECOMM_DbManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure from a single device with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-230463606References: N/A2022-12-165.5CVE-2022-20604
MISC
google -- androidIn Pixel cellular firmware, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239239246References: N/A2022-12-165.5CVE-2022-20608
MISC
google -- androidIn Pixel cellular firmware, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239240808References: N/A2022-12-165.5CVE-2022-20609
MISC
google -- androidIn a query in MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2247701832022-12-165.5CVE-2022-42535
MISC
adobe -- illustratorAdobe Illustrator versions 26.5.1 (and earlier), and 27.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-12-165.5CVE-2022-44498
MISC
adobe -- illustratorAdobe Illustrator versions 26.5.1 (and earlier), and 27.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-12-165.5CVE-2022-44499
MISC
adobe -- illustratorAdobe Illustrator versions 26.5.1 (and earlier), and 27.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-12-165.5CVE-2022-44500
MISC
adobe -- illustratorAdobe Illustrator versions 26.5.1 (and earlier), and 27.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.2022-12-165.5CVE-2022-44502
MISC
clickstudios -- passwordstateA vulnerability, which was classified as problematic, has been found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. Affected by this issue is some unknown functionality. The manipulation leads to risky cryptographic algorithm. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-216272.2022-12-195.5CVE-2022-4610
N/A
N/A
N/A
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-195.4CVE-2022-35693
MISC
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-195.4CVE-2022-35695
MISC
solarwinds -- serv-uThis vulnerability happens in the web client versions 15.3.0 to Serv-U 15.3.1. This vulnerability affects the directory creation function.2022-12-165.4CVE-2022-38106
MISC
MISC
MISC
hcltech -- digital_experienceIn HCL Digital Experience, customized XSS payload can be constructed such that it is served in the application unencoded.2022-12-195.4CVE-2022-38653
MISC
noorsplugin -- easy_video_playerThe Easy Video Player WordPress plugin before 1.2.2.3 does not sanitize and escapes some parameters, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks.2022-12-195.4CVE-2022-3937
MISC
noorsplugin -- checkout_for_paypalThe Checkout for PayPal WordPress plugin before 1.0.14 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks2022-12-195.4CVE-2022-3983
MISC
wphowto -- flowplayer_video_playerThe Flowplayer Video Player WordPress plugin before 1.0.5 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks2022-12-195.4CVE-2022-3984
MISC
wphowto -- videojs_html5_playerThe Videojs HTML5 Player WordPress plugin before 1.1.9 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks2022-12-195.4CVE-2022-3985
MISC
noorsplugin -- wp_stripe_checkoutThe WP Stripe Checkout WordPress plugin before 1.2.2.21 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks2022-12-195.4CVE-2022-3986
MISC
noorsplugin -- responsive_lightbox2The Responsive Lightbox2 WordPress plugin before 1.0.4 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks2022-12-195.4CVE-2022-3987
MISC
10web -- photo_galleryThe Photo Gallery by 10Web WordPress plugin before 1.8.3 does not validate and escape some parameters before outputting them back in in JS code later on in another page, which could lead to Stored XSS issue when an attacker makes a logged in admin open a malicious URL or page under their control.2022-12-195.4CVE-2022-4058
MISC
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-195.4CVE-2022-42345
MISC
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-195.4CVE-2022-42346
MISC
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-195.4CVE-2022-42348
MISC
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-195.4CVE-2022-42349
MISC
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-195.4CVE-2022-42350
MISC
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-195.4CVE-2022-42352
MISC
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-195.4CVE-2022-42354
MISC
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-195.4CVE-2022-42356
MISC
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-195.4CVE-2022-42357
MISC
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-195.4CVE-2022-42362
MISC
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-195.4CVE-2022-42364
MISC
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-195.4CVE-2022-42365
MISC
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-165.4CVE-2022-44462
MISC
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-195.4CVE-2022-44463
MISC
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-195.4CVE-2022-44465
MISC
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-195.4CVE-2022-44466
MISC
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-195.4CVE-2022-44467
MISC
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-165.4CVE-2022-44468
MISC
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-165.4CVE-2022-44469
MISC
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-195.4CVE-2022-44470
MISC
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-195.4CVE-2022-44471
MISC
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-165.4CVE-2022-44473
MISC
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-195.4CVE-2022-44474
MISC
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.2022-12-195.4CVE-2022-44488
MISC
adobe -- experience_manager
 
Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.2022-12-225.4CVE-2022-44510
MISC
oc-server3_project -- oc-server3A vulnerability, which was classified as problematic, has been found in Opencaching Deutschland oc-server3. This issue affects some unknown processing of the file htdocs/templates2/ocstyle/login.tpl of the component Login Page. The manipulation of the argument username leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 3296ebd61e7fe49e93b5755d5d7766d6e94a7667. It is recommended to apply a patch to fix this issue. The identifier VDB-216173 was assigned to this vulnerability.2022-12-175.4CVE-2022-4587
N/A
N/A
N/A
shoplazza -- lifestyleA vulnerability, which was classified as problematic, has been found in Shoplazza 1.1. This issue affects some unknown processing of the file /admin/api/admin/articles/ of the component Add Blog Post Handler. The manipulation of the argument Title leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-216191.2022-12-185.4CVE-2022-4596
N/A
N/A
N/A
shoplazza -- lifestyleA vulnerability, which was classified as problematic, was found in Shoplazza LifeStyle 1.1. Affected is an unknown function of the file /admin/api/admin/v2_products of the component Create Product Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-216192.2022-12-185.4CVE-2022-4597
N/A
N/A
N/A
shoplazza -- lifestyleA vulnerability has been found in Shoplazza LifeStyle 1.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/api/theme-edit/ of the component Announcement Handler. The manipulation of the argument Text/Mobile Text leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-216193 was assigned to this vulnerability.2022-12-185.4CVE-2022-4598
N/A
N/A
N/A
shoplazza -- lifestyleA vulnerability was found in Shoplazza LifeStyle 1.1 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/api/theme-edit/ of the component Product Handler. The manipulation of the argument Subheading/Heading/Text/Button Text/Label leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-216194 is the identifier assigned to this vulnerability.2022-12-185.4CVE-2022-4599
N/A
N/A
N/A
shoplazza -- lifestyleA vulnerability was found in Shoplazza LifeStyle 1.1. It has been classified as problematic. This affects an unknown part of the file /admin/api/theme-edit/ of the component Product Carousel Handler. The manipulation of the argument Heading/Description leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-216195.2022-12-185.4CVE-2022-4600
N/A
N/A
N/A
shoplazza -- lifestyleA vulnerability was found in Shoplazza LifeStyle 1.1. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/api/theme-edit/ of the component Shipping/Member Discount/Icon. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-216196.2022-12-185.4CVE-2022-4601
N/A
N/A
N/A
shoplazza -- lifestyleA vulnerability was found in Shoplazza LifeStyle 1.1. It has been rated as problematic. This issue affects some unknown processing of the file /admin/api/theme-edit/ of the component Review Flow Handler. The manipulation of the argument Title leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-216197 was assigned to this vulnerability.2022-12-185.4CVE-2022-4602
N/A
N/A
N/A
flatpress -- flatpressCross-site Scripting (XSS) - Stored in GitHub repository flatpressblog/flatpress prior to 1.3.2022-12-185.4CVE-2022-4605
MISC
CONFIRM
usememos -- memosCross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0.2022-12-195.4CVE-2022-4609
MISC
CONFIRM
znote -- znoteCross-site Scripting (XSS) - Stored in GitHub repository alagrede/znote-app prior to 1.7.11.2022-12-195.4CVE-2022-4614
CONFIRM
MISC
apache -- zeppelinAn Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Zeppelin allows logged-in users to execute arbitrary javascript in other users' browsers. This issue affects Apache Zeppelin before 0.8.2. Users are recommended to upgrade to a supported version of Zeppelin.2022-12-165.4CVE-2022-46870
MISC
google -- androidIn strings.xml, there is a possible permission bypass due to a misleading string. This could lead to remote information disclosure of call logs with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2315856452022-12-165.3CVE-2022-20530
MISC
broadcom -- symantec_identity_governance_and_administrationAn unauthenticated user can access Identity Manager’s management console specific page URLs. However, the system doesn’t allow the user to carry out server side tasks without a valid web session.2022-12-165.3CVE-2022-25626
MISC
apache -- traffic_serverImproper Check for Unusual or Exceptional Conditions vulnerability in handling the requests to Apache Traffic Server. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.2022-12-195.3CVE-2022-37392
MISC
ibm -- cognos_analyticsIBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could be vulnerable to sensitive information exposure by passing API keys to log files. If these keys contain sensitive information, it could lead to further attacks. IBM X-Force ID: 240450.2022-12-195.3CVE-2022-43887
MISC
MISC
wpvar -- wp_shamsiThe WP Shamsi plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the deactivate() function hooked via init() in versions up to, and including, 4.1.0. This makes it possible for unauthenticated attackers to deactivate arbitrary plugins on the site. This can be used to deactivate security plugins that aids in exploiting other vulnerabilities.2022-12-165.3CVE-2022-4555
MISC
MISC
clickstudios -- passwordstateA vulnerability, which was classified as problematic, was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. This affects an unknown part. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. The identifier VDB-216273 was assigned to this vulnerability.2022-12-195.3CVE-2022-4611
N/A
N/A
huawei -- harmonyosThe sensor privacy module has an authentication vulnerability. Successful exploitation of this vulnerability may cause unavailability of the smartphone's camera and microphone.2022-12-205.3CVE-2022-46313
MISC
huawei -- harmonyosThe HAware module has a function logic error. Successful exploitation of this vulnerability will affect the account removal function in Settings.2022-12-205.3CVE-2022-46318
MISC
MISC
google -- androidIn sdpu_find_most_specific_service_uuid of sdp_utils.cc, there is a possible way to crash Bluetooth due to a missing null check. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2272036842022-12-165CVE-2022-20521
MISC
google -- androidIn SAEMM_MiningCodecTableWithMsgIE of SAEMM_RadioMessageCodec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-233230674References: N/A2022-12-164.9CVE-2022-20606
MISC
vmware -- vrealize_operationsvRealize Operations (vROps) contains a broken access control vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.4.2022-12-164.9CVE-2022-31708
MISC
ibm -- security_guardiumIBM Security Guardium 11.4 could allow a privileged user to obtain sensitive information inside of an HTTP response. IBM X-Force ID: 235405.2022-12-204.9CVE-2022-39166
MISC
MISC
cedcommerce -- wholesale_market_for_woocommerceThe Wholesale Market for WooCommerce WordPress plugin before 1.0.8 does not validate user input used to generate system path, allowing high privilege users such as admin to download arbitrary file from the server even when they should not be able to (for example in multisite)2022-12-194.9CVE-2022-4108
MISC
external_media_project -- external_mediaThe External Media WordPress plugin before 1.0.36 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).2022-12-194.8CVE-2022-3832
MISC
vms-studio -- quizlordThe Quizlord WordPress plugin through 2.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).2022-12-194.8CVE-2022-4112
MISC
google -- androidIn onOptionsItemSelected of ManageApplications.java, there is a possible bypass of profile owner restrictions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2387450702022-12-164.4CVE-2022-20544
MISC
google -- androidIn ufdt_get_node_by_path_len of ufdt_convert.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2461942332022-12-164.4CVE-2022-20555
MISC
google -- androidIn valid_va_secbuf_check of drm_access_control.c, there is a possible ID due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238841928References: N/A2022-12-164.4CVE-2022-20589
MISC
google -- androidIn pop_descriptor_string of BufferDescriptor.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239415809References: N/A2022-12-164.4CVE-2022-20593
MISC
google -- androidIn getWpcAuthChallengeResponse of WirelessCharger.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239700137References: N/A2022-12-164.4CVE-2022-20595
MISC
google -- androidIn VsimOperationDataExt::encode of vsimdata.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763050References: N/A2022-12-164.4CVE-2022-42512
MISC
google -- androidIn ProtocolImsBuilder::BuildSetConfig of protocolimsbuilder.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763298References: N/A2022-12-164.4CVE-2022-42514
MISC
google -- androidIn MiscService::DoOemSetRtpPktlossThreshold of miscservice.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763503References: N/A2022-12-164.4CVE-2022-42515
MISC
google -- androidIn ProtocolSimBuilderLegacy::BuildSimGetGbaAuth of protocolsimbuilderlegacy.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763577References: N/A2022-12-164.4CVE-2022-42516
MISC
google -- androidIn MiscService::DoOemSetTcsFci of miscservice.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763682References: N/A2022-12-164.4CVE-2022-42517
MISC
google -- androidIn DoSetCarrierConfig of miscservice.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243130038References: N/A2022-12-164.4CVE-2022-42522
MISC
google -- androidIn Pixel firmware, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242331893References: N/A2022-12-164.4CVE-2022-42530
MISC
google -- androidIn Pixel firmware, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242332610References: N/A2022-12-164.4CVE-2022-42532
MISC
google -- androidIn fdt_path_offset_namelen of fdt_ro.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-249998113References: N/A2022-12-164.4CVE-2022-42543
MISC
ibm -- aixIBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a local user with elevated privileges to exploit a vulnerability in the lpd daemon to cause a denial of service. IBM X-Force ID: 238641.2022-12-204.4CVE-2022-43382
MISC
MISC
mozilla -- firefoxIf a domain name contained a RTL character, it would cause the domain to be rendered to the right of the path. This could lead to user confusion and spoofing attacks. <br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*<br>*Note*: Due to a clerical error this advisory was not included in the original announcement, and was added in Feburary 2022. This vulnerability affects Firefox < 92.2022-12-224.3CVE-2021-4221
MISC
MISC
bigbluebutton -- bigbluebuttonBigBlueButton is an open source web conferencing system. Versions prior to 2.4.0 expose sensitive information to Unauthorized Actors. This issue affects meetings with polls, where the attacker is a meeting participant. Subscribing to the current-poll collection does not update the client UI, but does give the attacker access to the contents of the collection, which include the individual poll responses. This issue is patched in version 2.4.0. There are no workarounds.2022-12-164.3CVE-2022-23490
MISC
MISC
microfocus -- groupwiseA vulnerability has been identified in Micro Focus GroupWise Web in versions prior to 18.4.2. The GW Web component makes a request to the Post Office Agent that contains sensitive information in the query parameters that could be logged by any intervening HTTP proxies.2022-12-164.3CVE-2022-38756
MISC
popup_manager_project -- popup_managerThe Popup Manager WordPress plugin through 1.6.6 does not have authorisation and CSRF checks when deleting popups, which could allow unauthenticated users to delete them2022-12-194.3CVE-2022-4124
MISC
popup_manager_project -- popup_managerThe Popup Manager WordPress plugin through 1.6.6 does not have authorisation and CSRF check when creating/updating popups, and is missing sanitisation as well as escaping, which could allow unauthenticated attackers to create arbitrary popups and add Stored XSS payloads as well2022-12-194.3CVE-2022-4125
MISC
bigbluebutton -- bigbluebuttonBigBlueButton is an open source web conferencing system. Versions prior to 2.4.3, are subject to Insufficient Verification of Data Authenticity, resulting in Denial of Service. An attacker can make a Meteor call to `validateAuthToken` using a victim's userId, meetingId, and an invalid authToken. This forces the victim to leave the conference, because the resulting verification failure is also observed and handled by the victim's client. The attacker must be a participant in any meeting on the server. This issue is patched in version 2.4.3. There are no workarounds.2022-12-164.3CVE-2022-41960
MISC
MISC
MISC
bigbluebutton -- bigbluebuttonBigBlueButton is an open source web conferencing system. Versions prior to 2.4-rc-6 are subject to Ineffective user bans. The attacker could register multiple users, and join the meeting with one of them. When that user is banned, they could still join the meeting with the remaining registered users from the same extId. This issue has been fixed by improving permissions such that banning a user removes all users related to their extId, including registered users that have not joined the meeting. This issue is patched in versions 2.4-rc-6 and 2.5-alpha-1. There are no workarounds.2022-12-164.3CVE-2022-41961
MISC
MISC
MISC
adobe -- experience_managerAdobe Experience Manager version 6.5.14 (and earlier) is affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to disclose low level confidentiality information. Exploitation of this issue does not require user interaction.2022-12-164.3CVE-2022-42351
MISC
google -- androidIn phNxpNciHal_ioctl of phNxpNciHal.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2380831262022-12-164.2CVE-2022-20541
MISC

Back to top

 

Low Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
google -- androidIn onCreate of AddAppNetworksActivity.java, there is a possible way for a guest user to configure WiFi networks due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2247726782022-12-163.3CVE-2022-20519
MISC
google -- androidIn enforceVisualVoicemailPackage of PhoneInterfaceManager.java, there is a possible leak of visual voicemail package name due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2297427682022-12-163.3CVE-2022-20525
MISC
google -- androidIn CanvasContext::draw of CanvasContext.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2297427742022-12-163.3CVE-2022-20526
MISC
google -- androidIn findParam of HevcUtils.cpp there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2301727112022-12-163.3CVE-2022-20528
MISC
google -- androidIn placeCall of TelecomManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2319886382022-12-163.3CVE-2022-20531
MISC
google -- androidIn getSlice of WifiSlice.java, there is a possible way to connect a new WiFi network from the guest mode due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2327983632022-12-163.3CVE-2022-20533
MISC
google -- androidIn registerLocalOnlyHotspotSoftApCallback of WifiManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2336052422022-12-163.3CVE-2022-20535
MISC
google -- androidIn registerBroadcastReceiver of RcsService.java, there is a possible way to change preferred TTY mode due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2351001802022-12-163.3CVE-2022-20536
MISC
google -- androidIn createDialog of WifiScanModeActivity.java, there is a possible way for a Guest user to enable location-sensitive settings due to a missing permission check. This could lead to local escalation of privilege from the Guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2356011692022-12-163.3CVE-2022-20537
MISC
google -- androidIn launchConfigNewNetworkFragment of NetworkProviderSettings.java, there is a possible way for the guest user to add a new WiFi network due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2463016672022-12-163.3CVE-2022-20556
MISC
google -- androidIn registerReceivers of DeviceCapabilityListener.java, there is a possible way to change preferred TTY mode due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2362642892022-12-163.3CVE-2022-20558
MISC
google -- androidIn revokeOwnPermissionsOnKill of PermissionManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2197399672022-12-163.3CVE-2022-20559
MISC
google -- androidIn various functions of ap_input_processor.c, there is a possible way to record audio during a phone call due to a logic error in the code. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-231630423References: N/A2022-12-163.3CVE-2022-20562
MISC
bigbluebutton -- bigbluebuttonBigBlueButton is an open source web conferencing system. Versions prior to 2.4.3 contain a whiteboard grace period that exists to handle delayed messages, but this grace period could be used by attackers to take actions in the few seconds after their access is revoked. The attacker must be a meeting participant. This issue is patched in version 2.4.3 an version 2.5-alpha-12022-12-163.1CVE-2022-41963
MISC
MISC
bigbluebutton -- bigbluebuttonBigBlueButton is an open source web conferencing system. Versions prior to 2.4-rc-6, and 2.5-alpha-1 contain Incorrect Authorization for setting emoji status. A user with moderator rights can use the clear status feature to set any emoji status for other users. Moderators should only be able to set none as the status of other users. This issue is patched in 2.4-rc-6 and 2.5-alpha-1There are no workarounds.2022-12-162.7CVE-2022-41962
MISC
MISC
MISC
google -- androidIn multiple locations of WifiDialogActivity.java, there is a possible limited lockscreen bypass due to a logic error in the code. This could lead to local escalation of privilege in wifi settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2315836032022-12-162.4CVE-2022-20529
MISC
google -- androidIn multiple locations, there is a possible display crash loop due to improper input validation. This could lead to local denial of service with system execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2381782612022-12-162.3CVE-2022-20543
MISC

Back to top

 

Severity Not Yet Assigned

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
mozilla -- multiple_productsAn OAuth session fixation vulnerability existed in the VPN login flow, where an attacker could craft a custom login URL, convince a VPN user to login via that URL, and obtain authenticated access as that user. This issue is limited to cases where attacker and victim are sharing the same source IP and could allow the ability to view session states and disconnect VPN sessions. This vulnerability affects Mozilla VPN iOS 1.0.7 < (929), Mozilla VPN Windows < 1.2.2, and Mozilla VPN Android 1.1.0 < (1360).2022-12-22not yet calculatedCVE-2020-15679
MISC
MISC
MISC
MISC
mozilla -- thunderbirdDuring the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session. This vulnerability affects Thunderbird < 78.7.2022-12-22not yet calculatedCVE-2020-15685
MISC
MISC
is.js -- is.jsis.js is a general-purpose check library. Versions 0.9.0 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). is.js uses a regex copy-pasted from a gist to validate URLs. Trying to validate a malicious string can cause the regex to loop “forever." This vulnerability was found using a CodeQL query which identifies inefficient regular expressions. is.js has no patch for this issue.2022-12-22not yet calculatedCVE-2020-26302
CONFIRM
MISC
furqan -- furqanA vulnerability classified as critical has been found in Furqan node-whois. Affected is an unknown function of the file index.coffee. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). It is possible to launch the attack remotely. The name of the patch is 46ccc2aee8d063c7b6b4dee2c2834113b7286076. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216252.2022-12-19not yet calculatedCVE-2020-36618
N/A
N/A
N/A
multimon-ng -- multimon-ngA vulnerability was found in multimon-ng. It has been rated as critical. This issue affects the function add_ch of the file demod_flex.c. The manipulation of the argument ch leads to format string. Upgrading to version 1.2.0 is able to address this issue. The name of the patch is e5a51c508ef952e81a6da25b43034dd1ed023c07. It is recommended to upgrade the affected component. The identifier VDB-216269 was assigned to this vulnerability.2022-12-19not yet calculatedCVE-2020-36619
N/A
N/A
N/A
N/A
brondahl -- enumstringvaluesA vulnerability was found in Brondahl EnumStringValues up to 4.0.0. It has been declared as problematic. This vulnerability affects the function GetStringValuesWithPreferences_Uncache of the file EnumStringValues/EnumExtensions.cs. The manipulation leads to resource consumption. Upgrading to version 4.0.1 is able to address this issue. The name of the patch is c0fc7806beb24883cc2f9543ebc50c0820297307. It is recommended to upgrade the affected component. VDB-216466 is the identifier assigned to this vulnerability.2022-12-21not yet calculatedCVE-2020-36620
N/A
N/A
MISC
chedabob -- whatismyudidA vulnerability, which was classified as problematic, has been found in chedabob whatismyudid. Affected by this issue is the function exports.enrollment of the file routes/mobileconfig.js. The manipulation leads to cross site scripting. The attack may be launched remotely. The name of the patch is bb33d4325fba80e7ea68b79121dba025caf6f45f. It is recommended to apply a patch to fix this issue. VDB-216470 is the identifier assigned to this vulnerability.2022-12-21not yet calculatedCVE-2020-36621
N/A
N/A
sah-comp -- bienleinA vulnerability was found in sah-comp bienlein and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The name of the patch is d7836a4f2b241e4745ede194f0f6fb47199cab6b. It is recommended to apply a patch to fix this issue. The identifier VDB-216473 was assigned to this vulnerability.2022-12-21not yet calculatedCVE-2020-36622
N/A
N/A
pengu -- penguA vulnerability was found in Pengu. It has been declared as problematic. Affected by this vulnerability is the function runApp of the file src/index.js. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The name of the patch is aea66f12b8cdfc3c8c50ad6a9c89d8307e9d0a91. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216475.2022-12-21not yet calculatedCVE-2020-36623
N/A
N/A
ahorner -- text-helpers
 
A vulnerability was found in ahorner text-helpers up to 1.0.x. It has been declared as critical. This vulnerability affects unknown code of the file lib/text_helpers/translation.rb. The manipulation of the argument link leads to use of web link to untrusted target with window.opener access. The attack can be initiated remotely. Upgrading to version 1.1.0 is able to address this issue. The name of the patch is 184b60ded0e43c985788582aca2d1e746f9405a3. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216520.2022-12-22not yet calculatedCVE-2020-36624
MISC
MISC
MISC
MISC
activity_watch -- activity_watch
 
Activity Watch is a free and open-source automated time tracker. Versions prior to 0.11.0 allow an attacker to execute arbitrary commands on any macOS machine with ActivityWatch running. The attacker can exploit this vulnerability by having the user visiting a website with the page title set to a malicious string. An attacker could use another application to accomplish the same, but the web browser is the most likely attack vector. This issue is patched in version 0.11.0. As a workaround, users can run the latest version of aw-watcher-window from source, or manually patch the `printAppTitle.scpt` file.2022-12-23not yet calculatedCVE-2021-32692
CONFIRM
openatom_foundation -- openeulerAfter tar_close(), libtar.c releases the memory pointed to by pointer t. After tar_close() is called in the list() function, it continues to use pointer t: free_longlink_longname(t->th_buf) . As a result, the released memory is used (use-after-free).2022-12-19not yet calculatedCVE-2021-33640
MISC
beijing -- baidunetdiskUntrusted search path vulnerability in Baidunetdisk Version 7.4.3 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.2022-12-22not yet calculatedCVE-2021-36631
MISC
mozilla -- thunderbird
 
When receiving an OpenPGP/MIME signed email message that contains an additional outer MIME message layer, for example a message footer added by a mailing list gateway, Thunderbird only considered the inner signed message for the signature validity. This gave the false impression that the additional contents were also covered by the digital signature. Starting with Thunderbird version 91.4.1, only the signature that belongs to the top level MIME part will be considered for the displayed status. This vulnerability affects Thunderbird < 91.4.1.2022-12-22not yet calculatedCVE-2021-4126
MISC
MISC
mozilla -- multiple_productsAn out of date graphics library (Angle) likely contained vulnerabilities that could potentially be exploited. This vulnerability affects Thunderbird < 78.9 and Firefox ESR < 78.9.2022-12-22not yet calculatedCVE-2021-4127
MISC
MISC
MISC
mozilla -- firefox_for_macosWhen transitioning in and out of fullscreen mode, a graphics object was not correctly protected; resulting in memory corruption and a potentially exploitable crash.<br>*This bug only affects Firefox on MacOS. Other operating systems are unaffected.*. This vulnerability affects Firefox < 95.2022-12-22not yet calculatedCVE-2021-4128
MISC
MISC
mozilla -- multiple_products
 
Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported memory safety bugs present in Firefox 94. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 95, Firefox ESR < 91.4.0, and Thunderbird < 91.4.0.2022-12-22not yet calculatedCVE-2021-4129
MISC
MISC
MISC
MISC
mozilla -- multiple_productsIt was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.2022-12-22not yet calculatedCVE-2021-4140
MISC
MISC
MISC
MISC
criego -- active_attrA vulnerability classified as problematic has been found in cgriego active_attr up to 0.15.2. This affects the function call of the file lib/active_attr/typecasting/boolean_typecaster.rb of the component Regex Handler. The manipulation of the argument value leads to denial of service. The exploit has been disclosed to the public and may be used. Upgrading to version 0.15.3 is able to address this issue. The name of the patch is dab95e5843b01525444b82bd7b336ef1d79377df. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216207.2022-12-18not yet calculatedCVE-2021-4250
N/A
N/A
N/A
N/A
MISC
phpredisadmin-- phpredisadminA vulnerability was found in phpRedisAdmin up to 1.16.1. It has been classified as problematic. This affects the function authHttpDigest of the file includes/login.inc.php. The manipulation of the argument response leads to use of wrong operator in string comparison. Upgrading to version 1.16.2 is able to address this issue. The name of the patch is 31aa7661e6db6f4dffbf9a635817832a0a11c7d9. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216267.2022-12-19not yet calculatedCVE-2021-4259
N/A
N/A
MISC
oils-js -- oils-jsA vulnerability was found in oils-js. It has been declared as critical. This vulnerability affects unknown code of the file core/Web.js. The manipulation leads to open redirect. The attack can be initiated remotely. The name of the patch is fad8fbae824a7d367dacb90d56cb02c5cb999d42. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216268.2022-12-19not yet calculatedCVE-2021-4260
N/A
N/A
platzhersh -- pacman-canvasA vulnerability classified as critical has been found in pacman-canvas up to 1.0.5. Affected is the function addHighscore of the file data/db-handler.php. The manipulation leads to sql injection. It is possible to launch the attack remotely. Upgrading to version 1.0.6 is able to address this issue. The name of the patch is 29522c90ca1cebfce6453a5af5a45281d99b0646. It is recommended to upgrade the affected component. VDB-216270 is the identifier assigned to this vulnerability.2022-12-19not yet calculatedCVE-2021-4261
N/A
N/A
N/A
laravel-jqgrid -- laravel-jqgrid
 
A vulnerability classified as critical was found in laravel-jqgrid. Affected by this vulnerability is the function getRows of the file src/Mgallegos/LaravelJqgrid/Repositories/EloquentRepositoryAbstract.php. The manipulation leads to sql injection. The name of the patch is fbc2d94f43d0dc772767a5bdb2681133036f935e. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216271.2022-12-19not yet calculatedCVE-2021-4262
N/A
N/A
N/A
leanote -- leanoteA vulnerability, which was classified as problematic, has been found in leanote. This issue affects the function define of the file public/js/plugins/history.js. The manipulation of the argument content leads to cross site scripting. The attack may be initiated remotely. The name of the patch is https:/github.com/leanote/leanote/commit/0f9733c890077942150696dcc6d2b1482b7a0a19. It is recommended to apply a patch to fix this issue. The identifier VDB-216461 was assigned to this vulnerability.2022-12-21not yet calculatedCVE-2021-4263
N/A
N/A
linkedin -- dustjsA vulnerability was found in LinkedIn dustjs up to 2.x and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.0.0 is able to address this issue. The name of the patch is ddb6523832465d38c9d80189e9de60519ac307c3. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216464.2022-12-21not yet calculatedCVE-2021-4264
N/A
N/A
N/A
N/A
MISC
MISC
siwapp -- siwapp-rorA vulnerability was found in siwapp-ror. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 924d16008cfcc09356c87db01848e45290cb58ca. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216467.2022-12-21not yet calculatedCVE-2021-4265
N/A
N/A
N/A
webdetails -- cpfA vulnerability classified as problematic has been found in Webdetails cpf up to 9.5.0.0-80. Affected is an unknown function of the file core/src/main/java/pt/webdetails/cpf/packager/DependenciesPackage.java. The manipulation of the argument baseUrl leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 9.5.0.0-81 is able to address this issue. The name of the patch is 3bff900d228e8cae3af256b447c5d15bdb03c174. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216468.2022-12-21not yet calculatedCVE-2021-4266
N/A
N/A
N/A
N/A
tad_discuss -- tad_discussA vulnerability classified as problematic was found in tad_discuss. Affected by this vulnerability is an unknown functionality. The manipulation of the argument DiscussTitle leads to cross site scripting. The attack can be launched remotely. The name of the patch is af94d034ff8db642d05fd8788179eab05f433958. It is recommended to apply a patch to fix this issue. The identifier VDB-216469 was assigned to this vulnerability.2022-12-21not yet calculatedCVE-2021-4267
N/A
N/A
N/A
phpredisadmin-- phpredisadmin
 
A vulnerability, which was classified as problematic, was found in phpRedisAdmin up to 1.17.3. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Upgrading to version 1.18.0 is able to address this issue. The name of the patch is b9039adbb264c81333328faa9575ecf8e0d2be94. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216471.2022-12-21not yet calculatedCVE-2021-4268
N/A
N/A
N/A
simplerisk -- simpleriskA vulnerability has been found in SimpleRisk and classified as problematic. This vulnerability affects the function checkAndSetValidation of the file simplerisk/js/common.js. The manipulation of the argument title leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 20220306-001 is able to address this issue. The name of the patch is 591405b4ed160fbefc1dca1e55c5745079a7bb48. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216472.2022-12-21not yet calculatedCVE-2021-4269
N/A
N/A
N/A
imprint_cms -- imprint_cmsA vulnerability was found in Imprint CMS. It has been classified as problematic. Affected is the function SearchForm of the file ImprintCMS/Models/ViewHelpers.cs. The manipulation of the argument query leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is 6140b140ccd02b5e4e7d6ba013ac1225724487f4. It is recommended to apply a patch to fix this issue. VDB-216474 is the identifier assigned to this vulnerability.2022-12-21not yet calculatedCVE-2021-4270
N/A
N/A
w2wiki -- w2wiki
 
A vulnerability was found in panicsteve w2wiki. It has been rated as problematic. Affected by this issue is the function toHTML of the file index.php of the component Markdown Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The name of the patch is 8f1d0470b4ddb1c7699e3308e765c11ed29542b6. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216476.2022-12-21not yet calculatedCVE-2021-4271
N/A
N/A
studygolang -- studygolangA vulnerability classified as problematic has been found in studygolang. This affects an unknown part of the file static/js/topics.js. The manipulation of the argument contentHtml leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is 0fb30f9640bd5fa0cae58922eac6c00bb1a94391. It is recommended to apply a patch to fix this issue. The identifier VDB-216477 was assigned to this vulnerability.2022-12-21not yet calculatedCVE-2021-4272
N/A
N/A
studygolang -- studygolangA vulnerability classified as problematic was found in studygolang. This vulnerability affects the function Search of the file http/controller/search.go. The manipulation of the argument q leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 97ba556d42fa89dfaa7737e9cd3a8ddaf670bb23. It is recommended to apply a patch to fix this issue. VDB-216478 is the identifier assigned to this vulnerability.2022-12-21not yet calculatedCVE-2021-4273
N/A
N/A
N/A
sileht -- bird-lgA vulnerability, which was classified as problematic, has been found in sileht bird-lg. This issue affects some unknown processing of the file templates/layout.html. The manipulation of the argument request_args leads to cross site scripting. The attack may be initiated remotely. The name of the patch is ef6b32c527478fefe7a4436e10b96ee28ed5b308. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216479.2022-12-21not yet calculatedCVE-2021-4274
N/A
N/A
N/A
pyambic-pentameter -- pyambic-pentameterA vulnerability, which was classified as problematic, was found in katlings pyambic-pentameter. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The name of the patch is 974f21aa1b2527ef39c8afe1a5060548217deca8. It is recommended to apply a patch to fix this issue. VDB-216498 is the identifier assigned to this vulnerability.2022-12-21not yet calculatedCVE-2021-4275
N/A
N/A
sourcecodester -- simple_client_management_systemA Stored Cross-site scripting (XSS) vulnerability via MAster.php in Sourcecodetester Simple Client Management System (SCMS) 1.0 allows remote attackers to inject arbitrary web script or HTML via the vulnerable input fields.2022-12-22not yet calculatedCVE-2021-43657
MISC
harmonyos -- harmonyosThe multi-screen collaboration module has a path traversal vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.2022-12-20not yet calculatedCVE-2021-46856
MISC
mozilla -- firefox
 
Mozilla developers and community members Gabriele Svelto, Sebastian Hengst, Randell Jesup, Luan Herrera, Lars T Hansen, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 97.2022-12-22not yet calculatedCVE-2022-0511
MISC
MISC
mozilla -- vpn
 
Mozilla VPN can load an OpenSSL configuration file from an unsecured directory. A user or attacker with limited privileges could leverage this to launch arbitrary code with SYSTEM privilege. This vulnerability affects Mozilla VPN < 2.7.1.2022-12-22not yet calculatedCVE-2022-0517
MISC
MISC
mozilla -- thunderbirdIt may be possible for an attacker to craft an email message that causes Thunderbird to perform an out-of-bounds write of one byte when processing the message. This vulnerability affects Thunderbird < 91.6.1.2022-12-22not yet calculatedCVE-2022-0566
MISC
MISC
mozilla -- firefoxMozilla developers Kershaw Chang, Ryan VanderMeulen, and Randell Jesup reported memory safety bugs present in Firefox 97. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 98.2022-12-22not yet calculatedCVE-2022-0843
MISC
MISC
mozilla -- multiple_products<code>NSSToken</code> objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.2022-12-22not yet calculatedCVE-2022-1097
MISC
MISC
MISC
MISC
mozilla -- multiple_productsAfter a VR Process is destroyed, a reference to it may have been retained and used, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird < 91.8 and Firefox ESR < 91.8.2022-12-22not yet calculatedCVE-2022-1196
MISC
MISC
MISC
mozilla -- thunderbirdWhen importing a revoked key that specified key compromise as the revocation reason, Thunderbird did not update the existing copy of the key that was not yet revoked, and the existing key was kept as non-revoked. Revocation statements that used another revocation reason, or that didn't specify a revocation reason, were unaffected. This vulnerability affects Thunderbird < 91.8.2022-12-22not yet calculatedCVE-2022-1197
MISC
MISC
mozilla -- thunderbirdWhen viewing an email message A, which contains an attached message B, where B is encrypted or digitally signed or both, Thunderbird may show an incorrect encryption or signature status. After opening and viewing the attached message B, when returning to the display of message A, the message A might be shown with the security status of message B. This vulnerability affects Thunderbird < 91.9.2022-12-22not yet calculatedCVE-2022-1520
MISC
MISC
mozilla -- multiple_productsAn attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototype pollution and ultimately attacker-controlled JavaScript executing in the privileged parent process. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1.2022-12-22not yet calculatedCVE-2022-1529
MISC
MISC
mozilla -- multiple_productsIf an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1.2022-12-22not yet calculatedCVE-2022-1802
MISC
MISC
mozilla -- thunderbird
 
When displaying the sender of an email, and the sender name contained the Braille Pattern Blank space character multiple times, Thunderbird would have displayed all the spaces. This could have been used by an attacker to send an email message with the attacker's digital signature, that was shown with an arbitrary sender email address chosen by the attacker. If the sender name started with a false email address, followed by many Braille space characters, the attacker's email address was not visible. Because Thunderbird compared the invisible sender address with the signature's email address, if the signing key or certificate was accepted by Thunderbird, the email was shown as having a valid digital signature. This vulnerability affects Thunderbird < 91.10.2022-12-22not yet calculatedCVE-2022-1834
MISC
MISC
mozilla -- multiple_productsIf an object prototype was corrupted by an attacker, they would have been able to set undesired attributes on a JavaScript object, leading to privileged code execution. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.2022-12-22not yet calculatedCVE-2022-2200
MISC
MISC
MISC
MISC
mozilla -- thunderbird
 
An OpenPGP digital signature includes information about the date when the signature was created. When displaying an email that contains a digital signature, the email's date will be shown. If the dates were different, then Thunderbird didn't report the email as having an invalid signature. If an attacker performed a replay attack, in which an old email with old contents are resent at a later time, it could lead the victim to believe that the statements in the email are current. Fixed versions of Thunderbird will require that the signature's date roughly matches the displayed date of the email. This vulnerability affects Thunderbird < 102 and Thunderbird < 91.11.2022-12-22not yet calculatedCVE-2022-2226
MISC
MISC
ibm -- identity_managerIBM Security Verify Governance, Identity Manager 10.01 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 224915.2022-12-24not yet calculatedCVE-2022-22449
MISC
MISC
ibm -- identity_managerIBM Security Verify Governance, Identity Manager 10.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 225004.2022-12-22not yet calculatedCVE-2022-22456
MISC
MISC
ibm -- identity_managerIBM Security Verify Governance, Identity Manager 10.0.1 stores sensitive information including user credentials in plain clear text which can be read by a local privileged user. IBM X-Force ID: 225007.2022-12-22not yet calculatedCVE-2022-22457
MISC
MISC
ibm -- identity_managerIBM Security Verify Governance, Identity Manager 10.0.1 stores user credentials in plain clear text which can be read by a remote authenticated user. IBM X-Force ID: 225009.2022-12-22not yet calculatedCVE-2022-22458
MISC
MISC
ibm -- identity_managerIBM Security Verify Governance, Identity Manager 10.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225007.2022-12-22not yet calculatedCVE-2022-22461
MISC
MISC
mozilla -- firefoxIf Firefox was installed to a world-writable directory, a local privilege escalation could occur when Firefox searched the current directory for system libraries. However the install directory is not world-writable by default.<br>*This bug only affects Firefox for Windows in a non-default installation. Other operating systems are unaffected.*. This vulnerability affects Firefox < 96.2022-12-22not yet calculatedCVE-2022-22736
MISC
MISC
mozilla -- multiple_productsConstructing audio sinks could have lead to a race condition when playing audio files and closing windows. This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.2022-12-22not yet calculatedCVE-2022-22737
MISC
MISC
MISC
MISC
mozilla -- multiple_productsApplying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.2022-12-22not yet calculatedCVE-2022-22738
MISC
MISC
MISC
MISC
mozilla -- multiple_productsMalicious websites could have tricked users into accepting launching a program to handle an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.2022-12-22not yet calculatedCVE-2022-22739
MISC
MISC
MISC
MISC
mozilla -- multiple_productsCertain network request objects were freed too early when releasing a network request handle. This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.2022-12-22not yet calculatedCVE-2022-22740
MISC
MISC
MISC
MISC
mozilla -- multiple_productsWhen resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.2022-12-22not yet calculatedCVE-2022-22741
MISC
MISC
MISC
MISC
mozilla -- multiple_productsWhen inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.2022-12-22not yet calculatedCVE-2022-22742
MISC
MISC
MISC
MISC
mozilla -- multiple_productsWhen navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.2022-12-22not yet calculatedCVE-2022-22743
MISC
MISC
MISC
MISC
mozilla -- multiple_productsThe constructed curl command from the "Copy as curl" feature in DevTools was not properly escaped for PowerShell. This could have lead to command injection if pasted into a Powershell prompt.<br>*This bug only affects Thunderbird for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.2022-12-22not yet calculatedCVE-2022-22744
MISC
MISC
MISC
MISC
mozilla -- multiple_productsSecuritypolicyviolation events could have leaked cross-origin information for frame-ancestors violations. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.2022-12-22not yet calculatedCVE-2022-22745
MISC
MISC
MISC
MISC
mozilla -- multiple_productsA race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being unnoticed.<br>*This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.2022-12-22not yet calculatedCVE-2022-22746
MISC
MISC
MISC
MISC
mozilla -- multiple_productsAfter accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.2022-12-22not yet calculatedCVE-2022-22747
MISC
MISC
MISC
MISC
mozilla -- multiple_productsMalicious websites could have confused Firefox into showing the wrong origin when asking to launch a program and handling an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.2022-12-22not yet calculatedCVE-2022-22748
MISC
MISC
MISC
MISC
mozilla -- firefox_for_androidWhen scanning QR codes, Firefox for Android would have allowed navigation to some URLs that do not point to web content.<br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 96.2022-12-22not yet calculatedCVE-2022-22749
MISC
MISC
mozilla -- multiple_productsBy generally accepting and passing resource handles across processes, a compromised content process might have confused higher privileged processes to interact with handles that the unprivileged process should not have access to.<br>*This bug only affects Firefox for Windows and MacOS. Other operating systems are unaffected.*. This vulnerability affects Firefox < 96.2022-12-22not yet calculatedCVE-2022-22750
MISC
MISC
mozilla -- multiple_productsMozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.2022-12-22not yet calculatedCVE-2022-22751
MISC
MISC
MISC
MISC
mozilla -- firefoxMozilla developers Christian Holler and Jason Kratzer reported memory safety bugs present in Firefox 95. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 96.2022-12-22not yet calculatedCVE-2022-22752
MISC
MISC
mozilla -- multiple_productsA Time-of-Check Time-of-Use bug existed in the Maintenance (Updater) Service that could be abused to grant Users write access to an arbitrary directory. This could have been used to escalate to SYSTEM access.<br>*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.2022-12-22not yet calculatedCVE-2022-22753
MISC
MISC
MISC
MISC
mozilla -- multiple_productsIf a user installed an extension of a particular type, the extension could have auto-updated itself and while doing so, bypass the prompt which grants the new version the new requested permissions. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.2022-12-22not yet calculatedCVE-2022-22754
MISC
MISC
MISC
MISC
mozilla -- firefoxBy using XSL Transforms, a malicious webserver could have served a user an XSL document that would continue to execute JavaScript (within the bounds of the same-origin policy) even after the tab was closed. This vulnerability affects Firefox < 97.2022-12-22not yet calculatedCVE-2022-22755
MISC
MISC
mozilla -- multiple_productsIf a user was convinced to drag and drop an image to their desktop or other folder, the resulting object could have been changed into an executable script which would have run arbitrary code after the user clicked on it. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.2022-12-22not yet calculatedCVE-2022-22756
MISC
MISC
MISC
MISC
mozilla -- firefoxRemote Agent, used in WebDriver, did not validate the Host or Origin headers. This could have allowed websites to connect back locally to the user's browser to control it. <br>*This bug only affected Firefox when WebDriver was enabled, which is not the default configuration.*. This vulnerability affects Firefox < 97.2022-12-22not yet calculatedCVE-2022-22757
MISC
MISC
mozilla -- firefoxWhen clicking on a tel: link, USSD codes, specified after a <code>\*</code> character, would be included in the phone number. On certain phones, or on certain carriers, if the number was dialed this could perform actions on a user's account, similar to a cross-site request forgery attack.<br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 97.2022-12-22not yet calculatedCVE-2022-22758
MISC
MISC
mozilla -- multiple_productsIf a document created a sandboxed iframe without <code>allow-scripts</code>, and subsequently appended an element to the iframe's document that e.g. had a JavaScript event handler - the event handler would have run despite the iframe's sandbox. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.2022-12-22not yet calculatedCVE-2022-22759
MISC
MISC
MISC
MISC
mozilla -- multiple_productsWhen importing resources using Web Workers, error messages would distinguish the difference between <code>application/javascript</code> responses and non-script responses. This could have been abused to learn information cross-origin. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.2022-12-22not yet calculatedCVE-2022-22760
MISC
MISC
MISC
MISC
MISC
mozilla -- multiple_productsWeb-accessible extension pages (pages with a moz-extension:// scheme) were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension's Content Security Policy. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.2022-12-22not yet calculatedCVE-2022-22761
MISC
MISC
MISC
MISC
mozilla -- firefox_for_androidUnder certain circumstances, a JavaScript alert (or prompt) could have been shown while another website was displayed underneath it. This could have been abused to trick the user. <br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 97.2022-12-22not yet calculatedCVE-2022-22762
MISC
MISC
mozilla -- multiple_productsWhen a worker is shutdown, it was possible to cause script to run late in the lifecycle, at a point after where it should not be possible. This vulnerability affects Firefox < 96, Thunderbird < 91.6, and Firefox ESR < 91.6.2022-12-22not yet calculatedCVE-2022-22763
MISC
MISC
MISC
MISC
mozilla -- multiple_products
 
Mozilla developers Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96 and Firefox ESR 91.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.2022-12-22not yet calculatedCVE-2022-22764
MISC
MISC
MISC
MISC
pi-hole -- adminltePi-Hole is a network-wide ad blocking via your own Linux hardware, AdminLTE is a Pi-hole Dashboard for stats and more. In case of an attack, the threat actor will obtain the ability to perform an unauthorized query for blocked domains on `queryads` endpoint. In the case of application, this vulnerability exists because of a lack of validation in code on a root server path: `/admin/scripts/pi-hole/phpqueryads.php.` Potential threat actor(s) are able to perform an unauthorized query search in blocked domain lists. This could lead to the disclosure for any victims' personal blacklists.2022-12-23not yet calculatedCVE-2022-23513
MISC
MISC
auth0 -- jsonwebtokennode-jsonwebtoken is a JsonWebToken implementation for node.js. For versions `<= 8.5.1` of `jsonwebtoken` library, if a malicious actor has the ability to modify the key retrieval parameter (referring to the `secretOrPublicKey` argument from the readme link of the `jwt.verify()` function, they can write arbitrary files on the host machine. Users are affected only if untrusted entities are allowed to modify the key retrieval parameter of the `jwt.verify()` on a host that you control. This issue has been fixed, please update to version 9.0.0.2022-12-21not yet calculatedCVE-2022-23529
MISC
MISC
cortex_project -- cortex
 
Cortex provides multi-tenant, long term storage for Prometheus. A local file inclusion vulnerability exists in Cortex versions 1.13.0, 1.13.1 and 1.14.0, where a malicious actor could remotely read local files as a result of parsing maliciously crafted Alertmanager configurations when submitted to the Alertmanager Set Configuration API. Only users of the Alertmanager service where `-experimental.alertmanager.enable-api` or `enable_api: true` is configured are affected. Affected Cortex users are advised to upgrade to patched versions 1.13.2 or 1.14.1. However as a workaround, Cortex administrators may reject Alertmanager configurations containing the `api_key_file` setting in the `opsgenie_configs` section before sending to the Set Alertmanager Configuration API.2022-12-19not yet calculatedCVE-2022-23536
MISC
MISC
MISC
MISC
pjsip -- pjsipPJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects applications that uses STUN including PJNATH and PJSUA-LIB. The patch is available as a commit in the master branch (2.13.1).2022-12-20not yet calculatedCVE-2022-23537
MISC
MISC
auth0 -- jsonwebtokenVersions `<=8.5.1` of `jsonwebtoken` library could be misconfigured so that legacy, insecure key types are used for signature verification. For example, DSA keys could be used with the RS256 algorithm. You are affected if you are using an algorithm and a key type other than a combination listed in the GitHub Security Advisory as unaffected. This issue has been fixed, please update to version 9.0.0. This version validates for asymmetric key type and algorithm combinations. Please refer to the above mentioned algorithm / key type combinations for the valid secure configuration. After updating to version 9.0.0, if you still intend to continue with signing or verifying tokens using invalid key type/algorithm value combinations, you’ll need to set the `allowInvalidAsymmetricKeyTypes` option to `true` in the `sign()` and/or `verify()` functions.2022-12-23not yet calculatedCVE-2022-23539
MISC
MISC
auth0 -- jsonwebtokenIn versions `<=8.5.1` of `jsonwebtoken` library, lack of algorithm definition in the `jwt.verify()` function can lead to signature validation bypass due to defaulting to the `none` algorithm for signature verification. Users are affected if you do not specify algorithms in the `jwt.verify()` function. This issue has been fixed, please update to version 9.0.0 which removes the default support for the none algorithm in the `jwt.verify()` method. There will be no impact, if you update to version 9.0.0 and you don’t need to allow for the `none` algorithm. If you need 'none' algorithm, you have to explicitly specify that in `jwt.verify()` options.2022-12-22not yet calculatedCVE-2022-23540
MISC
MISC
auth0 -- jsonwebtokenjsonwebtoken is an implementation of JSON Web Tokens. Versions `<= 8.5.1` of `jsonwebtoken` library can be misconfigured so that passing a poorly implemented key retrieval function referring to the `secretOrPublicKey` argument from the readme link will result in incorrect verification of tokens. There is a possibility of using a different algorithm and key combination in verification, other than the one that was used to sign the tokens. Specifically, tokens signed with an asymmetric public key could be verified with a symmetric HS256 algorithm. This can lead to successful validation of forged tokens. If your application is supporting usage of both symmetric key and asymmetric key in jwt.verify() implementation with the same key retrieval function. This issue has been patched, please update to version 9.0.0.2022-12-22not yet calculatedCVE-2022-23541
MISC
MISC
MISC
openfga -- openfgaOpenFGA is an authorization/permission engine built for developers and inspired by Google Zanzibar. During an internal security assessment, it was discovered that OpenFGA version 0.3.0 is vulnerable to authorization bypass under certain conditions. This issue has been patched in version 0.3.1 and is backward compatible.2022-12-20not yet calculatedCVE-2022-23542
MISC
MISC
MISC
silverware_games -- silverware_gamesSilverware Games is a social network where people can play games online. Users can attach URLs to YouTube videos, the site will generate related `<iframe>` when the post will be published. The handler has some sort of protection so non-YouTube links can't be posted, as well as HTML tags are being stripped. However, it was still possible to add custom HTML attributes (e.g. `onclick=alert("xss")`) to the `<iframe>'. This issue was fixed in the version `1.1.34` and does not require any extra actions from our members. There has been no evidence that this vulnerability was used by anyone at this time.2022-12-19not yet calculatedCVE-2022-23543
MISC
pjsip -- pjsipPJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. This issue is similar to GHSA-9pfh-r8x4-w26w. Possible buffer overread when parsing a certain STUN message. The vulnerability affects applications that uses STUN including PJNATH and PJSUA-LIB. The patch is available as commit in the master branch.2022-12-23not yet calculatedCVE-2022-23547
MISC
MISC
MISC
azure -- aad-pod-identityaad-pod-identity assigns Azure Active Directory identities to Kubernetes applications and has now been deprecated as of 24 October 2022. The NMI component in AAD Pod Identity intercepts and validates token requests based on regex. In this case, a token request made with backslash in the request (example: `/metadata/identity\oauth2\token/`) would bypass the NMI validation and be sent to IMDS allowing a pod in the cluster to access identities that it shouldn't have access to. This issue has been fixed and has been included in AAD Pod Identity release version 1.8.13. If using the AKS pod-managed identities add-on, no action is required. The clusters should now be running the version 1.8.13 release.2022-12-21not yet calculatedCVE-2022-23551
MISC
MISC
MISC
codeigniter4 -- codeigniter4CodeIgniter is a PHP full-stack web framework. This vulnerability may allow attackers to spoof their IP address when the server is behind a reverse proxy. This issue has been patched, please upgrade to version 4.2.11 or later, and configure `Config\App::$proxyIPs`. As a workaround, do not use `$request->getIPAddress()`.2022-12-22not yet calculatedCVE-2022-23556
MISC
MISC
aveva -- intouch_access_anywhereAVEVA InTouch Access Anywhere versions 2020 R2 and older are vulnerable to a path traversal exploit that could allow an unauthenticated user with network access to read files on the system outside of the secure gateway web server.2022-12-23not yet calculatedCVE-2022-23854
MISC
snyk -- abacus-ext-cmdlineAll versions of package abacus-ext-cmdline are vulnerable to Command Injection via the execute function due to improper user-input sanitization.2022-12-21not yet calculatedCVE-2022-24431
CONFIRM
mozilla -- multiple_productsMozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.1, Firefox < 103, and Thunderbird < 102.1.2022-12-22not yet calculatedCVE-2022-2505
MISC
MISC
MISC
MISC
snyk -- p4The package p4 before 0.0.7 are vulnerable to Command Injection via the run() function due to improper input sanitization2022-12-20not yet calculatedCVE-2022-25171
CONFIRM
CONFIRM
CONFIRM
vm2 -- vm2The package vm2 before 3.9.10 are vulnerable to Arbitrary Code Execution due to the usage of prototype lookup for the WeakMap.prototype.set method. Exploiting this vulnerability leads to access to a host object and a sandbox compromise.2022-12-21not yet calculatedCVE-2022-25893
CONFIRM
CONFIRM
CONFIRM
CONFIRM
snyk -- lite-dev-serverAll versions of package lite-dev-server are vulnerable to Directory Traversal due to missing input sanitization and sandboxes being employed to the req.url user input that is passed to the server code.2022-12-21not yet calculatedCVE-2022-25895
CONFIRM
CONFIRM
CONFIRM

snyk -- safe-eval

All versions of package safe-eval are vulnerable to Prototype Pollution which allows an attacker to add or modify properties of the Object.prototype.Consolidate when using the function safeEval. This is because the function uses vm variable, leading an attacker to modify properties of the Object.prototype.2022-12-20not yet calculatedCVE-2022-25904
CONFIRM
CONFIRM

snyk-- smoothie

The package smoothie from 1.31.0 and before 1.36.1 are vulnerable to Cross-site Scripting (XSS) due to improper user input sanitization in strokeStyle and tooltipLabel properties. Exploiting this vulnerability is possible when the user can control these properties.2022-12-21not yet calculatedCVE-2022-25929
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
snyk -- easy-static-serverAll versions of package easy-static-server are vulnerable to Directory Traversal due to missing input sanitization and sandboxes being employed to the req.url user input that is passed to the server code.2022-12-20not yet calculatedCVE-2022-25931
CONFIRM
CONFIRM
CONFIRM

snyk -- package_lite_server

All versions of package lite-server are vulnerable to Denial of Service (DoS) when an attacker sends an HTTP request and includes control characters that the decodeURI() function is unable to parse.2022-12-20not yet calculatedCVE-2022-25940
CONFIRM
CONFIRM
CONFIRM
liquidjs -- liquidjsThe package liquidjs before 10.0.0 are vulnerable to Information Exposure when ownPropertyOnly parameter is set to False, which results in leaking properties of a prototype. Workaround For versions 9.34.0 and higher, an option to disable this functionality is provided.2022-12-22not yet calculatedCVE-2022-25948
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
mozilla -- multiple_productsAn attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.2022-12-22not yet calculatedCVE-2022-26381
MISC
MISC
MISC
MISC
mozilla -- firefoxWhile the text displayed in Autofill tooltips cannot be directly read by JavaScript, the text was rendered using page fonts. Side-channel attacks on the text by using specially crafted fonts could have lead to this text being inferred by the webpage. This vulnerability affects Firefox < 98.2022-12-22not yet calculatedCVE-2022-26382
MISC
MISC
mozilla -- multiple_productsWhen resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.2022-12-22not yet calculatedCVE-2022-26383
MISC
MISC
MISC
MISC
mozilla -- multiple_productsIf an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.2022-12-22not yet calculatedCVE-2022-26384
MISC
MISC
MISC
MISC
mozilla -- firefoxIn unusual circumstances, an individual thread may outlive the thread's manager during shutdown. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 98.2022-12-22not yet calculatedCVE-2022-26385
MISC
MISC
mozilla -- multiple_productsPreviously Firefox for macOS and Linux would download temporary files to a user-specific directory in <code>/tmp</code>, but this behavior was changed to download them to <code>/tmp</code> where they could be affected by other local users. This behavior was reverted to the original, user-specific directory. <br>*This bug only affects Firefox for macOS and Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.7 and Thunderbird < 91.7.2022-12-22not yet calculatedCVE-2022-26386
MISC
MISC
MISC
mozilla -- multiple_productsWhen installing an add-on, Firefox verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified and Firefox would not have noticed. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.2022-12-22not yet calculatedCVE-2022-26387
MISC
MISC
MISC
MISC
mozilla -- multiple_productsRemoving an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.2022-12-22not yet calculatedCVE-2022-26485
MISC
MISC
mozilla -- multiple_productsAn unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.2022-12-22not yet calculatedCVE-2022-26486
MISC
MISC
hikivision -- multiple_productsThe web server of some Hikvision wireless bridge products have an access control vulnerability which can be used to obtain the admin permission. The attacker can exploit the vulnerability by sending crafted messages to the affected devices.2022-12-19not yet calculatedCVE-2022-28173
MISC
ydb -- serverOut-of-bounds read was discovered in YDB server. An attacker could construct a query with insert statement that would allow him to read sensitive information from other memory locations or cause a crash.2022-12-23not yet calculatedCVE-2022-28228
MISC
userver -- userverThe hash functionality in userver before 42059b6319661583b3080cab9b595d4f8ac48128 allows attackers to cause a denial of service via crafted HTTP request, involving collisions.2022-12-23not yet calculatedCVE-2022-28229
MISC
mozilla -- multiple_productsIf a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent process, an out of bounds write would have occurred leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.2022-12-22not yet calculatedCVE-2022-28281
MISC
MISC
MISC
MISC
mozilla -- multiple_productsBy using a link with <code>rel="localization"</code> a use-after-free could have been triggered by destroying an object during JavaScript execution and then referencing the object through a freed pointer, leading to a potential exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.2022-12-22not yet calculatedCVE-2022-28282
MISC
MISC
MISC
MISC
mozilla -- firefoxThe sourceMapURL feature in devtools was missing security checks that would have allowed a webpage to attempt to include local files or other files that should have been inaccessible. This vulnerability affects Firefox < 99.2022-12-22not yet calculatedCVE-2022-28283
MISC
MISC
mozilla -- firefoxSVG's <code>&lt;use&gt;</code> element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko's implementation was aligned with theirs. This vulnerability affects Firefox < 99.2022-12-22not yet calculatedCVE-2022-28284
MISC
MISC
mozilla -- multiple_productsWhen generating the assembly code for <code>MLoadTypedArrayElementHole</code>, an incorrect AliasSet was used. In conjunction with another vulnerability this could have been used for an out of bounds memory read. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.2022-12-22not yet calculatedCVE-2022-28285
MISC
MISC
MISC
MISC
mozilla -- multiple_productsDue to a layout change, iframe contents could have been rendered outside of its border. This could have led to user confusion or spoofing attacks. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.2022-12-22not yet calculatedCVE-2022-28286
MISC
MISC
MISC
MISC
mozilla -- firefoxIn unusual circumstances, selecting text could cause text selection caching to behave incorrectly, leading to a crash. This vulnerability affects Firefox < 99.2022-12-22not yet calculatedCVE-2022-28287
MISC
MISC
mozilla -- firefoxMozilla developers and community members Randell Jesup, Sebastian Hengst, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 98. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 99.2022-12-22not yet calculatedCVE-2022-28288
MISC
MISC
mozilla -- multiple_productsMozilla developers and community members Nika Layzell, Andrew McCreight, Gabriele Svelto, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 91.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.2022-12-22not yet calculatedCVE-2022-28289
MISC
MISC
MISC
MISC
mozilla -- multiple_productsDocuments in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.2022-12-22not yet calculatedCVE-2022-29909
MISC
MISC
MISC
MISC
mozilla -- firefoxWhen closed or sent to the background, Firefox for Android would not properly record and persist HSTS settings.<br>*Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 100.2022-12-22not yet calculatedCVE-2022-29910
MISC
MISC
mozilla -- multiple_productsAn improper implementation of the new iframe sandbox keyword <code>allow-top-navigation-by-user-activation</code> could lead to script execution without <code>allow-scripts</code> being present. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.2022-12-22not yet calculatedCVE-2022-29911
MISC
MISC
MISC
MISC
mozilla -- multiple_productsRequests initiated through reader mode did not properly omit cookies with a SameSite attribute. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.2022-12-22not yet calculatedCVE-2022-29912
MISC
MISC
MISC
MISC
mozilla -- thunderbirdThe parent process would not properly check whether the Speech Synthesis feature is enabled, when receiving instructions from a child process. This vulnerability affects Thunderbird < 91.9.2022-12-22not yet calculatedCVE-2022-29913
MISC
MISC
mozilla -- multiple_productsWhen reusing existing popups Firefox would have allowed them to cover the fullscreen notification UI, which could have enabled browser spoofing attacks. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.2022-12-22not yet calculatedCVE-2022-29914
MISC
MISC
MISC
MISC

mozilla -- firefox

The Performance API did not properly hide the fact whether a request cross-origin resource has observed redirects. This vulnerability affects Firefox < 100.2022-12-22not yet calculatedCVE-2022-29915
MISC
MISC
mozilla -- multiple_productsFirefox behaved slightly differently for already known resources when loading CSS resources involving CSS variables. This could have been used to probe the browser history. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.2022-12-22not yet calculatedCVE-2022-29916
MISC
MISC
MISC
MISC
mozilla -- multiple_productsMozilla developers Andrew McCreight, Gabriele Svelto, Tom Ritter and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99 and Firefox ESR 91.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.2022-12-22not yet calculatedCVE-2022-29917
MISC
MISC
MISC
MISC

mozilla -- firefox

Mozilla developers Gabriele Svelto, Randell Jesup and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 100.2022-12-22not yet calculatedCVE-2022-29918
MISC
MISC
mozilla -- thunderbirdWhen receiving an HTML email that contained an <code>iframe</code> element, which used a <code>srcdoc</code> attribute to define the inner HTML document, remote objects specified in the nested document, for example images or videos, were not blocked. Rather, the network was accessed, the objects were loaded and displayed. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1.2022-12-22not yet calculatedCVE-2022-3032
MISC
MISC
MISC
mozilla -- thunderbirdIf a Thunderbird user replied to a crafted HTML email containing a <code>meta</code> tag, with the <code>meta</code> tag having the <code>http-equiv="refresh"</code> attribute, and the content attribute specifying an URL, then Thunderbird started a network request to that URL, regardless of the configuration to block remote content. In combination with certain other HTML elements and attributes in the email, it was possible to execute JavaScript code included in the message in the context of the message compose document. The JavaScript code was able to perform actions including, but probably not limited to, read and modify the contents of the message compose document, including the quoted original message, which could potentially contain the decrypted plaintext of encrypted data in the crafted email. The contents could then be transmitted to the network, either to the URL specified in the META refresh tag, or to a different URL, as the JavaScript code could modify the URL specified in the document. This bug doesn't affect users who have changed the default Message Body display setting to 'simple html' or 'plain text'. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1.2022-12-22not yet calculatedCVE-2022-3033
MISC
MISC
MISC
mozilla -- thunderbirdWhen receiving an HTML email that specified to load an <code>iframe</code> element from a remote location, a request to the remote document was sent. However, Thunderbird didn't display the document. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1.2022-12-22not yet calculatedCVE-2022-3034
MISC
MISC
MISC
mozilla -- thunderbirdWhen saving or opening an email attachment on macOS, Thunderbird did not set attribute com.apple.quarantine on the received file. If the received file was an application and the user attempted to open it, then the application was started immediately without asking the user to confirm. This vulnerability affects Thunderbird < 102.3.2022-12-22not yet calculatedCVE-2022-3155
MISC
MISC
concourse -- concourseConcourse (7.x.y prior to 7.8.3 and 6.x.y prior to 6.7.9) contains an authorization bypass issue. A Concourse user can send a request with body including :team_name=team2 to bypass team scope check to gain access to certain resources belong to any other team.2022-12-19not yet calculatedCVE-2022-31683
MISC
mozilla -- multiple_productsA malicious website could have learned the size of a cross-origin resource that supported Range requests. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.2022-12-22not yet calculatedCVE-2022-31736
MISC
MISC
MISC
MISC
mozilla -- multiple_productsA malicious webpage could have caused an out-of-bounds write in WebGL, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.2022-12-22not yet calculatedCVE-2022-31737
MISC
MISC
MISC
MISC
mozilla -- multiple_productsWhen exiting fullscreen mode, an iframe could have confused the browser about the current state of fullscreen, resulting in potential user confusion or spoofing attacks. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.2022-12-22not yet calculatedCVE-2022-31738
MISC
MISC
MISC
MISC
mozilla -- multiple_productsWhen downloading files on Windows, the % character was not escaped, which could have lead to a download incorrectly being saved to attacker-influenced paths that used variables such as %HOMEPATH% or %APPDATA%.<br>*This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.2022-12-22not yet calculatedCVE-2022-31739
MISC
MISC
MISC
MISC
mozilla -- multiple_productsOn arm64, WASM code could have resulted in incorrect assembly generation leading to a register allocation problem, and a potentially exploitable crash. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.2022-12-22not yet calculatedCVE-2022-31740
MISC
MISC
MISC
MISC
mozilla -- multiple_productsA crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.2022-12-22not yet calculatedCVE-2022-31741
MISC
MISC
MISC
MISC
mozilla -- multiple_productsAn attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key handles and cross-origin key handles. This could have led to cross-origin account linking in violation of WebAuthn goals. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.2022-12-22not yet calculatedCVE-2022-31742
MISC
MISC
MISC
MISC
mozilla -- firefoxFirefox's HTML parser did not correctly interpret HTML comment tags, resulting in an incongruity with other browsers. This could have been used to escape HTML comments on pages that put user-controlled data in them. This vulnerability affects Firefox < 101.2022-12-22not yet calculatedCVE-2022-31743
MISC
MISC
mozilla -- multiple_productsAn attacker could have injected CSS into stylesheets accessible via internal URIs, such as resource:, and in doing so bypass a page's Content Security Policy. This vulnerability affects Firefox ESR < 91.11, Thunderbird < 102, Thunderbird < 91.11, and Firefox < 101.2022-12-22not yet calculatedCVE-2022-31744
MISC
MISC
MISC
MISC
mozilla -- firefoxIf array shift operations are not used, the Garbage Collector may have become confused about valid objects. This vulnerability affects Firefox < 101.2022-12-22not yet calculatedCVE-2022-31745
MISC
MISC
mozilla -- firefox_for_iosInternal URLs are protected by a secret UUID key, which could have been leaked to web page through the Referrer header. This vulnerability affects Firefox for iOS < 102.2022-12-22not yet calculatedCVE-2022-31746
MISC
MISC
mozilla -- multiple_productsMozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100 and Firefox ESR 91.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.2022-12-22not yet calculatedCVE-2022-31747
MISC
MISC
MISC
MISC
mozilla -- firefoxMozilla developers Gabriele Svelto, Timothy Nikkel, Randell Jesup, Jon Coppeard, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 101.2022-12-22not yet calculatedCVE-2022-31748
MISC
MISC
dataprobe -- iboot-pdu_fwDataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where a specific function does not sanitize the input provided by the user, which may expose the affected to an OS command injection vulnerability.2022-12-21not yet calculatedCVE-2022-3183
MISC
dataprobe -- iboot-pdu_fwDataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the device’s existing firmware allows unauthenticated users to access an old PHP page vulnerable to directory traversal, which may allow a user to write a file to the webroot directory.2022-12-21not yet calculatedCVE-2022-3184
MISC
dataprobe -- iboot-pdu_fwDataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the affected product exposes sensitive data concerning the device.2022-12-21not yet calculatedCVE-2022-3185
MISC
dataprobe -- iboot-pdu_fwDataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the affected product allows an attacker to access the device’s main management page from the cloud. This feature enables users to remotely connect devices, however, the current implementation permits users to access other device's information.2022-12-21not yet calculatedCVE-2022-3186
MISC
dataprobe -- iboot-pdu_fwDataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where certain PHP pages only validate when a valid connection is established with the database. However, these PHP pages do not verify the validity of a user. Attackers could leverage this lack of verification to read the state of outlets.2022-12-21not yet calculatedCVE-2022-3187
MISC
dataprobe -- iboot-pdu_fwDataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where unauthenticated users could open PHP index pages without authentication and download the history file from the device; the history file includes the latest actions completed by specific users.2022-12-21not yet calculatedCVE-2022-3188
MISC
dataprobe -- iboot-pdu_fwDataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where a specially crafted PHP script could use parameters from a HTTP request to create a URL capable of changing the host parameter. The changed host parameter in the HTTP could point to another host that will send a request to the host or IP specified in the changed host parameter.2022-12-21not yet calculatedCVE-2022-3189
MISC
mozilla -- multiple_productsAn out-of-bounds read can occur when decoding H264 video. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.2022-12-22not yet calculatedCVE-2022-3266
MISC
MISC
MISC
MISC
mitsubishi_electric -- multiple_productsImproper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU Firmware versions "32" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions "65" and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R08/16/32/120SFCPU all versions, Mitsubishi Electric Corporation MELSEC iQ-R Series R12CCPU-V all versions, Mitsubishi Electric Corporation MELSEC iQ-L Series L04/08/16/32HCPU all versions and Mitsubishi Electric Corporation MELIPC Series MI5122-VW all versions allows a remote unauthenticated attacker to cause a Denial of Service condition in Ethernet communication on the module by sending specially crafted packets. A system reset of the module is required for recovery.2022-12-23not yet calculatedCVE-2022-33324
MISC
MISC
MISC
mozilla -- multiple_productsAn iframe that was not permitted to run scripts could do so if the user clicked on a <code>javascript:</code> link. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.2022-12-22not yet calculatedCVE-2022-34468
MISC
MISC
MISC
MISC

mozilla -- firefox_for_android

When a TLS Certificate error occurs on a domain protected by the HSTS header, the browser should not allow the user to bypass the certificate error. On Firefox for Android, the user was presented with the option to bypass the error; this could only have been done by the user explicitly. <br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 102.2022-12-22not yet calculatedCVE-2022-34469
MISC
MISC

mozilla -- multiple_products

Session history navigations may have led to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.2022-12-22not yet calculatedCVE-2022-34470
MISC
MISC
MISC
MISC
mozilla -- firefoxWhen downloading an update for an addon, the downloaded addon update's version was not verified to match the version selected from the manifest. If the manifest had been tampered with on the server, an attacker could trick the browser into downgrading the addon to a prior version. This vulnerability affects Firefox < 102.2022-12-22not yet calculatedCVE-2022-34471
MISC
MISC
mozilla -- multiple_productsIf there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrect error pages being shown. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.2022-12-22not yet calculatedCVE-2022-34472
MISC
MISC
MISC
MISC
mozilla -- firefox
 
The HTML Sanitizer should have sanitized the <code>href</code> attribute of SVG <code>&lt;use&gt;</code> tags; however it incorrectly did not sanitize <code>xlink:href</code> attributes. This vulnerability affects Firefox < 102.2022-12-22not yet calculatedCVE-2022-34473
MISC
MISC
mozilla -- firefoxEven when an iframe was sandboxed with <code>allow-top-navigation-by-user-activation</code>, if it received a redirect header to an external protocol the browser would process the redirect and prompt the user as appropriate. This vulnerability affects Firefox < 102.2022-12-22not yet calculatedCVE-2022-34474
MISC
MISC
mozilla -- firefoxSVG <code>&lt;use&gt;</code> tags that referenced a same-origin document could have resulted in script execution if attacker input was sanitized via the HTML Sanitizer API. This would have required the attacker to reference a same-origin JavaScript file containing the script to be executed. This vulnerability affects Firefox < 102.2022-12-22not yet calculatedCVE-2022-34475
MISC
MISC
mozilla -- firefoxASN.1 parsing of an indefinite SEQUENCE inside an indefinite GROUP could have resulted in the parser accepting malformed ASN.1. This vulnerability affects Firefox < 102.2022-12-22not yet calculatedCVE-2022-34476
MISC
MISC
mozilla -- firefoxThe MediaError message property should be consistent to avoid leaking information about cross-origin resources; however for a same-site cross-origin resource, the message could have leaked information enabling XS-Leaks attacks. This vulnerability affects Firefox < 102.2022-12-22not yet calculatedCVE-2022-34477
MISC
MISC
mozilla -- multiple_productsThe <code>ms-msdt</code>, <code>search</code>, and <code>search-ms</code> protocols deliver content to Microsoft applications, bypassing the browser, when a user accepts a prompt. These applications have had known vulnerabilities, exploited in the wild (although we know of none exploited through Thunderbird), so in this release Thunderbird has blocked these protocols from prompting the user to open them.<br>*This bug only affects Thunderbird on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.2022-12-22not yet calculatedCVE-2022-34478
MISC
MISC
MISC
MISC
mozilla -- multiple_productsA malicious website that could create a popup could have resized the popup to overlay the address bar with its own content, resulting in potential user confusion or spoofing attacks. <br>*This bug only affects Thunderbird for Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.2022-12-22not yet calculatedCVE-2022-34479
MISC
MISC
MISC
MISC
mozilla -- firefoxWithin the <code>lg_init()</code> function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated. This vulnerability affects Firefox < 102.2022-12-22not yet calculatedCVE-2022-34480
MISC
MISC
mozilla -- multiple_productsIn the <code>nsTArray_Impl::ReplaceElementsAt()</code> function, an integer overflow could have occurred when the number of elements to replace was too large for the container. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.2022-12-22not yet calculatedCVE-2022-34481
MISC
MISC
MISC
MISC
mozilla -- firefoxAn attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from CVE-2022-34483. This vulnerability affects Firefox < 102.2022-12-22not yet calculatedCVE-2022-34482
MISC
MISC
mozilla -- firefoxAn attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from CVE-2022-34482. This vulnerability affects Firefox < 102.2022-12-22not yet calculatedCVE-2022-34483
MISC
MISC
mozilla -- multiple_productsThe Mozilla Fuzzing Team reported potential vulnerabilities present in Thunderbird 91.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.2022-12-22not yet calculatedCVE-2022-34484
MISC
MISC
MISC
MISC
mozilla -- firefoxMozilla developers Bryce Seager van Dyk and the Mozilla Fuzzing Team reported potential vulnerabilities present in Firefox 101. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 102.2022-12-22not yet calculatedCVE-2022-34485
MISC
MISC
ibm -- security_verify_governance_identity_managerIBM Security Verify Governance, Identity Manager 10.0.1 software component could allow an authenticated user to modify or cancel any other user's access request using man-in-the-middle techniques. IBM X-Force ID: 231096.2022-12-22not yet calculatedCVE-2022-35646
MISC
MISC
nokia -- fastmileNokia Fastmile 3tg00118abad52 is affected by an authenticated path traversal vulnerability which allows attackers to read any named pipe file on the system.2022-12-21not yet calculatedCVE-2022-36221
MISC
nokia -- fastmileNokia Fastmile 3tg00118abad52 devices shipped by Optus are shipped with a default hardcoded admin account of admin:Nq+L5st7o This account can be used locally to access the web admin interface.2022-12-21not yet calculatedCVE-2022-36222
MISC
mozilla -- multiple_productsWhen opening a Windows shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system.<br>This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 102.1, Firefox < 103, and Thunderbird < 102.1.2022-12-22not yet calculatedCVE-2022-36314
MISC
MISC
MISC
MISC
mozilla -- firefoxWhen loading a script with Subresource Integrity, attackers with an injection capability could trigger the reuse of previously cached entries with incorrect, different integrity metadata. This vulnerability affects Firefox < 103.2022-12-22not yet calculatedCVE-2022-36315
MISC
MISC
mozilla -- firefoxWhen using the Performance API, an attacker was able to notice subtle differences between PerformanceEntries and thus learn whether the target URL had been subject to a redirect. This vulnerability affects Firefox < 103.2022-12-22not yet calculatedCVE-2022-36316
MISC
MISC
mozilla -- firefoxWhen visiting a website with an overly long URL, the user interface would start to hang. Due to session restore, this could lead to a permanent Denial of Service.<br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 103.2022-12-22not yet calculatedCVE-2022-36317
MISC
MISC
mozilla -- multiple_productsWhen visiting directory listings for `chrome://` URLs as source text, some parameters were reflected. This vulnerability affects Firefox ESR < 102.1, Firefox ESR < 91.12, Firefox < 103, Thunderbird < 102.1, and Thunderbird < 91.12.2022-12-22not yet calculatedCVE-2022-36318
MISC
MISC
MISC
MISC
MISC
MISC
mozilla -- multiple_productsWhen combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed. This vulnerability affects Firefox ESR < 102.1, Firefox ESR < 91.12, Firefox < 103, Thunderbird < 102.1, and Thunderbird < 91.12.2022-12-22not yet calculatedCVE-2022-36319
MISC
MISC
MISC
MISC
MISC
MISC
mozilla -- firefoxMozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 103.2022-12-22not yet calculatedCVE-2022-36320
MISC
MISC
talos -- openimageio_master-branchA heap out-of-bounds read vulnerability exists in the RLA format parser of OpenImageIO master-branch-9aeece7a and v2.3.19.0. More specifically, in the way run-length encoded byte spans are handled. A malformed RLA file can lead to an out-of-bounds read of heap metadata which can result in sensitive information leak. An attacker can provide a malicious file to trigger this vulnerability.2022-12-22not yet calculatedCVE-2022-36354
MISC
rockwell_automation -- logix_controllersAn unauthorized user could use a specially crafted sequence of Ethernet/IP messages, combined with heavy traffic loading to cause a denial-of-service condition in Rockwell Automation Logix controllers resulting in a major non-recoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload the user project file to bring the device back online and continue normal operation.2022-12-19not yet calculatedCVE-2022-3752
MISC
grub2 -- grub2When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded.2022-12-19not yet calculatedCVE-2022-3775
MISC
wordpress -- wordpressThe Jeg Elementor Kit plugin for WordPress is vulnerable to authorization bypass in various AJAX actions in versions up to, and including, 2.5.6. Authenticated users can use an easily available nonce value to create header templates and make additional changes to the site, as the plugin does not use capability checks for this purpose.2022-12-22not yet calculatedCVE-2022-3794
MISC
MISC
MISC
wordpress -- wordpressThe Jeg Elementor Kit plugin for WordPress is vulnerable to authorization bypass in various functions used to update the plugin settings in versions up to, and including, 2.5.6. Unauthenticated users can use an easily available nonce, obtained from pages edited by the plugin, to update the MailChimp API key, global styles, 404 page settings, and enabled elements.2022-12-22not yet calculatedCVE-2022-3805
MISC
MISC
MISC
talos -- openstack_kolla_git_masterA privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618. A misconfiguration in /etc/sudoers within a container can lead to increased privileges.2022-12-21not yet calculatedCVE-2022-38060
MISC
talos -- openstack_kolla_git_masterA privilege escalation vulnerability exists in the oslo.privsep functionality of OpenStack git master 05194e7618 and prior. Overly permissive functionality within tools leveraging this library within a container can lead increased privileges.2022-12-21not yet calculatedCVE-2022-38065
MISC
talos -- openimageioA heap out-of-bounds write vulnerability exists in the way OpenImageIO v2.3.19.0 processes RLE encoded BMP images. A specially-crafted bmp file can write to arbitrary out of bounds memory, which can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.2022-12-22not yet calculatedCVE-2022-38143
MISC
mozilla -- multiple_productsAn attacker could have abused XSLT error handling to associate attacker-controlled content with another origin which was displayed in the address bar. This could have been used to fool the user into submitting data intended for the spoofed origin. This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2, and Firefox < 104.2022-12-22not yet calculatedCVE-2022-38472
MISC
MISC
MISC
MISC
MISC
MISC
mozilla -- multiple_productsA cross-origin iframe referencing an XSLT document would inherit the parent domain's permissions (such as microphone or camera access). This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2, and Firefox < 104.2022-12-22not yet calculatedCVE-2022-38473
MISC
MISC
MISC
MISC
MISC
MISC
mozilla -- firefox_for_androidA website that had permission to access the microphone could record audio without the audio notification being shown. This bug does not allow the attacker to bypass the permission prompt - it only affects the notification shown once permission has been granted.<br />*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 104.2022-12-22not yet calculatedCVE-2022-38474
MISC
MISC
mozilla -- firefoxAn attacker could have written a value to the first element in a zero-length JavaScript array. Although the array was zero-length, the value was not written to an invalid memory address. This vulnerability affects Firefox < 104.2022-12-22not yet calculatedCVE-2022-38475
MISC
MISC
mozilla -- multiple_products
 
A data race could occur in the <code>PK11_ChangePW</code> function, potentially leading to a use-after-free vulnerability. In Firefox, this lock protected the data when a user changed their master password. This vulnerability affects Firefox ESR < 102.2 and Thunderbird < 102.2.2022-12-22not yet calculatedCVE-2022-38476
MISC
MISC
MISC
mozilla -- multiple_productsMozilla developer Nika Layzell and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 103 and Firefox ESR 102.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.2, Thunderbird < 102.2, and Firefox < 104.2022-12-22not yet calculatedCVE-2022-38477
MISC
MISC
MISC
MISC
mozilla -- multiple_productsMembers the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 103, Firefox ESR 102.1, and Firefox ESR 91.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2, and Firefox < 104.2022-12-22not yet calculatedCVE-2022-38478
MISC
MISC
MISC
MISC
MISC
MISC
zyxel -- zyxel_nbg7510A DNS misconfiguration was found in Zyxel NBG7510 firmware versions prior to V1.00(ABZY.3)C0, which could allow an unauthenticated attacker to access the DNS server when the device is switched to the AP mode.2022-12-21not yet calculatedCVE-2022-38546
CONFIRM
hcl_technologies -- bigfix_webuiBigFix WebUI non-master operators are missing controls that prevent them from being able to modify the relevance of fixlets or to deploy fixlets from the BES Support external site.2022-12-21not yet calculatedCVE-2022-38655
MISC
hcl_technologies -- bigfix_webuiBigFix deployments that have installed the Notification Service on Windows are susceptible to disclosing SMTP BigFix operator's sensitive data in clear text. Operators who use Notification Service related content from BES Support are at risk of leaving their SMTP sensitive data exposed.2022-12-24not yet calculatedCVE-2022-38658
MISC
netapp -- oncommand_insightOnCommand Insight versions 7.3.1 through 7.3.14 are susceptible to an authentication bypass vulnerability in the Data Warehouse component.2022-12-20not yet calculatedCVE-2022-38733
MISC
modzero -- click_studiosA vulnerability classified as critical was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. This vulnerability affects unknown code of the component API. The manipulation leads to authentication bypass by assumed-immutable data. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216244.2022-12-19not yet calculatedCVE-2022-3875
MISC
MISC
MISC
micro_focus -- zenworks_2020A vulnerability has been identified in Micro Focus ZENworks 2020 Update 3a and prior versions. This vulnerability allows administrators with rights to perform actions (e.g., install a bundle) on a set of managed devices, to be able to exercise these rights on managed devices in the ZENworks zone but which are outside the scope of the administrator. This vulnerability does not result in the administrators gaining additional rights on the managed devices, either in the scope or outside the scope of the administrator.2022-12-23not yet calculatedCVE-2022-38757
MISC
MISC
MISC
modzero -- click_studiosA vulnerability, which was classified as problematic, has been found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. This issue affects some unknown processing of the file /api/browserextension/UpdatePassword/ of the component API. The manipulation of the argument PasswordID leads to authorization bypass. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. The identifier VDB-216245 was assigned to this vulnerability.2022-12-19not yet calculatedCVE-2022-3876
MISC
MISC
MISC
modzero -- click_studiosA vulnerability, which was classified as problematic, was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. Affected is an unknown function of the component URL Field Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. VDB-216246 is the identifier assigned to this vulnerability.2022-12-19not yet calculatedCVE-2022-3877
MISC
MISC
MISC
d-link -- dap
 
D-Link devices DAP-2310 v2.10rc036 and earlier, DAP-2330 v1.06rc020 and earlier, DAP-2360 v2.10rc050 and earlier, DAP-2553 v3.10rc031 and earlier, DAP-2660 v1.15rc093 and earlier, DAP-2690 v3.20rc106 and earlier, DAP-2695 v1.20rc119_beta31 and earlier, DAP-3320 v1.05rc027 beta and earlier, DAP-3662 v1.05rc047 and earlier allows attackers to cause a Denial of Service (DoS) via uploading a crafted firmware after modifying the firmware header.2022-12-20not yet calculatedCVE-2022-38873
MISC
MISC
ibm -- aix_vios
 
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 235181.2022-12-23not yet calculatedCVE-2022-39164
MISC
MISC
ibm -- aix_vios
 
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local user to exploit a vulnerability in CAA to cause a denial of service. IBM X-Force ID: 235183.2022-12-23not yet calculatedCVE-2022-39165
MISC
MISC
ghinstallation -- ghinstallation
 
ghinstallation provides transport, which implements http.RoundTripper to provide authentication as an installation for GitHub Apps. In ghinstallation version 1, when the request to refresh an installation token failed, the HTTP request and response would be returned for debugging. The request contained the bearer JWT for the App, and was returned back to clients. This token is short lived (10 minute maximum). This issue has been patched and is available in version 2.0.0.2022-12-20not yet calculatedCVE-2022-39304
MISC
MISC
MISC
MISC
typora -- typora
 
Cross Site Scripting (XSS) vulnerability in typora through 1.38 allows remote attackers to run arbitrary code via export from editor.2022-12-23not yet calculatedCVE-2022-40011
MISC
MISC
MISC
apache -- karaf
 
This vulnerable is about a potential code injection when an attacker has control of the target LDAP server using in the JDBC JNDI URL. The function jaas.modules.src.main.java.porg.apache.karaf.jass.modules.jdbc.JDBCUtils#doCreateDatasource use InitialContext.lookup(jndiName) without filtering. An user can modify `options.put(JDBCUtils.DATASOURCE, "osgi:" + DataSource.class.getName());` to `options.put(JDBCUtils.DATASOURCE,"jndi:rmi://x.x.x.x:xxxx/Command");` in JdbcLoginModuleTest#setup. This is vulnerable to a remote code execution (RCE) attack when a configuration uses a JNDI LDAP data source URI when an attacker has control of the target LDAP server.This issue affects all versions of Apache Karaf up to 4.4.1 and 4.3.7. We encourage the users to upgrade to Apache Karaf at least 4.4.2 or 4.3.82022-12-21not yet calculatedCVE-2022-40145
MISC
ibm -- aix_vios
 
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX TCP/IP kernel extension to cause a denial of service. IBM X-Force ID: 235599.2022-12-23not yet calculatedCVE-2022-40233
MISC
MISC
softr -- softr
 
Softr v2.0 was discovered to be vulnerable to HTML injection via the Name field of the Account page.2022-12-19not yet calculatedCVE-2022-40434
MISC
MISC
MISC
sourcecodester -- employee_performance_evaluation_system
 
Employee Performance Evaluation System v1.0 was discovered to contain a persistent cross-site scripting (XSS) vulnerability via adding new entries under the Departments and Designations module.2022-12-19not yet calculatedCVE-2022-40435
MISC
MISC
MISC
pfSense -- pfBlockerNG
 
pfSense pfBlockerNG through 2.1.4_27 allows remote attackers to execute arbitrary OS commands as root via the HTTP Host header, a different vulnerability than CVE-2022-31814.2022-12-20not yet calculatedCVE-2022-40624
MISC
MISC
MISC
ndk_design -- ndkadvancedcustomizationfields
 
A cross-site scripting (XSS) vulnerability in NdkAdvancedCustomizationFields v3.5.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payloads injected into the "htmlNodes" parameter.2022-12-21not yet calculatedCVE-2022-40841
MISC
MISC
pypa -- setuptools
 
Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.2022-12-23not yet calculatedCVE-2022-40897
MISC
MISC
CONFIRM
MISC
MISC
pypa -- wheel
 
An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.2022-12-23not yet calculatedCVE-2022-40898
MISC
MISC
MISC
pythoncharmers -- python_future
 
An issue discovered in Python Charmers Future 0.18.2 and earlier allows remote attackers to cause a denial of service via crafted Set-Cookie header from malicious web server.2022-12-23not yet calculatedCVE-2022-40899
MISC
MISC
MISC
MISC
mozilla -- firefox_esr_thunderbird
 
When injecting an HTML base element, some requests would ignore the CSP's base-uri settings and accept the injected element's base instead. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.2022-12-22not yet calculatedCVE-2022-40956
MISC
MISC
MISC
MISC
mozilla -- firefox_esr_thunderbird
 
Inconsistent data in instruction and data cache when creating wasm code could lead to a potentially exploitable crash.<br>*This bug only affects Firefox on ARM64 platforms.*. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.2022-12-22not yet calculatedCVE-2022-40957
MISC
MISC
MISC
MISC
mozilla -- firefox_esr_thunderbird
 
By injecting a cookie with certain special characters, an attacker on a shared subdomain which is not a secure context could set and thus overwrite cookies from a secure context, leading to session fixation and other attacks. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.2022-12-22not yet calculatedCVE-2022-40958
MISC
MISC
MISC
MISC
mozilla -- firefox_esr_thunderbird
 
During iframe navigation, certain pages did not have their FeaturePolicy fully initialized leading to a bypass that leaked device permissions into untrusted subdocuments. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.2022-12-22not yet calculatedCVE-2022-40959
MISC
MISC
MISC
MISC
mozilla -- firefox_esr_thunderbird
 
Concurrent use of the URL parser with non-UTF-8 data was not thread-safe. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.2022-12-22not yet calculatedCVE-2022-40960
MISC
MISC
MISC
MISC
mozilla -- firefox_for_androidDuring startup, a graphics driver with an unexpected name could lead to a stack-buffer overflow causing a potentially exploitable crash.<br>*This issue only affects Firefox for Android. Other operating systems are not affected.*. This vulnerability affects Firefox < 105.2022-12-22not yet calculatedCVE-2022-40961
MISC
MISC
mozilla -- multiple_products
 
Mozilla developers Nika Layzell, Timothy Nikkel, Sebastian Hengst, Andreas Pehrson, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 104 and Firefox ESR 102.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.2022-12-22not yet calculatedCVE-2022-40962
MISC
MISC
MISC
MISC
ibm -- aix_and_viosIBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the rm_rlcache_file command to obtain root privileges. IBM X-Force ID: 236690.2022-12-23not yet calculatedCVE-2022-41290
MISC
MISC
blogengine -- blogengine.netAn issue in the component BlogEngine/BlogEngine.NET/AppCode/Api/UploadController.cs of BlogEngine.NET v3.3.8.0 allows attackers to execute arbitrary code via uploading a crafted PNG file.2022-12-19not yet calculatedCVE-2022-41418
MISC
MISC
MISC
harmonyos -- harmonyosSome smartphones have authentication-related (including session management) vulnerabilities as the setup wizard is bypassed. Successful exploitation of this vulnerability affects the smartphone availability.2022-12-20not yet calculatedCVE-2022-41590
MISC
harmonyos -- harmonyosThe backup module has a path traversal vulnerability. Successful exploitation of this vulnerability causes unauthorized access to other system files.2022-12-20not yet calculatedCVE-2022-41591
MISC
MISC
openimageio -- openimageioA heap based buffer overflow vulnerability exists in tile decoding code of TIFF image parser in OpenImageIO master-branch-9aeece7a and v2.3.19.0. A specially-crafted TIFF file can lead to an out of bounds memory corruption, which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.2022-12-22not yet calculatedCVE-2022-41639
MISC
openimageio -- openimageioA heap out of bounds read vulnerability exists in the handling of IPTC data while parsing TIFF images in OpenImageIO v2.3.19.0. A specially-crafted TIFF file can cause a read of adjacent heap memory, which can leak sensitive process information. An attacker can provide a malicious file to trigger this vulnerability.2022-12-22not yet calculatedCVE-2022-41649
MISC
ghost -- ghost_foundation_ghostAn authentication bypass vulnerability exists in the newsletter subscription functionality of Ghost Foundation Ghost 5.9.4. A specially-crafted HTTP request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability.2022-12-22not yet calculatedCVE-2022-41654
MISC
CONFIRM
openimageio -- openimageioA heap out of bounds read vulnerability exists in the OpenImageIO master-branch-9aeece7a when parsing the image file directory part of a PSD image file. A specially-crafted .psd file can cause a read of arbitrary memory address which can lead to denial of service. An attacker can provide a malicious file to trigger this vulnerability.2022-12-22not yet calculatedCVE-2022-41684
MISC
ghost -- ghost_foundation_ghostA user enumeration vulnerability exists in the login functionality of Ghost Foundation Ghost 5.9.4. A specially-crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send a series of HTTP requests to trigger this vulnerability.2022-12-22not yet calculatedCVE-2022-41697
MISC
openimageio -- openimageioA heap based buffer overflow vulnerability exists in the PSD thumbnail resource parsing code of OpenImageIO 2.3.19.0. A specially-crafted PSD file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.2022-12-22not yet calculatedCVE-2022-41794
MISC
openimageio -- openimageio_project_openimageioAn out-of-bounds write vulnerability exists in the OpenImageIO::add_exif_item_to_spec functionality of OpenImageIO Project OpenImageIO v2.4.4.2. Specially-crafted exif metadata can lead to stack-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability.2022-12-22not yet calculatedCVE-2022-41837
MISC
openimageio -- openimageio_project_openimageioA code execution vulnerability exists in the DDS scanline parsing functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially-crafted .dds can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.2022-12-22not yet calculatedCVE-2022-41838
MISC
openimageio -- openimageioAn out of bounds read vulnerability exists in the way OpenImageIO version v2.3.19.0 processes string fields in TIFF image files. A specially-crafted TIFF file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability.2022-12-22not yet calculatedCVE-2022-41977
MISC
openimageio -- openimageioA stack-based buffer overflow vulnerability exists in the TGA file format parser of OpenImageIO v2.3.19.0. A specially-crafted targa file can lead to out of bounds read and write on the process stack, which can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.2022-12-22not yet calculatedCVE-2022-41981
MISC
openimageio -- openimageio_project_openimageioAn information disclosure vulnerability exists in the OpenImageIO::decode_iptc_iim() functionality of OpenImageIO Project OpenImageIO v2.3.19.0. A specially-crafted TIFF file can lead to a disclosure of sensitive information. An attacker can provide a malicious file to trigger this vulnerability.2022-12-22not yet calculatedCVE-2022-41988
MISC
openimageio -- openimageio_project_openimageioA denial of service vulnerability exists in the DDS native tile reading functionality of OpenImageIO Project OpenImageIO v2.3.19.0 and v2.4.4.2. A specially-crafted .dds can lead to denial of service. An attacker can provide a malicious file to trigger this vulnerability.2022-12-22not yet calculatedCVE-2022-41999
MISC
wfs_inc -- heavenburnsredWFS, Inc HeavenBurnsRed 2020.3.15.7141260 is vulnerable to Local Privilege Escalation.2022-12-20not yet calculatedCVE-2022-42046
MISC
hcl_technology -- big_fixThere are insufficient warnings when a Fixlet is imported by a user. The warning message currently assumes the owner of the script is the logged in user, with insufficient warnings when attempting to run the script.2022-12-19not yet calculatedCVE-2022-42453
MISC
hcl_technology -- big_fixInsights for Vulnerability Remediation (IVR) is vulnerable to man-in-the-middle attacks that may lead to information disclosure. This requires privileged network access.2022-12-21not yet calculatedCVE-2022-42454
MISC
devolutions -- remote_desktop_manager
 
Authentication bypass in local application lock feature in Devolutions Remote Desktop Manager 2022.3.26 and earlier on Windows allows malicious user to access the application.2022-12-21not yet calculatedCVE-2022-4287
MISC
mozilla -- multiple_productsA same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via <code>performance.getEntries()</code>. This vulnerability affects Thunderbird < 102.4, Firefox ESR < 102.4, and Firefox < 106.2022-12-22not yet calculatedCVE-2022-42927
MISC
MISC
MISC
MISC
mozilla -- multiple_productsCertain types of allocations were missing annotations that, if the Garbage Collector was in a specific state, could have lead to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 102.4, Firefox ESR < 102.4, and Firefox < 106.2022-12-22not yet calculatedCVE-2022-42928
MISC
MISC
MISC
MISC
mozilla -- multiple_productsIf a website called <code>window.print()</code> in a particular way, it could cause a denial of service of the browser, which may persist beyond browser restart depending on the user's session restore settings. This vulnerability affects Thunderbird < 102.4, Firefox ESR < 102.4, and Firefox < 106.2022-12-22not yet calculatedCVE-2022-42929
MISC
MISC
MISC
MISC
mozilla -- firefox_for_androidIf two Workers were simultaneously initializing their CacheStorage, a data race could have occurred in the <code>ThirdPartyUtil</code> component. This vulnerability affects Firefox < 106.2022-12-22not yet calculatedCVE-2022-42930
MISC
MISC
mozilla -- firefox_for_androidLogins saved by Firefox should be managed by the Password Manager component which uses encryption to save files on-disk. Instead, the username (not password) was saved by the Form Manager to an unencrypted file on disk. This vulnerability affects Firefox < 106.2022-12-22not yet calculatedCVE-2022-42931
MISC
MISC
mozilla -- multiple_productsMozilla developers Ashley Hale and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 102.4, Firefox ESR < 102.4, and Firefox < 106.2022-12-22not yet calculatedCVE-2022-42932
MISC
MISC
MISC
MISC
autodesk -- dwg_trueviewtm_2023DWG TrueViewTM 2023 version has a DLL Search Order Hijacking vulnerability. Successful exploitation by a malicious attacker could result in remote code execution on the target system.2022-12-19not yet calculatedCVE-2022-42945
MISC
autodesk -- multiple_productsParsing a maliciously crafted X_B and PRT file can force Autodesk Maya 2023 to read beyond allocated buffer. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.2022-12-19not yet calculatedCVE-2022-42946
MISC
autodesk -- multiple_productsA maliciously crafted X_B file when parsed through Autodesk Maya 2023 can be used to write beyond the allocated buffer. This vulnerability can lead to arbitrary code execution.2022-12-19not yet calculatedCVE-2022-42947
MISC
silverstripe -- subsitesSilverstripe silverstripe/subsites through 2.6.0 has Insecure Permissions.2022-12-21not yet calculatedCVE-2022-42949
MISC
MISC
inhabit -- pty_ltd_move_crmInhabit Systems Pty Ltd Move CRM version 4, build 260 was discovered to contain a cross-site scripting (XSS) vulnerability via the User profile component.2022-12-22not yet calculatedCVE-2022-43271
CONFIRM
MISC
ibm -- multiple_productsIBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX NFS kernel extension to cause a denial of service. IBM X-Force ID: 238640.2022-12-23not yet calculatedCVE-2022-43380
MISC
MISC
ibm -- multiple_productsIBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local user to exploit a vulnerability in the AIX SMB client to cause a denial of service. IBM X-Force ID: 238639.2022-12-23not yet calculatedCVE-2022-43381
MISC
MISC
plusmessage_app -- multiple_productsKDDI +Message App, NTT DOCOMO +Message App, and SoftBank +Message App contain a vulnerability caused by improper handling of Unicode control characters. +Message App displays text unprocessed, even when control characters are contained, and the text is shown based on Unicode control character's specifications. Therefore, a crafted text may display misleading web links. As a result, a spoofed URL may be displayed and phishing attacks may be conducted. Affected products and versions are as follows: KDDI +Message App for Android prior to version 3.9.2 and +Message App for iOS prior to version 3.9.4, NTT DOCOMO +Message App for Android prior to version 54.49.0500 and +Message App for iOS prior to version 3.9.4, and SoftBank +Message App for Android prior to version 12.9.5 and +Message App for iOS prior to version 3.9.42022-12-21not yet calculatedCVE-2022-43543
MISC
MISC
MISC
MISC
fedora_36 -- curlA vulnerability exists in curl <7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. However, the HSTS mechanism could be bypassed if the host name in the given URL first uses IDN characters that get replaced to ASCII counterparts as part of the IDN conversion. Like using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop (U+002E) `.`. Then in a subsequent request, it does not detect the HSTS state and makes a clear text transfer. Because it would store the info IDN encoded but look for it IDN decoded.2022-12-23not yet calculatedCVE-2022-43551
MISC
MISC
openimageio -- openimageioAn information disclosure vulnerability exists in the DPXOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to leaked heap data. An attacker can provide malicious input to trigger this vulnerability.2022-12-22not yet calculatedCVE-2022-43592
MISC
openimageio -- openimageioA denial of service vulnerability exists in the DPXOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to null pointer dereference. An attacker can provide malicious input to trigger this vulnerability.2022-12-22not yet calculatedCVE-2022-43593
MISC
openimageio -- openimageioMultiple denial of service vulnerabilities exist in the image output closing functionality of OpenImageIO Project OpenImageIO v2.4.4.2. Specially crafted ImageOutput Objects can lead to multiple null pointer dereferences. An attacker can provide malicious multiple inputs to trigger these vulnerabilities.This vulnerability applies to writing .bmp files.2022-12-22not yet calculatedCVE-2022-43594
MISC
openimageio -- openimageioMultiple denial of service vulnerabilities exist in the image output closing functionality of OpenImageIO Project OpenImageIO v2.4.4.2. Specially crafted ImageOutput Objects can lead to multiple null pointer dereferences. An attacker can provide malicious multiple inputs to trigger these vulnerabilities.This vulnerability applies to writing .fits files.2022-12-22not yet calculatedCVE-2022-43595
MISC
openimageio -- openimageioAn information disclosure vulnerability exists in the IFFOutput channel interleaving functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to leaked heap data. An attacker can provide malicious input to trigger this vulnerability.2022-12-22not yet calculatedCVE-2022-43596
MISC
openimageio -- openimageioMultiple memory corruption vulnerabilities exist in the IFFOutput alignment padding functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to arbitrary code execution. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `m_spec.format` is `TypeDesc::UINT8`.2022-12-22not yet calculatedCVE-2022-43597
MISC
openimageio -- openimageioMultiple memory corruption vulnerabilities exist in the IFFOutput alignment padding functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to arbitrary code execution. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `m_spec.format` is `TypeDesc::UINT16`.2022-12-22not yet calculatedCVE-2022-43598
MISC
openimageio -- openimageioMultiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `xmax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT8`2022-12-22not yet calculatedCVE-2022-43599
MISC
openimageio -- openimageioMultiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `xmax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT16`2022-12-22not yet calculatedCVE-2022-43600
MISC
openimageio -- openimageioMultiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `ymax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT16`2022-12-22not yet calculatedCVE-2022-43601
MISC
openimageio -- openimageioMultiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `ymax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT8`2022-12-22not yet calculatedCVE-2022-43602
MISC
openimageio -- openimageioA denial of service vulnerability exists in the ZfileOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to denial of service. An attacker can provide a malicious file to trigger this vulnerability.2022-12-22not yet calculatedCVE-2022-43603
MISC

ibm -- multiple_products

IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX perfstat kernel extension to cause a denial of service. IBM X-Force ID: 239169.2022-12-23not yet calculatedCVE-2022-43848
MISC
MISC

ibm -- multiple_products

IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local user to exploit a vulnerability in the AIX pfcdd kernel extension to cause a denial of service. IBM X-Force ID: 239170.2022-12-23not yet calculatedCVE-2022-43849
MISC
MISC

ibm -- navigator_for_i

IBM Navigator for i 7.3, 7.4 and 7.5 could allow an authenticated user to access IBM Navigator for i log files they are authorized to but not while using this interface. The remote authenticated user can bypass the interface checks and download log files by modifying servlet filter. IBM X-Force ID: 239301.2022-12-22not yet calculatedCVE-2022-43857
MISC
MISC

ibm -- navigator_for_i

IBM Navigator for i 7.3, 7.4, and 7.5 could allow an authenticated user to access the file system and download files they are authorized to but not while using this interface. The remote authenticated user can bypass the interface checks by modifying a parameter thereby gaining access to their files through this interface. IBM X-Force ID: 239303.2022-12-22not yet calculatedCVE-2022-43858
MISC
MISC

ibm -- navigator_for_i

IBM Navigator for i 7.3, 7.4, and 7.5 could allow an authenticated user to obtain sensitive information for an object they are authorized to but not while using this interface. By performing a UNION based SQL injection an attacker could see file permissions through this interface. IBM X-Force ID: 239304.2022-12-22not yet calculatedCVE-2022-43859
MISC
MISC
ibm -- navigator_for_iIBM Navigator for i 7.3, 7.4, and 7.5 could allow an authenticated user to obtain sensitive information they are authorized to but not while using this interface. By performing an SQL injection an attacker could see user profile attributes through this interface. IBM X-Force ID: 239305.2022-12-24not yet calculatedCVE-2022-43860
MISC
MISC
ibm -- financial_transaction-managerIBM Financial Transaction Manager 3.2.4 authorization checks are done incorrectly for some HTTP requests which allows getting unauthorized technical information (e.g. event log entries) about the FTM SWIFT system. IBM X-Force ID: 239708.2022-12-20not yet calculatedCVE-2022-43872
MISC
MISC
ibm -- financial_transaction-managerIBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow an authenticated user to lock additional RM authorizations, resulting in a denial of service on displaying or managing these authorizations. IBM X-Force ID: 240034.2022-12-20not yet calculatedCVE-2022-43875
MISC
MISC
pdftojson commit 94204bb -- pdftojson commit 94204bbpdftojson commit 94204bb was discovered to contain a stack overflow via the component Object::copy(Object*):Object.cc.2022-12-19not yet calculatedCVE-2022-44108
MISC
MISC
pdftojson commit 94204bb -- pdftojson commit 94204bbpdftojson commit 94204bb was discovered to contain a stack overflow via the component Stream::makeFilter(char*, Stream*, Object*, int).2022-12-19not yet calculatedCVE-2022-44109
MISC
MISC
otrs -- otrs
 
Improper Input Validation vulnerability in OTRS AG OTRS, OTRS AG ((OTRS)) Community Edition allows SQL Injection via TicketSearch Webservice This issue affects OTRS: from 7.0.1 before 7.0.40 Patch 1, from 8.0.1 before 8.0.28 Patch 1; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34.2022-12-19not yet calculatedCVE-2022-4427
MISC
zenphoto -- zenphotoStored cross-site scripting vulnerability in Zenphoto versions prior to 1.6 allows remote a remote authenticated attacker with an administrative privilege to inject an arbitrary script.2022-12-21not yet calculatedCVE-2022-44449
MISC
MISC
MISC
uisp_wireless-- multiple_productsAn improper access validation vulnerability exists in airMAX AC <8.7.11, airFiber 60/LR <2.6.2, airFiber 60 XG/HD <v1.0.0 and airFiber GBE <1.4.1 that allows a malicious actor to retrieve status and usage data from the UISP device.2022-12-23not yet calculatedCVE-2022-44565
MISC
rocket.chat-desktop -- rocket.chat-desktopA command injection vulnerability exists in Rocket.Chat-Desktop <3.8.14 that could allow an attacker to pass a malicious url of openInternalVideoChatWindow to shell.openExternal(), which may lead to remote code execution (internalVideoChatWindow.ts#L17). To exploit the vulnerability, the internal video chat window must be disabled or a Mac App Store build must be used (internalVideoChatWindow.ts#L14). The vulnerability may be exploited by an XSS attack because the function openInternalVideoChatWindow is exposed in the Rocket.Chat-Desktop-API.2022-12-23not yet calculatedCVE-2022-44567
MISC
grafana_labs -- enterprise_metricsA vulnerability in the label-based access control of Grafana Labs Grafana Enterprise Metrics allows an attacker more access than intended. If an access policy which has label selector restrictions also has been granted access to all tenants in the system, the label selector restrictions will not be applied when using this policy with the affected versions of the software. This issue affects: Grafana Labs Grafana Enterprise Metrics GEM 1.X versions prior to 1.7.1 on AMD64; GEM 2.X versions prior to 2.3.1 on AMD64.2022-12-20not yet calculatedCVE-2022-44643
MISC
MISC
hcl_software-- bigfix_insights_for_vulnerability_remediationInsights for Vulnerability Remediation (IVR) is vulnerable to improper input validation. This may lead to information disclosure. This requires privileged access.2022-12-21not yet calculatedCVE-2022-44756
MISC
patchelf -- patchelfPatchelf v0.9 was discovered to contain an out-of-bounds read via the function modifyRPath at src/patchelf.cc.2022-12-19not yet calculatedCVE-2022-44940
MISC
exuberant_ctags -- exuberant_ctagsA flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags() in sort.c calls the system(3) function in an unsafe way.2022-12-20not yet calculatedCVE-2022-4515
MISC
apache -- shardingsphere-proxyApache ShardingSphere-Proxy prior to 5.3.0 when using MySQL as database backend didn't cleanup the database session completely after client authentication failed, which allowed an attacker to execute normal commands by constructing a special MySQL client. This vulnerability has been fixed in Apache ShardingSphere 5.3.0.2022-12-22not yet calculatedCVE-2022-45347
MISC
mozilla -- multiple_products
 
Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined with Range requests might have allowed them to determine the presence or length of a media file. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.2022-12-22not yet calculatedCVE-2022-45403
MISC
MISC
MISC
MISC

mozilla -- multiple_products

Through a series of popup and <code>window.print()</code> calls, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.2022-12-22not yet calculatedCVE-2022-45404
MISC
MISC
MISC
MISC
mozilla -- multiple_productsFreeing arbitrary <code>nsIInputStream</code>'s on a different thread than creation could have led to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.2022-12-22not yet calculatedCVE-2022-45405
MISC
MISC
MISC
MISC
mozilla -- multiple_productsIf an out-of-memory condition occurred when creating a JavaScript global, a JavaScript realm may be deleted while references to it lived on in a BaseShape. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.2022-12-22not yet calculatedCVE-2022-45406
MISC
MISC
MISC
MISC
mozilla -- firefoxIf an attacker loaded a font using <code>FontFace()</code> on a background worker, a use-after-free could have occurred, leading to a potentially exploitable crash. This vulnerability affects Firefox < 107.2022-12-22not yet calculatedCVE-2022-45407
MISC
MISC
mozilla -- multiple_productsThrough a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.2022-12-22not yet calculatedCVE-2022-45408
MISC
MISC
MISC
MISC
mozilla -- multiple_productsThe garbage collector could have been aborted in several states and zones and <code>GCRuntime::finishCollection</code> may not have been called, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.2022-12-22not yet calculatedCVE-2022-45409
MISC
MISC
MISC
MISC
mozilla -- multiple_productsWhen a ServiceWorker intercepted a request with <code>FetchEvent</code>, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec and then in browsers. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.2022-12-22not yet calculatedCVE-2022-45410
MISC
MISC
MISC
MISC
mozilla -- multiple_productsCross-Site Tracing occurs when a server will echo a request back via the Trace method, allowing an XSS attack to access to authorization headers and cookies inaccessible to JavaScript (such as cookies protected by HTTPOnly). To mitigate this attack, browsers placed limits on <code>fetch()</code> and XMLHttpRequest; however some webservers have implemented non-standard headers such as <code>X-Http-Method-Override</code> that override the HTTP method, and made this attack possible again. Thunderbird has applied the same mitigations to the use of this and similar headers. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.2022-12-22not yet calculatedCVE-2022-45411
MISC
MISC
MISC
MISC
mozilla -- multiple_productsWhen resolving a symlink such as <code>file:///proc/self/fd/1</code>, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer. <br>*This bug only affects Thunderbird on Unix-based operated systems (Android, Linux, MacOS). Windows is unaffected.*. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.2022-12-22not yet calculatedCVE-2022-45412
MISC
MISC
MISC
MISC
mozilla -- firefoxUsing the <code>S.browser_fallback_url parameter</code> parameter, an attacker could redirect a user to a URL and cause SameSite=Strict cookies to be sent.<br>*This issue only affects Firefox for Android. Other operating systems are not affected.*. This vulnerability affects Firefox < 107.2022-12-22not yet calculatedCVE-2022-45413
MISC
MISC
mozilla -- thunderbirdIf a Thunderbird user quoted from an HTML email, for example by replying to the email, and the email contained either a VIDEO tag with the POSTER attribute or an OBJECT tag with a DATA attribute, a network request to the referenced remote URL was performed, regardless of a configuration to block remote content. An image loaded from the POSTER attribute was shown in the composer window. These issues could have given an attacker additional capabilities when targetting releases that did not yet have a fix for CVE-2022-3033 which was reported around three months ago. This vulnerability affects Thunderbird < 102.5.1.2022-12-22not yet calculatedCVE-2022-45414
MISC
MISC
mozilla -- firefoxWhen downloading an HTML file, if the title of the page was formatted as a filename with a malicious extension, Firefox may have saved the file with that extension, leading to possible system compromise if the downloaded file was later ran. This vulnerability affects Firefox < 107.2022-12-22not yet calculatedCVE-2022-45415
MISC
MISC
mozilla -- multiple_productsKeyboard events reference strings like "KeyA" that were at fixed, known, and widely-spread addresses. Cache-based timing attacks such as Prime+Probe could have possibly figured out which keys were being pressed. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.2022-12-22not yet calculatedCVE-2022-45416
MISC
MISC
MISC
MISC
mozilla -- firefoxService Workers did not detect Private Browsing Mode correctly in all cases, which could have led to Service Workers being written to disk for websites visited in Private Browsing Mode. This would not have persisted them in a state where they would run again, but it would have leaked Private Browsing Mode details to disk. This vulnerability affects Firefox < 107.2022-12-22not yet calculatedCVE-2022-45417
MISC
MISC
mozilla -- multiple_productsIf a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.2022-12-22not yet calculatedCVE-2022-45418
MISC
MISC
MISC
MISC
mozilla -- firefoxIf the user added a security exception for an invalid TLS certificate, opened an ongoing TLS connection with a server that used that certificate, and then deleted the exception, Firefox would have kept the connection alive, making it seem like the certificate was still trusted. This vulnerability affects Firefox < 107.2022-12-22not yet calculatedCVE-2022-45419
MISC
MISC
mozilla -- multiple_productsUse tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.2022-12-22not yet calculatedCVE-2022-45420
MISC
MISC
MISC
MISC
mozilla -- multiple_productsMozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Thunderbird 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.2022-12-22not yet calculatedCVE-2022-45421
MISC
MISC
MISC
MISC
ip-com_m50-- ip-com_m50IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the hostname parameter in the formSetNetCheckTools function.2022-12-23not yet calculatedCVE-2022-45706
MISC
ip-com_m50-- ip-com_m50IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the rules parameter in the formAddDnsHijack function.2022-12-23not yet calculatedCVE-2022-45707
MISC
ip-com_m50-- ip-com_m50IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the sPortMapIndex parameter in the formDelPortMapping function.2022-12-23not yet calculatedCVE-2022-45708
MISC
ip-com_m50-- ip-com_m50IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple command injection vulnerabilities via the pEnable, pLevel, and pModule parameters in the formSetDebugCfg function.2022-12-23not yet calculatedCVE-2022-45709
MISC
ip-com_m50-- ip-com_m50IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the pEnable, pLevel, and pModule parameters in the formSetDebugCfg function.2022-12-23not yet calculatedCVE-2022-45710
MISC
ip-com_m50-- ip-com_m50IP-COM M50 V15.11.0.33(10768) was discovered to contain a command injection vulnerability via the hostname parameter in the formSetNetCheckTools function.2022-12-23not yet calculatedCVE-2022-45711
MISC
ip-com_m50-- ip-com_m50IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the rules parameter in the formAddDnsForward function.2022-12-23not yet calculatedCVE-2022-45712
MISC
ip-com_m50-- ip-com_m50IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the indexSet parameter in the formQOSRuleDel function.2022-12-23not yet calculatedCVE-2022-45714
MISC
ip-com_m50-- ip-com_m50IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the pLanPortRange and pWanPortRange parameters in the formSetPortMapping function.2022-12-23not yet calculatedCVE-2022-45715
MISC
ip-com_m50-- ip-com_m50IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the indexSet parameter in the formIPMacBindDel function.2022-12-23not yet calculatedCVE-2022-45716
MISC
ip-com_m50-- ip-com_m50IP-COM M50 V15.11.0.33(10768) was discovered to contain a command injection vulnerability via the usbPartitionName parameter in the formSetUSBPartitionUmount function. This vulnerability is exploited via a crafted GET request.2022-12-23not yet calculatedCVE-2022-45717
MISC
ip-com_m50-- ip-com_m50IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the rules parameter in the formIPMacBindAdd function.2022-12-23not yet calculatedCVE-2022-45718
MISC
ip-com_m50-- ip-com_m50IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the gotoUrl parameter in the formPortalAuth function.2022-12-23not yet calculatedCVE-2022-45719
MISC
ip-com_m50-- ip-com_m50IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the ip, mac, and remark parameters in the formIPMacBindModify function.2022-12-23not yet calculatedCVE-2022-45720
MISC
ip-com_m50-- ip-com_m50IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the picName parameter in the formDelWewifiPic function.2022-12-23not yet calculatedCVE-2022-45721
MISC
trend_micro -- apex_oneA link following vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local attacker to escalate privileges by creating a symbolic link and abusing the service to delete a file. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.2022-12-24not yet calculatedCVE-2022-45798
MISC
MISC
baijiacms -- baijiacmsA Remote Code Execution (RCE) vulnerability was found in includes/baijiacms/common.inc.php in baijiacms v4.2022-12-20not yet calculatedCVE-2022-45942
MISC
MISC
classcms -- classcmshere is an arbitrary file upload vulnerability in the file management function module of Classcms3.5.2022-12-22not yet calculatedCVE-2022-45966
MISC
wbce_cms -- wbce_cmsWBCE CMS v1.5.4 can implement getshell by modifying the upload file type.2022-12-20not yet calculatedCVE-2022-46020
MISC
d-link -- dir-869_dir869ax_fw102b15D-Link DIR-869 DIR869Ax_FW102B15 is vulnerable to Authentication Bypass via phpcgi.2022-12-20not yet calculatedCVE-2022-46076
MISC
MISC
sourcecodester -- covid-19_directory_on_vaccination_systemSourcecodester Covid-19 Directory on Vaccination System 1.0 was discovered to contain a Cross-Site Scripting (XSS) vulnerability via verification.php because the program does not verify the txtvaccinationID parameter.2022-12-21not yet calculatedCVE-2022-46095
MISC
MISC
sourcecodester -- covid-19_directory_on_vaccination_systemA Cross site scripting (XSS) vulnerability in Sourcecodester Online Covid-19 Directory on Vaccination System v1.0 allows attackers to execute arbitrary code via the txtfullname parameter or txtphone parameter to register.php without logging in.2022-12-21not yet calculatedCVE-2022-46096
MISC
ayacms -- ayacmsAyaCMS v3.1.2 was found to have a code flaw in the ust_sql.inc.php file, which allows attackers to cause command execution by inserting malicious code.2022-12-22not yet calculatedCVE-2022-46101
MISC
ayacms -- ayacmsAyaCMS 3.1.2 is vulnerable to Arbitrary file upload via /aya/module/admin/fst_down.inc.php2022-12-22not yet calculatedCVE-2022-46102
MISC
tp-link -- tl-wr940nTP-Link TL-WR940N V4 3.16.9 and earlier allows authenticated attackers to cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process.2022-12-20not yet calculatedCVE-2022-46139
MISC
codeigniter-- codeigniterCodeIgniter is a PHP full-stack web framework. When an application uses (1) multiple session cookies (e.g., one for user pages and one for admin pages) and (2) a session handler is set to `DatabaseHandler`, `MemcachedHandler`, or `RedisHandler`, then if an attacker gets one session cookie (e.g., one for user pages), they may be able to access pages that require another session cookie (e.g., for admin pages). This issue has been patched, please upgrade to version 4.2.11 or later. As a workaround, use only one session cookie.2022-12-22not yet calculatedCVE-2022-46170
MISC
MISC
tauri-apps-- tauriTauri is a framework for building binaries for all major desktop platforms. The filesystem glob pattern wildcards `*`, `?`, and `[...]` match file path literals and leading dots by default, which unintentionally exposes sub folder content of allowed paths. Scopes without the wildcards are not affected. As `**` allows for sub directories the behavior there is also as expected. The issue has been patched in the latest release and was backported into the currently supported 1.x branches. There are no known workarounds at the time of publication.2022-12-23not yet calculatedCVE-2022-46171
MISC
MISC
MISC
json -- jsonJSON5 is an extension to the popular JSON file format that aims to be easier to write and maintain by hand (e.g. for config files). The `parse` method of the JSON5 library before and including version `2.2.1` does not restrict parsing of keys named `__proto__`, allowing specially crafted strings to pollute the prototype of the resulting object. This vulnerability pollutes the prototype of the object returned by `JSON5.parse` and not the global Object prototype, which is the commonly understood definition of Prototype Pollution. However, polluting the prototype of a single object can have significant security impact for an application if the object is later used in trusted operations. This vulnerability could allow an attacker to set arbitrary and unexpected keys on the object returned from `JSON5.parse`. The actual impact will depend on how applications utilize the returned object and how they filter unwanted keys, but could include denial of service, cross-site scripting, elevation of privilege, and in extreme cases, remote code execution. `JSON5.parse` should restrict parsing of `__proto__` keys when parsing JSON strings to objects. As a point of reference, the `JSON.parse` method included in JavaScript ignores `__proto__` keys. Simply changing `JSON5.parse` to `JSON.parse` in the examples above mitigates this vulnerability. This vulnerability is patched in json5 version 2.2.2 and later.2022-12-24not yet calculatedCVE-2022-46175
MISC
MISC
MISC
wordpress -- wordpressThe Sidebar Widgets by CodeLights plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Extra CSS class’ parameter in versions up to, and including, 1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.2022-12-20not yet calculatedCVE-2022-4619
MISC
MISC
omron corporation -- cx-driveUse after free vulnerability in CX-Drive V3.00 and earlier allows a local attacker to execute arbitrary code by having a user to open a specially crafted file,2022-12-21not yet calculatedCVE-2022-46282
MISC
lirantal-- daloradiusSensitive Cookie Without 'HttpOnly' Flag in GitHub repository lirantal/daloradius prior to master.2022-12-21not yet calculatedCVE-2022-4630
CONFIRM
MISC
wp-ban -- wp-banA vulnerability, which was classified as problematic, was found in WP-Ban. Affected is an unknown function of the file ban-options.php. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is 22b925449c84faa9b7496abe4f8f5661cb5eb3bf. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216480.2022-12-21not yet calculatedCVE-2022-4631
N/A
N/A
auto_upload_images -- auto_upload_imagesA vulnerability has been found in Auto Upload Images up to 3.3.0 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 3.3.1 is able to address this issue. The name of the patch is 895770ee93887ec78429c78ffdfb865bee6f9436. It is recommended to upgrade the affected component. The identifier VDB-216481 was assigned to this vulnerability.2022-12-21not yet calculatedCVE-2022-4632
N/A
N/A
MISC
auto_upload_images -- auto_upload_imagesA vulnerability was found in Auto Upload Images up to 3.3.0 and classified as problematic. Affected by this issue is some unknown functionality of the file src/setting-page.php of the component Settings Handler. The manipulation leads to cross-site request forgery. The attack may be launched remotely. Upgrading to version 3.3.1 is able to address this issue. The name of the patch is 895770ee93887ec78429c78ffdfb865bee6f9436. It is recommended to upgrade the affected component. VDB-216482 is the identifier assigned to this vulnerability.2022-12-21not yet calculatedCVE-2022-4633
N/A
N/A
MISC
squirrel -- squirrel.windowsSquirrel.Windows is both a toolset and a library that provides installation and update functionality for Windows desktop applications. Installers generated by Squirrel.Windows 2.0.1 and earlier contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privilege of the user invoking the installer.2022-12-21not yet calculatedCVE-2022-46330
MISC
MISC
MISC
proofpoint -- enterprise_protectionProofpoint Enterprise Protection (PPS/PoD) contains a vulnerability which allows the pps user to escalate to root privileges due to unnecessary permissions. This affects all versions 8.19.0 and below.2022-12-21not yet calculatedCVE-2022-46334
MISC
ep3-bs -- ep3-bsA vulnerability classified as problematic has been found in ep3-bs up to 1.7.x. This affects an unknown part. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.8.0 is able to address this issue. The name of the patch is ef49e709c8adecc3a83cdc6164a67162991d2213. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216495.2022-12-21not yet calculatedCVE-2022-4637
N/A
N/A
N/A
MISC
collective.contact.widget -- collective.contact.widgetA vulnerability classified as problematic was found in collective.contact.widget up to 1.12. This vulnerability affects the function title of the file src/collective/contact/widget/widgets.py. The manipulation leads to cross site scripting. The attack can be initiated remotely. The name of the patch is 5da36305ca7ed433782be8901c47387406fcda12. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216496.2022-12-21not yet calculatedCVE-2022-4638
N/A
N/A
sslh -- sslhA vulnerability, which was classified as critical, has been found in sslh. This issue affects the function hexdump of the file probe.c of the component Packet Dumping Handler. The manipulation of the argument msg_info leads to format string. The attack may be initiated remotely. The name of the patch is b19f8a6046b080e4c2e28354a58556bb26040c6f. It is recommended to apply a patch to fix this issue. The identifier VDB-216497 was assigned to this vulnerability.2022-12-21not yet calculatedCVE-2022-4639
N/A
N/A
N/A
microchip -- multiple_productsThe Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) is unresponsive with ConReqTimeoutZero.2022-12-19not yet calculatedCVE-2022-46399
CONFIRM
MISC
MISC
MISC
mingsoft -- mcmsA vulnerability has been found in Mingsoft MCMS 5.2.9 and classified as problematic. Affected by this vulnerability is the function save of the component Article Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216499.2022-12-21not yet calculatedCVE-2022-4640
N/A
N/A
microchip -- multiple_productsThe Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) allows attackers to bypass passkey entry in legacy pairing.2022-12-19not yet calculatedCVE-2022-46400
CONFIRM
MISC
MISC
MISC
microchip -- multiple_productsThe Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) accepts PauseEncReqPlainText before pairing is complete.2022-12-19not yet calculatedCVE-2022-46401
CONFIRM
MISC
MISC
MISC
microchip -- multiple_productsThe Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) accepts PairCon_rmSend with incorrect values.2022-12-19not yet calculatedCVE-2022-46402
CONFIRM
MISC
MISC
MISC
microchip -- multiple_productsThe Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) mishandles reject messages.2022-12-19not yet calculatedCVE-2022-46403
CONFIRM
MISC
MISC
MISC
pig-vector-- pig-vectorA vulnerability was found in pig-vector and classified as problematic. Affected by this issue is the function LogisticRegression of the file src/main/java/org/apache/mahout/pig/LogisticRegression.java. The manipulation leads to insecure temporary file. The attack needs to be approached locally. The name of the patch is 1e7bd9fab5401a2df18d2eabd802adcf0dcf1f15. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216500.2022-12-21not yet calculatedCVE-2022-4641
N/A
N/A
N/A
tatoeba2 -- tatoeba2A vulnerability was found in tatoeba2. It has been classified as problematic. This affects an unknown part of the component Profile Name Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version prod_2022-10-30 is able to address this issue. The name of the patch is 91110777fc8ddf1b4a2cf4e66e67db69b9700361. It is recommended to upgrade the affected component. The identifier VDB-216501 was assigned to this vulnerability.2022-12-21not yet calculatedCVE-2022-4642
N/A
N/A
N/A
N/A
apache -- airflow_hive_providerImproper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider: before 5.0.0.2022-12-20not yet calculatedCVE-2022-46421
MISC
MISC
netgear -- wnr2000An issue in Netgear WNR2000 v1 1.2.3.7 and earlier allows authenticated attackers to cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process.2022-12-20not yet calculatedCVE-2022-46422
MISC
MISC
netgear -- wnr2000An exploitable firmware modification vulnerability was discovered on the Netgear WNR2000v1 router. An attacker can conduct a MITM (Man-in-the-Middle) attack to modify the user-uploaded firmware image and bypass the CRC check, allowing attackers to execute arbitrary code or cause a Denial of Service (DoS). This affects v1.2.3.7 and earlier.2022-12-20not yet calculatedCVE-2022-46423
MISC
MISC
netgear -- xwn5001_powerline_500_wifi_access_pointAn exploitable firmware modification vulnerability was discovered on the Netgear XWN5001 Powerline 500 WiFi Access Point. An attacker can conduct a MITM (Man-in-the-Middle) attack to modify the user-uploaded firmware image and bypass the CRC check, allowing attackers to execute arbitrary code or cause a Denial of Service (DoS). This affects v0.4.1.1 and earlier.2022-12-20not yet calculatedCVE-2022-46424
MISC
MISC
tp-link -- wr1043ndTP-Link TL-WR1043ND V1 3.13.15 and earlier allows authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process.2022-12-20not yet calculatedCVE-2022-46428
MISC
MISC
docconv -- docconvA vulnerability was found in docconv up to 1.2.0. It has been declared as critical. This vulnerability affects the function ConvertPDFImages of the file pdf_ocr.go. The manipulation of the argument path leads to os command injection. The attack can be initiated remotely. Upgrading to version 1.2.1 is able to address this issue. The name of the patch is b19021ade3d0b71c89d35cb00eb9e589a121faa5. It is recommended to upgrade the affected component. VDB-216502 is the identifier assigned to this vulnerability.2022-12-21not yet calculatedCVE-2022-4643
N/A
N/A
N/A
MISC
tp-link -- tl-wr740nTP-Link TL-WR740N V1 and V2 v3.12.4 and earlier allows authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process.2022-12-20not yet calculatedCVE-2022-46430
MISC
MISC
tp-link -- tl-wr743ndAn exploitable firmware modification vulnerability was discovered on TP-Link TL-WR743ND V1. An attacker can conduct a MITM (Man-in-the-Middle) attack to modify the user-uploaded firmware image and bypass the CRC check, allowing attackers to execute arbitrary code or cause a Denial of Service (DoS). This affects v3.12.20 and earlier.2022-12-20not yet calculatedCVE-2022-46432
MISC
MISC
tp-link -- tl-wa7510nAn issue in the firmware update process of TP-Link TL-WA7510N v1 v3.12.6 and earlier allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.2022-12-20not yet calculatedCVE-2022-46434
MISC
MISC
tp-link -- multiple_productsAn issue in the firmware update process of TP-Link TL-WR941ND V2/V3 up to 3.13.9 and TL-WR941ND V4 up to 3.12.8 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.2022-12-20not yet calculatedCVE-2022-46435
MISC
MISC
ikus060 -- rdiffwebOpen Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.4.2022-12-22not yet calculatedCVE-2022-4644
MISC
CONFIRM
ikus060 -- rdiffwebCross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.5.4.2022-12-22not yet calculatedCVE-2022-4646
CONFIRM
MISC
nbnbk -- nbnbkA Cross-Site Request Forgery (CSRF) vulnerability in the Add Administrator function of the default version of nbnbk allows attackers to arbitrarily add Administrator accounts.2022-12-22not yet calculatedCVE-2022-46491
MISC
nbnbk -- nbnbknbnbk commit 879858451d53261d10f77d4709aee2d01c72c301 was discovered to contain an arbitrary file read vulnerability via the component /api/Index/getFileBinary.2022-12-23not yet calculatedCVE-2022-46492
MISC
nbnbk -- nbnbkDefault version of nbnbk was discovered to contain an arbitrary file upload vulnerability via the component /api/User/download_img.2022-12-22not yet calculatedCVE-2022-46493
MISC
d-link -- dir-882_dir882a1_fw130b06D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the Password parameter in the SetWan2Settings module.2022-12-23not yet calculatedCVE-2022-46560
MISC
MISC
d-link -- dir-882_dir882a1_fw130b06D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the Password parameter in the SetWanSettings module.2022-12-23not yet calculatedCVE-2022-46561
MISC
MISC
d-link -- dir-882_dir882a1_fw130b06D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the PSK parameter in the SetQuickVPNSettings module.2022-12-23not yet calculatedCVE-2022-46562
MISC
MISC
d-link -- dir-882_dir882a1_fw130b06D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the Password parameter in the SetDynamicDNSSettings module.2022-12-23not yet calculatedCVE-2022-46563
MISC
MISC
d-link -- dir-882_dir882a1_fw130b06D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the Password parameter in the SetQuickVPNSettings module.2022-12-23not yet calculatedCVE-2022-46566
MISC
MISC
d-link -- dir-882_dir882a1_fw130b06D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the AccountPassword parameter in the SetSysEmailSettings module.2022-12-23not yet calculatedCVE-2022-46568
MISC
MISC
d-link -- dir-882_dir882a1_fw130b06D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the Key parameter in the SetWLanRadioSecurity module.2022-12-23not yet calculatedCVE-2022-46569
MISC
MISC
d-link -- dir-882_dir882a1_fw130b06D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the Password parameter in the SetWan3Settings module.2022-12-23not yet calculatedCVE-2022-46570
MISC
MISC
linux -- linux_kernelA flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.2022-12-22not yet calculatedCVE-2022-4662
MISC
MISC
d-link -- dir-846 a1_fw100a43D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the lan(0)_dhcps_staticlist parameter in the SetIpMacBindSettings function.2022-12-23not yet calculatedCVE-2022-46641
MISC
MISC
d-link -- dir-846 a1_fw100a43D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the auto_upgrade_hour parameter in the SetAutoUpgradeInfo function.2022-12-23not yet calculatedCVE-2022-46642
MISC
MISC
ampache -- ampacheUnrestricted Upload of File with Dangerous Type in GitHub repository ampache/ampache prior to 5.5.6.2022-12-23not yet calculatedCVE-2022-4665
CONFIRM
MISC
roxio -- creator ljbRoxio Creator LJB starts another program with an unquoted file path. Since a registered Windows service path contains spaces and are unquoted, if a malicious executable is placed on a certain path, the executable may be executed with the privilege of the Windows service. The affected product and versions are as follows: Roxio Creator LJB version number 12.2 build number 106B62B, version number 12.2 build number 106B63A, version number 12.2 build number 106B69A, version number 12.2 build number 106B71A, and version number 12.2 build number 106B74A)2022-12-21not yet calculatedCVE-2022-46662
MISC
MISC
ibm -- urbancode_deployIBM UrbanCode Deploy (UCD) 6.2.0.0 through 6.2.7.18, 7.0.5.0 through 7.0.5.13, 7.1.0.0 through 7.1.2.9, 7.2.0.0 through 7.2.3.2 and 7.3.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 242273.2022-12-20not yet calculatedCVE-2022-46771
MISC
MISC
usememos -- memosSensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository usememos/memos prior to 0.9.0.2022-12-23not yet calculatedCVE-2022-4683
CONFIRM
MISC
usememos -- memosImproper Access Control in GitHub repository usememos/memos prior to 0.9.0.2022-12-23not yet calculatedCVE-2022-4684
CONFIRM
MISC
usememos -- memosImproper Access Control in GitHub repository usememos/memos prior to 0.9.0.2022-12-23not yet calculatedCVE-2022-4685
CONFIRM
MISC
usememos -- memosImproper Authentication in GitHub repository usememos/memos prior to 0.9.0.2022-12-23not yet calculatedCVE-2022-4686
MISC
CONFIRM
usememos -- memosIncorrect Use of Privileged APIs in GitHub repository usememos/memos prior to 0.9.0.2022-12-23not yet calculatedCVE-2022-4687
CONFIRM
MISC
mozilla -- firefoxAn out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108.2022-12-22not yet calculatedCVE-2022-46871
MISC
MISC
mozilla -- multiple_productsAn attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages.<br>*This bug only affects Thunderbird for Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6.2022-12-22not yet calculatedCVE-2022-46872
MISC
MISC
MISC
MISC
mozilla -- firefoxBecause Firefox did not implement the <code>unsafe-hashes</code> CSP directive, an attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able to inject executable script. This would be severely constrained by the specified Content Security Policy of the document. This vulnerability affects Firefox < 108.2022-12-22not yet calculatedCVE-2022-46873
MISC
MISC
mozilla -- multiple_productsA file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could potentially led to user confusion and the execution of malicious code.<br/>*Note*: This issue was originally included in the advisories for Thunderbird 102.6, but a patch (specific to Thunderbird) was omitted, resulting in it actually being fixed in Thunderbird 102.6.1. This vulnerability affects Firefox < 108, Thunderbird < 102.6.1, Thunderbird < 102.6, and Firefox ESR < 102.6.2022-12-22not yet calculatedCVE-2022-46874
MISC
MISC
MISC
MISC
MISC
mozilla -- multiple_productsThe executable file warning was not presented when downloading .atloc and .ftploc files, which can run commands on a user's computer. <br>*Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6.2022-12-22not yet calculatedCVE-2022-46875
MISC
MISC
MISC
MISC
mozilla -- firefoxBy confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108.2022-12-22not yet calculatedCVE-2022-46877
MISC
MISC
mozilla -- multiple_productsMozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6.2022-12-22not yet calculatedCVE-2022-46878
MISC
MISC
MISC
MISC
mozilla -- firefoxMozilla developers and community members Lukas Bernhard, Gabriele Svelto, Randell Jesup, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 107. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 108.2022-12-22not yet calculatedCVE-2022-46879
MISC
MISC
usememos -- memosImproper Authorization in GitHub repository usememos/memos prior to 0.9.0.2022-12-23not yet calculatedCVE-2022-4688
CONFIRM
MISC
mozilla -- multiple_productsA missing check related to tex units could have led to a use-after-free and potentially exploitable crash.<br />*Note*: This advisory was added on December 13th, 2022 after we better understood the impact of the issue. The fix was included in the original release of Firefox 105. This vulnerability affects Firefox ESR < 102.6, Firefox < 105, and Thunderbird < 102.6.2022-12-22not yet calculatedCVE-2022-46880
MISC
MISC
MISC
MISC
mozilla -- multiple_productsAn optimization in WebGL was incorrect in some cases, and could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 106, Firefox ESR < 102.6, and Thunderbird < 102.6.2022-12-22not yet calculatedCVE-2022-46881
MISC
MISC
MISC
MISC
mozilla -- multiple_productsA use-after-free in WebGL extensions could have led to a potentially exploitable crash. This vulnerability affects Firefox < 107, Firefox ESR < 102.6, and Thunderbird < 102.6.2022-12-22not yet calculatedCVE-2022-46882
MISC
MISC
MISC
MISC
mozilla -- firefoxMozilla developers Gabriele Svelto, Yulia Startsev, Andrew McCreight and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 106. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.<br />*Note*: This advisory was added on December 13th, 2022 after discovering it was inadvertently left out of the original advisory. The fix was included in the original release of Firefox 107. This vulnerability affects Firefox < 107.2022-12-22not yet calculatedCVE-2022-46883
MISC
MISC
mozilla -- firefoxMozilla developers Timothy Nikkel, Ashley Hale, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 106.2022-12-22not yet calculatedCVE-2022-46885
MISC
MISC
usememos -- memosImproper Access Control in GitHub repository usememos/memos prior to 0.9.0.2022-12-23not yet calculatedCVE-2022-4689
CONFIRM
MISC
usememos -- memosCross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0.2022-12-23not yet calculatedCVE-2022-4690
CONFIRM
MISC
tp-link -- multiple_productsAn issue in the firmware update process of TP-Link TL-WA901ND V1 up to v3.11.2 and TL-WA901N V2 up to v3.12.16 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.2022-12-20not yet calculatedCVE-2022-46910
MISC
MISC
tp-link -- multiple_productsAn issue in the firmware update process of TP-Link TL-WR841N / TL-WA841ND V7 3.13.9 and earlier allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.2022-12-20not yet calculatedCVE-2022-46912
MISC
MISC
tp-link -- multiple_productsAn issue in the firmware update process of TP-LINK TL-WA801N / TL-WA801ND V1 v3.12.16 and earlier allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.2022-12-20not yet calculatedCVE-2022-46914
MISC
MISC
usememos -- memosCross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0.2022-12-23not yet calculatedCVE-2022-4692
CONFIRM
MISC
wordpress -- wordpressThe ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wp_user_cover_default_image_url’ parameter in versions up to, and including, 4.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.2022-12-23not yet calculatedCVE-2022-4697
MISC
MISC
wordpress -- wordpressThe ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several form fields in versions up to, and including, 4.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.2022-12-23not yet calculatedCVE-2022-4698
MISC
MISC
solarwinds-- hybrid_cloud_observabilitySensitive information was stored in plain text in a file that is accessible by a user with a local account in Hybrid Cloud Observability (HCO)/ SolarWinds Platform 2022.4. No other versions are affected2022-12-19not yet calculatedCVE-2022-47512
MISC
MISC
f-secure_safe_browser -- f-secure_safe_browserF-Secure SAFE Browser 19.1 before 19.2 for Android allows an IDN homograph attack.2022-12-23not yet calculatedCVE-2022-47524
CONFIRM
gossipsub -- gossipsubGossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score (and thus not be pruned from the network) even though it continuously misbehaves by never forwarding topic messages.2022-12-19not yet calculatedCVE-2022-47547
MISC
optee_os -- optee_osAn unprotected memory-access operation in optee_os in TrustedFirmware Open Portable Trusted Execution Environment (OP-TEE) before 3.20 allows a physically proximate adversary to bypass signature verification and install malicious trusted applications via electromagnetic fault injections.2022-12-19not yet calculatedCVE-2022-47549
MISC
MISC
apiman -- apimanApiman 1.5.7 through 2.2.3.Final has insufficient checks for read permissions within the Apiman Manager REST API. The root cause of the issue is the Apiman project's accidental acceptance of a large contribution that was not fully compatible with the security model of Apiman versions before 3.0.0.Final. Because of this, 3.0.0.Final is not affected by the vulnerability.2022-12-20not yet calculatedCVE-2022-47551
MISC
MISC
zoho -- manageengine_device_control_plusAn issue was discovered in the endpoint protection agent in Zoho ManageEngine Device Control Plus 10.1.2228.15. Despite configuring complete restrictions on USB pendrives, USB HDD devices, memory cards, USB connections to mobile devices, etc., it is still possible to bypass the USB restrictions by making use of a virtual machine (VM). This allows a file to be exchanged outside the laptop/system. VMs can be created by any user (even without admin rights). The data exfiltration can occur without any record in the audit trail of Windows events on the host machine.2022-12-20not yet calculatedCVE-2022-47577
MISC
MISC
zoho -- manageengine_device_control_plusAn issue was discovered in the endpoint protection agent in Zoho ManageEngine Device Control Plus 10.1.2228.15. Despite configuring complete restrictions on USB pendrives, USB HDD devices, memory cards, USB connections to mobile devices, etc., it is still possible to bypass the USB restrictions by booting into Safe Mode. This allows a file to be exchanged outside the laptop/system. Safe Mode can be launched by any user (even without admin rights). Data exfiltration can occur, and also malware might be introduced onto the system.2022-12-20not yet calculatedCVE-2022-47578
MISC
MISC
isode_m-vault -- isode_m-vaultIsode M-Vault 16.0v0 through 17.x before 17.0v24 can crash upon an LDAP v1 bind request.2022-12-21not yet calculatedCVE-2022-47581
MISC
libksba -- libksbaLibksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.2022-12-20not yet calculatedCVE-2022-47629
MISC
MISC
DEBIAN
MLIST
kyverno -- kyvernoAn image signature validation bypass vulnerability in Kyverno 1.8.3 and 1.8.4 allows a malicious image registry (or a man-in-the-middle attacker) to inject unsigned arbitrary container images into a protected Kubernetes cluster. This is fixed in 1.8.5. This has been fixed in 1.8.5 and mitigations are available for impacted releases.2022-12-23not yet calculatedCVE-2022-47633
MISC
MISC
MISC
CONFIRM
MISC
wildix_wms -- wildix_wmsWildix WMS 6 before 6.02.20221216, WMS 5 before 5.04.20221214, and WMS4 before 4.04.45396.23 allows Server-side request forgery (SSRF) via ZohoClient.php.2022-12-21not yet calculatedCVE-2022-47635
CONFIRM
jetbrains -- intellij-ideaIn JetBrains IntelliJ IDEA before 2022.3.1 the "Validate JSP File" action used the HTTP protocol to download required JAR files.2022-12-22not yet calculatedCVE-2022-47895
MISC
jetbrains -- intellij-ideaIn JetBrains IntelliJ IDEA before 2022.3.1 code Templates were vulnerable to SSTI attacks.2022-12-22not yet calculatedCVE-2022-47896
MISC
ayacms -- ayacmsAyaCMS 3.1.2 is vulnerable to file deletion via /aya/module/admin/fst_del.inc.php2022-12-22not yet calculatedCVE-2022-47926
MISC
misp -- mispIn MISP before 2.4.167, there is XSS in the template file uploads in app/View/Templates/upload_file.ctp.2022-12-22not yet calculatedCVE-2022-47928
MISC
io_finnet_tss-lib -- io_finnet_tss-libIO FinNet tss-lib before 2.0.0 allows a collision of hash values.2022-12-23not yet calculatedCVE-2022-47931
MISC
MISC
brave_browser -- brave_browserBrave Browser before 1.43.34 allowed a remote attacker to cause a denial of service via a crafted HTML file that mentions an ipfs:// or ipns:// URL. This vulnerability is caused by an incomplete fix for CVE-2022-47933.2022-12-24not yet calculatedCVE-2022-47932
MISC
MISC
MISC
MISC
brave_browser -- brave_browserBrave Browser before 1.42.51 allowed a remote attacker to cause a denial of service via a crafted HTML file that references the IPFS scheme. This vulnerability is caused by an uncaught exception in the function ipfs::OnBeforeURLRequest_IPFSRedirectWork() in ipfs_redirect_network_delegate_helper.cc.2022-12-24not yet calculatedCVE-2022-47933
MISC
MISC
MISC
MISC
MISC
brave_browser -- brave_browserBrave Browser before 1.43.88 allowed a remote attacker to cause a denial of service in private and guest windows via a crafted HTML file that mentions an ipfs:// or ipns:// URL. This is caused by an incomplete fix for CVE-2022-47932 and CVE-2022-47934.2022-12-24not yet calculatedCVE-2022-47934
MISC
MISC
MISC
MISC
MISC
linux -- ksmbdAn issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2misc.c has an out-of-bounds read and OOPS for SMB2_TREE_CONNECT.2022-12-23not yet calculatedCVE-2022-47938
MISC
MISC
MISC
MLIST
linux -- ksmbdAn issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c has a use-after-free and OOPS for SMB2_TREE_DISCONNECT.2022-12-23not yet calculatedCVE-2022-47939
MISC
MISC
MISC
MLIST
linux -- ksmbdAn issue was discovered in ksmbd in the Linux kernel 5.15 through 5.18 before 5.18.18. fs/ksmbd/smb2pdu.c lacks length validation in the non-padding case in smb2_write.2022-12-23not yet calculatedCVE-2022-47940
MISC
MISC
MISC
MLIST
linux -- ksmbdAn issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c omits a kfree call in certain smb2_handle_negotiate error conditions, aka a memory leak.2022-12-23not yet calculatedCVE-2022-47941
MISC
MISC
MISC
MLIST
linux -- ksmbdAn issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is a heap-based buffer overflow in set_ntacl_dacl, related to use of SMB2_QUERY_INFO_HE after a malformed SMB2_SET_INFO_HE command.2022-12-23not yet calculatedCVE-2022-47942
MISC
MISC
MISC
MLIST
linux -- ksmbdAn issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is an out-of-bounds read and OOPS for SMB2_WRITE, when there is a large length in the zero DataOffset case.2022-12-23not yet calculatedCVE-2022-47943
MISC
MISC
MISC
MLIST
thinkphp_framework -- thinkphp_frameworkThinkPHP Framework before 6.0.14 allows local file inclusion via the lang parameter when the language pack feature is enabled (lang_switch_on=true). An unauthenticated and remote attacker can exploit this to execute arbitrary operating system commands, as demonstrated by including pearcmd.php.2022-12-23not yet calculatedCVE-2022-47945
MISC
MISC
MISC
linux -- kernelAn issue was discovered in the Linux kernel 5.10.x before 5.10.155. A use-after-free in io_sqpoll_wait_sq in fs/io_uring.c allows an attacker to crash the kernel, resulting in denial of service. finish_wait can be skipped. An attack can occur in some situations by forking a process and then quickly terminating it. NOTE: later kernel versions, such as the 5.15 longterm series, substantially changed the implementation of io_sqpoll_wait_sq.2022-12-23not yet calculatedCVE-2022-47946
MISC
MISC
nintendo -- networkbuffer
 
The Nintendo NetworkBuffer class, as used in Animal Crossing: New Horizons before 2.0.6 and other products, allows remote attackers to execute arbitrary code via a large UDP packet that causes a buffer overflow, aka ENLBufferPwn. The victim must join a game session with the attacker. Other affected products include Mario Kart 7 before 1.2, Mario Kart 8, Mario Kart 8 Deluxe before 2.1.0, ARMS before 5.4.1, Splatoon, Splatoon 2 before 5.5.1, Splatoon 3 before late 2022, Super Mario Maker 2 before 3.0.2, and Nintendo Switch Sports before late 2022.2022-12-24not yet calculatedCVE-2022-47949
MISC

Back to top

Please share your thoughts

We recently updated our anonymous product survey; we’d welcome your feedback.